https://github.com/xendarboh/xendev
A modern portable sandboxed terminal-based vim-centric development environment.
https://github.com/xendarboh/xendev
containers dotfiles ide neovim sandbox spacevim terminal tmux
Last synced: 29 days ago
JSON representation
A modern portable sandboxed terminal-based vim-centric development environment.
- Host: GitHub
- URL: https://github.com/xendarboh/xendev
- Owner: xendarboh
- License: gpl-3.0
- Created: 2022-05-17T23:54:29.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2025-10-21T22:29:24.000Z (4 months ago)
- Last Synced: 2025-10-22T00:21:57.926Z (4 months ago)
- Topics: containers, dotfiles, ide, neovim, sandbox, spacevim, terminal, tmux
- Language: Dockerfile
- Homepage:
- Size: 450 KB
- Stars: 3
- Watchers: 1
- Forks: 1
- Open Issues: 11
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Agents: AGENTS.md
Awesome Lists containing this project
README
# xen/dev:latest
[](LICENSE)
A modern portable sandboxed (dockerized) terminal-based vim-centric development environment.
Overpowered "dotfiles" intended to run in a number of ways; either within a:
- customized sandboxed gpu-accelerated terminal (recommended)
- x11docker-powered full, but minimal, desktop (interesting)
- terminal of your choice (minimal requirements)
Note: Developed on and for Linux; other host compatibility is unknown.
## Quickstart
```sh
mkdir ~/src && cd ~/src
git clone https://github.com/xendarboh/xendev.git
cd xendev
cp .env-example .env
# edit .env to enable optionals or set specific versions
make build
./xendev
```
## Tools
- [Neovim](https://github.com/neovim/neovim): Vim-fork focused on extensibility and usability
- [LazyVim](https://github.com/LazyVim/LazyVim): Neovim config for the lazy (_INSTALL_NVIM_LAZYVIM_)
- [avante.nvim](https://github.com/yetone/avante.nvim): Use your Neovim like using Cursor AI IDE!
- [better-escape.nvim](https://github.com/max397574/better-escape.nvim): Escape from insert mode without delay when typing
- [markdown-preview.nvim](https://github.com/iamcco/markdown-preview.nvim): markdown preview plugin for (neo)vim
- [noir.nvim](https://github.com/noir-lang/noir-nvim): A NeoVim plugin providing syntax highlighting and LSP support for Noir
- [nx.vmim](https://github.com/Equilibris/nx.nvim): A simple tool providing the same features as the NX console does for vs-code
- [smart-splits.nvim](https://github.com/mrjones2014/smart-splits.nvim): Smart, seamless, directional navigation and resizing of Neovim + terminal multiplexer splits
- [wakatime.nvim](https://github.com/wakatime/vim-wakatime): Vim plugin for automatic time tracking and metrics generated from your programming activity
- [Nix](https://github.com/NixOS/nix): Nix, the purely functional package manager (_INSTALL_NIX_)
- [Node.js](https://github.com/nodejs/node): Node.js JavaScript runtime
- [pnpm](https://github.com/pnpm/pnpm): Fast, disk space efficient package manager
- [yarn](https://github.com/yarnpkg/yarn): Fast, reliable, and secure dependency management
- [fnm](https://github.com/Schniz/fnm): Fast and simple Node.js version manager, built in Rust
- [npm-check-updates](https://github.com/raineorshine/npm-check-updates): Find newer versions of package dependencies than what your package.json allows
- [npm-check](https://github.com/dylang/npm-check): Check for outdated, incorrect, and unused dependencies
- [OpenCode](https://github.com/anomalyco/opencode): The open source coding agent. (_INSTALL_OPENCODE_)
- [oh-my-opencode](https://github.com/code-yeongyu/oh-my-opencode): The Best Agent Harness. Meet Sisyphus: The Batteries-Included Agent that codes like you
- [Rust](https://github.com/rust-lang/rust): Empowering everyone to build reliable and efficient software
- [cargo-edit](https://github.com/killercup/cargo-edit): A utility for managing cargo dependencies from the command line
- [rust-analyzer](https://github.com/rust-lang/rust-analyzer): A Rust compiler front-end for IDEs
- [rustup](https://github.com/rust-lang/rustup): The Rust toolchain installer
- [Noir](https://github.com/noir-lang/noir): Noir is a domain specific language for zero knowledge proofs (_INSTALL_NOIR_)
- [barretenberg](https://github.com/AztecProtocol/aztec-packages/blob/next/noir-projects): The ZK prover backend that provides succinct verifiability for Aztec. Also houses the Aztec VM
- [Brave Browser](https://github.com/brave/brave-browser) (_INSTALL_BROWSER_BRAVE_)
- [Chromium Browser](https://github.com/chromium/chromium): an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web (_INSTALL_BROWSER_CHROMIUM_)
- [Tomb](https://github.com/dyne/Tomb): the Crypto Undertaker (_INSTALL_TOMB_)
- [aicommits](https://github.com/Nutlope/aicommits): A CLI that writes your git commit messages for you with AI
- [bun](https://github.com/oven-sh/bun): Incredibly fast JavaScript runtime, bundler, test runner, and package manager – all in one
- [circom](https://github.com/iden3/circom): zkSnark circuit compiler (_INSTALL_CIRCOM_)
- [claude-code](https://github.com/anthropics/claude-code): an agentic coding tool that lives in your terminal, understands your codebase, and helps you code faster by executing routine tasks, explaining complex code, and ...
- [cpanminus](https://github.com/miyagawa/cpanminus): get, unpack, build and install modules from CPAN
- [cypress](https://github.com/cypress-io/cypress): (deps) Fast, easy and reliable testing for anything that runs in a browser (_INSTALL_CYPRESS_DEPS_)
- [deno](https://github.com/denoland/deno): A modern runtime for JavaScript and TypeScript
- [diff-so-fancy](https://github.com/so-fancy/diff-so-fancy): Good-lookin' diffs. Actually… nah… The best-lookin' diffs
- [exa](https://github.com/ogham/exa): A modern replacement for ‘ls’
- [fastmod](https://github.com/facebookincubator/fastmod): A tool to assist with large-scale codebase refactors
- [fd](https://github.com/sharkdp/fd): A simple, fast and user-friendly alternative to 'find'
- [fish-shell](https://github.com/fish-shell/fish-shell): The user-friendly command line shell
- [fisher](https://github.com/jorgebucaran/fisher): A plugin manager for Fish
- [fish-exa](https://github.com/gazorby/fish-exa): exa aliases for fish
- [fish-gruvbox](https://github.com/Jomik/fish-gruvbox): gruvbox theme for fish
- [fish-nx](https://github.com/jukben/fish-nx): Fish completions for Nx
- [nix-env.fish](https://github.com/lilyball/nix-env.fish): Nix environment setup for the fish shell (_INSTALL_NIX_)
- [fleek-cli](https://github.com/fleekhq/fleek-cli): Use Fleek to deploy websites and apps on the open web: permissionless, trustless, censorship resistant, and free of centralized gatekeepers
- [fzf](https://github.com/junegunn/fzf): A command-line fuzzy finder
- [git](https://github.com/git/git) (latest stable version)
- [gh](https://github.com/cli/cli): GitHub’s official command line tool
- [git-absorb](https://github.com/tummychow/git-absorb): git commit --fixup, but automatic
- [git-crypt](https://github.com/xendarboh/git-crypt): \[fork\] Transparent file encryption in git
- [git-filter-repo](https://github.com/newren/git-filter-repo): Quickly rewrite git repository history (filter-branch replacement)
- gfr-bfg-ish: A re-implementation of most of BFG Repo Cleaner, with new features and bug fixes
- gfr-clean-ignore: Delete files from history which match current gitignore rules
- gfr-insert-beginning: Add a new file (e.g. LICENSE/COPYING) to the beginning of history
- gfr-lint-history: Run some lint command on all non-binary files in history
- gfr-signed-off-by: Add a Signed-off-by tag to a range of commits
- [git-lfs](https://github.com/git-lfs/git-lfs): Git extension for versioning large files
- [lazygit](https://github.com/jesseduffield/lazygit): Simple terminal UI for git commands
- [go](https://github.com/golang/go): The Go programming language
- [jq](https://github.com/stedolan/jq): Command-line JSON processor
- [kpcli](http://kpcli.sourceforge.net/): A command line interface for KeePass
- [llvm-project](https://github.com/llvm/llvm-project): (clang) A collection of modular and reusable compiler and toolchain technologies (_INSTALL_LLVM_)
- [ncdu](https://code.blicky.net/yorhel/ncdu): NCurses Disk Usage
- [ninja-build](https://github.com/ninja-build/ninja): A small build system with a focus on speed
- [platformio-core](https://github.com/platformio/platformio-core): A professional collaborative platform for embedded development (_INSTALL_PLATFORMIO_)
- [prettier](https://github.com/prettier/prettier): Prettier is an opinionated code formatter
- [protobuf](https://github.com/protocolbuffers/protobuf): Protocol Buffers - Google's data interchange format (_INSTALL_PB_)
- [buf](https://github.com/bufbuild/buf): A new way of working with Protocol Buffers
- [ranger](https://github.com/ranger/ranger): A VIM-inspired filemanager for the console
- [ripgrep](https://github.com/BurntSushi/ripgrep): recursively searches directories for a regex pattern while respecting your gitignore
- [silversearcher-ag](https://github.com/ggreer/the_silver_searcher): A code-searching tool similar to ack, but faster
- [solidity](https://github.com/ethereum/solidity): Solidity, the Smart Contract Programming Language
- [spacer](https://github.com/samwho/spacer): CLI tool to insert spacers when command output stops
- [sqlite](https://github.com/sqlite/sqlite): a small, fast, self-contained, high-reliability, full-featured, SQL database engine
- [starship](https://github.com/starship/starship): The minimal, blazing-fast, and infinitely customizable prompt for any shell!
- [stow](https://github.com/aspiers/stow): a symlink farm manager
- [tauri-cli](https://github.com/tauri-apps/tauri): Build smaller, faster, and more secure desktop and mobile applications with a web frontend (_INSTALL_TAURI_)
- [tmux](https://github.com/tmux/tmux): A terminal multiplexer
- [tpm](https://github.com/tmux-plugins/tpm): Tmux Plugin Manager
- [tmux-gruvbox](https://github.com/egel/tmux-gruvbox): Gruvbox color scheme for Tmux
- [tmux-resurrect](https://github.com/tmux-plugins/tmux-resurrect): Persists tmux environment across system restarts
- [tmux-window-name](https://github.com/ofirgall/tmux-window-name): A plugin to name your tmux windows smartly
- [watchexec](https://github.com/watchexec/watchexec): Executes commands in response to file modifications
- [websocat](https://github.com/vi/websocat): Command-line client for WebSockets, like netcat (or curl) for ws:// with advanced socat-like functions
- [xclip](https://github.com/astrand/xclip): Command line interface to the X11 clipboard
- [zoxide](https://github.com/ajeetdsouza/zoxide): A smarter cd command
- _INSTALL_DEVOPS_
- [AWS CLI v2](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html): enables interaction with AWS services
- [Ansible](https://github.com/ansible/ansible): a radically simple IT automation system
- [OpenTofu](https://github.com/opentofu/opentofu): declaratively manage your cloud infrastructure
- [Packer](https://github.com/hashicorp/packer): a tool for creating identical machine images for multiple platforms from a single source configuration
- [Terraform](https://github.com/hashicorp/terraform): enables you to safely and predictably create, change, and improve infrastructure.
- [terraform-local](https://github.com/localstack/terraform-local): Terraform CLI wrapper to deploy your Terraform applications directly to LocalStack
Optional runtime scripts in [setup.d/](setup.d/) can be run inside a container to install additional tools on-demand:
- [Aztec](https://github.com/AztecProtocol/aztec-packages): Privacy-first L2 on Ethereum; installs CLI, local network, and related tooling ([xen/sys](#docker-in-docker-with-sysbox))
Additionally (and optionally), the following are within the X11 base image:
- [Xfce](https://gitlab.xfce.org/xfce): A lightweight desktop environment for UNIX-like operating systems. It aims to be fast and low on system resources, while still being visually appealing and user friendly.
- [kitty](https://github.com/kovidgoyal/kitty): Cross-platform, fast, feature-rich, GPU based terminal
- [kitty-gruvbox-theme](https://github.com/wdomitrz/kitty-gruvbox-theme): Gruvbox theme for kitty terminal
- [ImageMagick](https://github.com/ImageMagick/ImageMagick): Software suite for displaying, converting, and editing raster image and vector image files
- [nerd-fonts](https://github.com/ryanoasis/nerd-fonts): Developer targeted fonts with a high number of glyphs (icons)
- [Hack](https://github.com/ryanoasis/nerd-fonts/tree/master/patched-fonts/Hack): A typeface designed for source code
Powered-by:
- [x11docker](https://github.com/mviereck/x11docker): Run GUI applications and desktops in docker and podman containers. Focus on security.
- [sysbox](https://github.com/nestybox/sysbox): Next-generation container runtime for secure, easy Docker-in-Docker (optional)
## Build
### Host Requirements
- docker or podman
- docker compose
- x11docker (not required for tty-only)
- x11docker gpu support
- sysbox (optional, for Docker-in-Docker via `xendev.sys`)
- make (or manually run the commands in [Makefile](Makefile))
### Configure
Edit `.env` to set specific versions and optional installations.
### Build Image(s)
#### Build the full image with X11 support
```sh
make build
```
#### Or build the tty-only image
```sh
make build-tty
```
#### See all make commands
```sh
❯ make 2023-01-21 14:02:33
help print this help message with some nifty mojo
build build docker image with X11 support
rebuild rebuild docker image with X11 support
build-tty build tty-only docker image
rebuild-tty (re)build tty-only docker image with --no-cache --pull
```
## Run
Launcher scripts provide ready-to-use configurations for common use cases. They share host directories (ssh, gpg, git config, `~/src`) with the container.
| Script | Description |
| -------------------------- | -------------------------------------------------------- |
| [xendev](./xendev) | Main launcher with x11docker, GPU, and clipboard support |
| [xendev.gpu](./xendev.gpu) | Direct GPU access for maximum GPU performance |
| [xendev.sys](./xendev.sys) | Docker-in-Docker via sysbox runtime |
| [xendev.tty](./xendev.tty) | TTY-only mode, no x11docker required |
### Other Examples
x11docker desktop mode — fully sandboxed desktop in a window:
```sh
x11docker --desktop --gpu --clipboard --network -- xen/dev
```
x11docker TTY mode — run in your terminal with clipboard support:
```sh
x11docker --tty --interactive --clipboard --network -- xen/dev
```
### Docker-in-Docker with Sysbox
For running Docker inside xendev (e.g., building images, running containers), use `./xendev.sys` with the [sysbox](https://github.com/nestybox/sysbox) runtime. Sysbox provides secure, rootless Docker-in-Docker without privileged mode.
**Installation**: Follow the [sysbox installation guide](https://github.com/nestybox/sysbox/blob/master/docs/user-guide/install-package.md#installing-sysbox).
**Tradeoffs**:
- No `--gpu=direct` (uses `--gpu` fallback)
- No `--network=host` (uses bridged networking)
- Secure Docker-in-Docker without `--privileged`
- Persistent Docker storage at `~/.local/share/xendev/sysbox/var-lib-docker`
### Notes
- Host terminal ideally has truecolor support and a [nerd-fonts](https://github.com/ryanoasis/nerd-fonts) patched font (use scripts in [test/](test/) to verify)
- Some applications need more privileges than x11docker provides by default; see x11docker [privilege checks](https://github.com/mviereck/x11docker#privilege-checks)
- TTY-only mode (`xendev.tty`) works on headless servers with minimal requirements (`docker` or `podman` only)
## Preferences & Philosophy
- modern latest greatest terminal utilities and versions
- reproducible personal development environment
- default to current LTS versions
- [FROM ubuntu](https://hub.docker.com/_/ubuntu)
- vi-style key bindings
- dark [gruvbox](https://github.com/morhetz/gruvbox) color scheme
- `LOCALE=en_US.UTF-8` (overridden by x11docker)
- analog choice of sandboxed security vs function
## Tests
See the shell scripts within the [test](test/) directory for tests to confirm
host-mapped gpg support, terminal font rendering (truecolor, glyphs, italics)
capabilities, etc.
## Customization & Notes
See [conf/](conf/) files.
### git
To include xendev git config without replacing the local, add the following to `~/.config/git/config`:
```
[includeIf "gitdir:/home/xendev"]
path = ~/src/xendev/conf/gitconfig
```
- facilitates same git config on host and within [xendev](./xendev) container
- only applied to git commands run within `/home/xendev/`
- recommendation is to share source between host/container with volume-mapped `~/src/`
### Local (machine-specific) Configuration
This configuration remains outside the image and is volume-mapped into the
container at runtime.
```sh
cp -a conf.local-example conf.local
```
With the exception of `conf.local/xendev/`, the "dotfiles" of `conf.local` are [stow](https://github.com/aspiers/stowstow)'d in the user's homedir. For example, `conf.local/.xyz` gets symlinked from `~/.xyz`.
Notable local conf files may include:
- `conf.local/xendev/bash.sh`: use to set custom config like `GH_TOKEN` or `FLEEK_API_KEY`
- `conf.local/xendev/directory_map.txt`
- a list of `from:to` directory mappings to preserve current working directory
in new windows (since tmux/kitty does not handle preserved symlinked directories)
- you likely want a directory mapping for `/home/xendev:/home/`
- `conf.local/.aicommits`: aicommits configuration
- `conf.local/.wakatime.cfg`: wakatime or [wakapi](https://github.com/muety/wakapi) configuration
- `conf.local/.aws`: preserve local aws credentials... or anything else in this manner