{"id":28741252,"url":"https://github.com/coder/boundary-releases","last_synced_at":"2025-06-16T07:11:34.521Z","repository":{"id":283819473,"uuid":"952630548","full_name":"coder/boundary-releases","owner":"coder","description":"A simple process isolator for Linux that provides lightweight isolation focused on AI and development environments.","archived":false,"fork":false,"pushed_at":"2025-06-09T08:00:34.000Z","size":5,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-06-13T14:06:41.302Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/coder.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-03-21T15:49:50.000Z","updated_at":"2025-05-25T20:56:20.000Z","dependencies_parsed_at":null,"dependency_job_id":"aec22d37-0cb2-4641-9c02-c068df9d3829","html_url":"https://github.com/coder/boundary-releases","commit_stats":null,"previous_names":["coder/boundary-releases"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/coder/boundary-releases","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coder%2Fboundary-releases","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coder%2Fboundary-releases/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coder%2Fboundary-releases/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coder%2Fboundary-releases/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/coder","download_url":"https://codeload.github.com/coder/boundary-releases/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coder%2Fboundary-releases/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":260116634,"owners_count":22961066,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-06-16T07:11:33.637Z","updated_at":"2025-06-16T07:11:34.503Z","avatar_url":"https://github.com/coder.png","language":null,"readme":"# Boundary\n\nA simple process isolator for Linux that provides lightweight isolation focused\non AI and development environments.\n\n## Overview\n\nBoundary allows you to run processes in isolated environments using Linux namespaces\nwhile providing:\n\n- Filesystem isolation with OverlayFS or fallback file copying\n- Docker/OCI container image support\n- Network isolation with port forwarding\n- User namespace isolation\n- Mount host directories into containers\n- Run commands as different users inside containers\n\n## Installation\n\n### From a preview release\n\n```bash\nwget https://github.com/coder/boundary-releases/releases/download/preview/boundary-$(uname -m) -O boundary\nchmod +x boundary\nsudo mv ./boundary /usr/local/bin/boundary\n```\n\n### From Source\n\n```bash\nmake\nmake install\n```\n\n## Usage\n\n### Basic Usage\n\nRun a bash shell in an isolated environment:\n\n```bash\nboundary\n```\n\n### Using a Container Image\n\nRun a command in a specific container image:\n\n```bash\nboundary --image alpine -- /bin/sh\n```\n\n### Using Claude Code\n\n```bash\nboundary \\\n  --image ghcr.io/thomask33/claude-code-devcontainer:latest \\\n  --run-as-user node -- claude\n```\n\n### Using Coder Claude Code integration\n\nMake sure that the coder CLI is available on your local system.\n\n```bash\nboundary \\\n  --image ghcr.io/thomask33/claude-code-devcontainer:latest \\\n  --run-as-user node \\\n  --binaries coder -- coder agent claude\n```\n\nor via environment variables:\n\n```bash\nexport BOUNDARY_IMAGE=ghcr.io/thomask33/claude-code-devcontainer:latest\nexport BOUNDARY_BINARIES=coder\nexport BOUNDARY_RUN_AS_USER=node\n\nboundary -- coder agent claude\n```\n\nor via config file:\n\n```bash\ncat \u003c\u003c EOF \u003e boundary.yaml\ncontainer:\n  image: ghcr.io/thomask33/claude-code-devcontainer:latest\n  binaries:\n    - coder\n  user:\n    runAs: node\nEOF\n\nboundary -c boundary.yaml -- coder agent claude\n\n# or configured via environment variables\n\nexport BOUNDARY_CONFIG_PATH=$(realpath ./boundary.yaml)\nboundary -- coder agent claude\n```\n\n### Limiting Claude Code internet access\n\nThe Claude Code devcontainer image contains a [firewall script](https://github.com/anthropics/claude-code/blob/555b6b5b8a5f06f1e8725a584e62fb6b7c8eece5/.devcontainer/init-firewall.sh)\nto limit internet access using standard iptables rules.\nThis script comes embedded in the devcontainer image and will block any request\nthat is not targeted at IP addresses belonging to Github, `registry.npmjs.org`,\n`api.anthropic.com`, `sentry.io`, `statsig.anthropic.com`, `statsig.com`.\n\n\u003cdetails\u003e\n\u003csummary\u003einit-firewall.sh\u003c/summary\u003e\n\n\u003c!-- `$ curl https://raw.githubusercontent.com/anthropics/claude-code/refs/heads/main/.devcontainer/init-firewall.sh` as bash --\u003e\n\n```bash\n#!/bin/bash\nset -euo pipefail  # Exit on error, undefined vars, and pipeline failures\nIFS=$'\\n\\t'       # Stricter word splitting\n\n# Flush existing rules and delete existing ipsets\niptables -F\niptables -X\niptables -t nat -F\niptables -t nat -X\niptables -t mangle -F\niptables -t mangle -X\nipset destroy allowed-domains 2\u003e/dev/null || true\n\n# First allow DNS and localhost before any restrictions\n# Allow outbound DNS\niptables -A OUTPUT -p udp --dport 53 -j ACCEPT\n# Allow inbound DNS responses\niptables -A INPUT -p udp --sport 53 -j ACCEPT\n# Allow outbound SSH\niptables -A OUTPUT -p tcp --dport 22 -j ACCEPT\n# Allow inbound SSH responses\niptables -A INPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT\n# Allow localhost\niptables -A INPUT -i lo -j ACCEPT\niptables -A OUTPUT -o lo -j ACCEPT\n\n# Create ipset with CIDR support\nipset create allowed-domains hash:net\n\n# Fetch GitHub meta information and aggregate + add their IP ranges\necho \"Fetching GitHub IP ranges...\"\ngh_ranges=$(curl -s https://api.github.com/meta)\nif [ -z \"$gh_ranges\" ]; then\n    echo \"ERROR: Failed to fetch GitHub IP ranges\"\n    exit 1\nfi\n\nif ! echo \"$gh_ranges\" | jq -e '.web and .api and .git' \u003e/dev/null; then\n    echo \"ERROR: GitHub API response missing required fields\"\n    exit 1\nfi\n\necho \"Processing GitHub IPs...\"\nwhile read -r cidr; do\n    if [[ ! \"$cidr\" =~ ^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}/[0-9]{1,2}$ ]]; then\n        echo \"ERROR: Invalid CIDR range from GitHub meta: $cidr\"\n        exit 1\n    fi\n    echo \"Adding GitHub range $cidr\"\n    ipset add allowed-domains \"$cidr\"\ndone \u003c \u003c(echo \"$gh_ranges\" | jq -r '(.web + .api + .git)[]' | aggregate -q)\n\n# Resolve and add other allowed domains\nfor domain in \\\n    \"registry.npmjs.org\" \\\n    \"api.anthropic.com\" \\\n    \"sentry.io\" \\\n    \"statsig.anthropic.com\" \\\n    \"statsig.com\"; do\n    echo \"Resolving $domain...\"\n    ips=$(dig +short A \"$domain\")\n    if [ -z \"$ips\" ]; then\n        echo \"ERROR: Failed to resolve $domain\"\n        exit 1\n    fi\n    \n    while read -r ip; do\n        if [[ ! \"$ip\" =~ ^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}$ ]]; then\n            echo \"ERROR: Invalid IP from DNS for $domain: $ip\"\n            exit 1\n        fi\n        echo \"Adding $ip for $domain\"\n        ipset add allowed-domains \"$ip\"\n    done \u003c \u003c(echo \"$ips\")\ndone\n\n# Get host IP from default route\nHOST_IP=$(ip route | grep default | cut -d\" \" -f3)\nif [ -z \"$HOST_IP\" ]; then\n    echo \"ERROR: Failed to detect host IP\"\n    exit 1\nfi\n\nHOST_NETWORK=$(echo \"$HOST_IP\" | sed \"s/\\.[0-9]*$/.0\\/24/\")\necho \"Host network detected as: $HOST_NETWORK\"\n\n# Set up remaining iptables rules\niptables -A INPUT -s \"$HOST_NETWORK\" -j ACCEPT\niptables -A OUTPUT -d \"$HOST_NETWORK\" -j ACCEPT\n\n# Set default policies to DROP first\n# Set default policies to DROP first\niptables -P INPUT DROP\niptables -P FORWARD DROP\niptables -P OUTPUT DROP\n\n# First allow established connections for already approved traffic\niptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT\niptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT\n\n# Then allow only specific outbound traffic to allowed domains\niptables -A OUTPUT -m set --match-set allowed-domains dst -j ACCEPT\n\necho \"Firewall configuration complete\"\necho \"Verifying firewall rules...\"\nif curl --connect-timeout 5 https://example.com \u003e/dev/null 2\u003e\u00261; then\n    echo \"ERROR: Firewall verification failed - was able to reach https://example.com\"\n    exit 1\nelse\n    echo \"Firewall verification passed - unable to reach https://example.com as expected\"\nfi\n\n# Verify GitHub API access\nif ! curl --connect-timeout 5 https://api.github.com/zen \u003e/dev/null 2\u003e\u00261; then\n    echo \"ERROR: Firewall verification failed - unable to reach https://api.github.com\"\n    exit 1\nelse\n    echo \"Firewall verification passed - able to reach https://api.github.com as expected\"\nfi\n```\n\n\u003c/details\u003e\n\n\u003cbr /\u003e\n\nThis script can be run in boundary by:\n\n```bash\n# Launch the boundary\nboundary --image ghcr.io/thomask33/claude-code-devcontainer:latest\n\n# Within the boundary we can now setup networking rules using\ninit-firewall.sh\n\n# We can verify this by running curl and waiting for it to timeout in 5 seconds\ncurl --max-time 5 https://example.com\n\n# Then we can launch Claude Code and work as normal\nclaude\n```\n\n### Configuration Options\n\nBoundary offers several configuration options, one can list them using:\n\n```$ as bash\nboundary --help\n```\n\n```bash\nUSAGE:\n  boundary\n\n  Linux process isolation tool\n\nSUBCOMMANDS:\n    generate-config    Generate a boundary configuration file\n    version            Display version information\n\nOPTIONS:\n      --boundary-dir string, $BOUNDARY_DIR (default: /home/thomask33.linux/.boundary)\n          Base directory for boundary files and directories.\n\n  -c, --config yaml-config-path, $BOUNDARY_CONFIG_PATH\n          Specify a YAML file to load configuration from.\n\n      --debug bool, $BOUNDARY_DEBUG\n          Enable debug mode and logging.\n\n      --fork bool, $BOUNDARY_FORK (default: false)\n          Use fork+exec instead of syscall.Exec.\n\nCONTAINER OPTIONS: \n      --binaries string-array, $BOUNDARY_BINARIES\n          List of binaries to copy.\n\n      --container-name string, $BOUNDARY_CONTAINER_NAME\n          Assign a name to the container. (if empty a name will be generated).\n\n      --image string, $BOUNDARY_IMAGE\n          The image to use as rootfs.\n\nCONTAINER / MOUNT OPTIONS: \n      --mount-certs bool, $BOUNDARY_MOUNT_CERTS (default: true)\n          Mount SSL certificate files for HTTPS connections.\n\n      --mount-dns bool, $BOUNDARY_MOUNT_DNS (default: false)\n          Mount DNS configuration files for name resolution.\n\n      --mount-pwd bool, $BOUNDARY_MOUNT_PWD (default: true)\n          Mount the current pwd as read write into the namespace.\n\n      --require-proc bool, $BOUNDARY_REQUIRE_PROC (default: true)\n          Whether to require successful mounting of procfs (fail if mounting\n          fails).\n\n      --require-sysfs bool, $BOUNDARY_REQUIRE_SYSFS (default: true)\n          Whether to require successful mounting of sysfs (fail if mounting\n          fails).\n\nCONTAINER / NETWORK OPTIONS: \n      --network bool, $BOUNDARY_NETWORK (default: true)\n          Create a network namespace for the isolated process.\n\n      --port-forward string, $BOUNDARY_PORT_FORWARD\n          Port forwarding configuration in format\n          'hostPort1:containerPort1,hostPort2:containerPort2'.\n\nCONTAINER / OVERLAYFS OPTIONS: \n      --overlayfs bool, $BOUNDARY_OVERLAYFS (default: true)\n          Use OverlayFS for container filesystem (improves performance and\n          reduces disk usage).\n\n      --overlayfs-persist bool, $BOUNDARY_OVERLAYFS_PERSIST (default: false)\n          Persist container filesystem changes after exit.\n\nCONTAINER / UTS OPTIONS: \n      --hostname string, $BOUNDARY_HOSTNAME (default: boundary)\n          Set the hostname for the container.\n\nCONTAINER / USER OPTIONS: \n      --run-as-user string, $BOUNDARY_RUN_AS_USER\n          User to run the command as inside the container (defaults to root if\n          empty).\n\n      --user-namespace bool, $BOUNDARY_USER_NAMESPACE (default: true)\n          Create a user namespace for the isolated process.\n\n      --user-namespace-map-mode string, $BOUNDARY_USER_NAMESPACE_MAP_MODE (default: full)\n          User namespace mapping mode: 'basic' or 'full'.\n\n```\n\n#### Generate Configuration File\n\nBoundary can generate a complete configuration file with default values and documentation:\n\n```$ as yaml\n# Generate and display configuration (stdout)\nboundary generate-config\n```\n\n```yaml\ncontainer:\n    # List of binaries to copy.\n    # (default: \u003cunset\u003e, type: string-array)\n    binaries: []\n    # Assign a name to the container. (if empty a name will be generated).\n    # (default: \u003cunset\u003e, type: string)\n    name: \"\"\n    uts:\n        # Set the hostname for the container.\n        # (default: boundary, type: string)\n        hostname: boundary\n    # The image to use as rootfs.\n    # (default: \u003cunset\u003e, type: string)\n    image: \"\"\n    mount:\n        # Mount SSL certificate files for HTTPS connections.\n        # (default: true, type: bool)\n        certs: true\n        # Mount DNS configuration files for name resolution.\n        # (default: false, type: bool)\n        dns: false\n        # Mount the current pwd as read write into the namespace.\n        # (default: true, type: bool)\n        pwd: true\n        # Whether to require successful mounting of procfs (fail if mounting fails).\n        # (default: true, type: bool)\n        require-proc: true\n        # Whether to require successful mounting of sysfs (fail if mounting fails).\n        # (default: true, type: bool)\n        require-sysfs: true\n    network:\n        # Create a network namespace for the isolated process.\n        # (default: true, type: bool)\n        enable: true\n        # Port forwarding configuration in format\n        # 'hostPort1:containerPort1,hostPort2:containerPort2'.\n        # (default: \u003cunset\u003e, type: string)\n        portForward: \"\"\n    overlayfs:\n        # Use OverlayFS for container filesystem (improves performance and reduces disk\n        # usage).\n        # (default: true, type: bool)\n        enable: true\n        # Persist container filesystem changes after exit.\n        # (default: false, type: bool)\n        persist: false\n    user:\n        # User to run the command as inside the container (defaults to root if empty).\n        # (default: \u003cunset\u003e, type: string)\n        runAs: \"\"\n        # Create a user namespace for the isolated process.\n        # (default: true, type: bool)\n        enable: true\n        # User namespace mapping mode: 'basic' or 'full'.\n        # (default: full, type: string)\n        mode: full\n\n```\n\nThe generated file includes:\n\n- Default values pre-populated\n- Detailed descriptions as comments\n- Type information for each field\n- Hierarchical organization of related settings\n\n## Development\n\n### Requirements\n\n- Nix (only supported development environment)\n\n### Build\n\n```bash\n# Enter development shell\nnix develop\n\n# Build the binary\nnix build\n\n# Clean build artifacts\nmake clean\n```\n\n### Testing\n\n```bash\n# Run all tests\ngo test ./...\n\n# Run a specific test\ngo test github.com/coder/boundary/package -run TestName\n```\n\n### Code Quality\n\n```bash\n# Format code\nnix fmt\n\n# Lint code\nGOOS=linux golangci-lint run\n```\n\n## Troubleshooting\n\nIf you encounter \"operation not permitted\" errors when mounting tmpfs in user\nnamespaces, it may be related to AppArmor restrictions. For development purposes,\nyou can temporarily disable AppArmor:\n\n```bash\n# Disable AppArmor completely (for development only)\nsudo systemctl stop apparmor\nsudo systemctl disable apparmor\n\n# Set the profile for a specific binary to complain mode\nsudo aa-complain /path/to/binary\n```\n\n## License\n\nTBD: \\[License information\\]\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcoder%2Fboundary-releases","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcoder%2Fboundary-releases","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcoder%2Fboundary-releases/lists"}