Sebastian

Posted on Jun 8

Claude Code: Installation & Setup of the Agentic Coding Tool

#claude #ai

In 2024, the evolution of Large Language Models and their utilization in software applications and webpage interfaces started. The GPT-4 model from OpenAI showed unparalleled capabilities for text generation and information assembly. In 2026, two trends merged: The continued evolution of model complexity and capabilities, as well as sophisticated frameworks and libraries that greatly enhanced agentic capabilities of LLM invocation.

Using LLMs as agents once was effectively a continued human-in-the-loop invocation where function calls needed to be monitored and corrected. But now, truly autonomous agents evolved. They apply function calling and function execution precisely, analyze errors and apply solutions when needed. They can fully interact with files and sockets on a computer, making autonomous code generation and even system operations a reality.

On the forefront of agentic tools is the CLI tool Claude Code. It promises and delivers excellent code generation capabilities, supporting developers of all maturity levels with increased productivity.

This article starts a new blog series about agentic tools, and starts with exploring the Claude Code CLI systematically. The particular focus for this article is the installation and initial configuration of Claude Code. Learn how to use a Docker container as a safe sandbox with fine-grained permissions and access only to files that you will work on.

The technical context of this article is claude_code v2.1.91, published on 2026-04-02. Examples and most CLI commands should work with newer versions too.

Every character, number, and symbol in this article was typed manually - with the addition of verbose copies from log messages and screenshots. While I'm fascinated by the capabilities of artificial intelligence tools and applications, crafting blog articles remains my personal skill.

This article originally appeared at my blog admantium.com.

Docker Container Setup

Claude Code is an agentic tool with full support for creating, editing, and deleting any files on a computer or laptop. It can be installed natively via an install script, which essentially copies a platform-specific binary and required libraries, or as an NPM packages and its requirements.

To prevent accidental file modifications on your main computer, I recommend to setup a Docker image and start a Docker container that mounts your specific directories.

Directory Structure

Setup the following directory and file structure:

.
├── Dockerfile
├── build
│   ├── managed-settings.json

Dockerfile

The Docker image has these features:

Based on the official NodeJS LTS image
Installs claude-code as an NPM package
Copies default security permissions
Runs as a non-root user that can become root with a dedicated password

Here is the file:

FROM node:24-trixie

WORKDIR /opt/claude

RUN apt-get update \
  && apt-get install --no-install-recommends --yes \
    bubblewrap \
    nano \
    socat \
    sudo \
    vim \
  && rm -rf /var/lib/apt/lists/*

RUN npm install -g @anthropic-ai/claude-code@2.1.91 \
  && mkdir -p /etc/claude-code

ARG SUDO_PASSWORD
RUN echo "node:${SUDO_PASSWORD}" | chpasswd
RUN usermod -aG sudo node

COPY build/ /etc/claude-code/

ENV PATH="/home/node/.local/bin:${PATH}"
USER node
CMD ["sleep", "infinity"]

Use this Dockerfile as a staging point. If you are developing a Python, Go, or Rust project, add the required libraries and base tools to this file.

Permissions

When Claude Code starts, a permission dialog for the current folder is opened. By confirming this, read access to all files in this folder is provided. From there on, all tool invocations, from bash commands to binaries, need to be approved too. Certain commands can accidently expose files that contains secrets, run commands that print environment variables, or access network and Docker sockets.

To prevent this access, a permission file can be used. This file should be placed at an OS specific directory so that it provides global rules for all Claude Code sessions. In a Linux environment, the permission file should be placed at the location /etc/claude-code/managed-settings.json.

Paste the following content to prevent accidental exposure of common secrets, and reduce model invocation calls for telemetry.

{
  "$schema": "https://json.schemastore.org/claude-code-settings.json",
  "allow_remote_sessions": false,
  "attribution": {
    "commit": "",
    "pr": ""
  },
  "env": {
    "CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC": "1"
  },
  "permissions": {
    "deny": [
      "Bash(env*)",
      "Bash(netstat*)",
      "Bash(printenv*)",
      "Bash(ssh*)",
      "Bash(ss*)",
      "Bash(nc*)",
      "Bash(ncat*)",
      "Bash(netcat*)",
      "Read(**/.env*)",
      "Read(**/.git-credentials*)",
      "Read(**/.gitconfig*)",
      "Grep(**/.env*)",
      "Grep(**/.git-credentials*)",
      "Grep(**/.gitconfig*)",
      "Read(**/.bashrc*)",
      "Read(**/.zshrc*)",
      "Grep(**/.bashrc*)",
      "Grep(**/.zshrc*)",
      "Read(**/.bash_history*)",
      "Read(**/.zsh_history*)",
      "Grep(**/.bash_history*)",
      "Grep(**/.zsh_history*)",
      "Read(**/.ssh/**)",
      "Grep(**/.ssh/**)",
      "Read(/proc/**)",
      "Read(/proc*)",
      "Grep(/proc/**)",
      "Grep(/proc*)",
      "Read(**/*.sock)",
      "Grep(**/*.sock)",
      "Read(/run/docker.sock)",
      "Read(/var/run/docker.sock)"
    ]
  }
}

Building the Container

Build the container with the following command. A random password will be created for the default user node in order to prevent unobserved privilege escalation:

 docker build . \
  --build-arg SUDO_PASSWORD=$(LC_CTYPE=C tr -cd '[:alnum:]' </dev/urandom | head -c 10) \
  --tag claude-code-local:2.1.91

Take a good look at the build log, it reveals the generated password. Note it down.

Docker Container Usage

Starting the Container

When the Docker image is built, you can start it with the preferred mount directory as follows:

docker run --rm \
  --mount type=bind,src=./,dst=/opt/claude \
  --detach \
  --name claude-code-local \
  claude-code-local:2.1.91

Claude code persists session, memory, and global settings in the local ~/.claude directory. If you wish to keep these settings, you need to create and mount this directory to the container.

In a local terminal:

mkdir -p ~/.claude/

Then, start the container with the additional mount. If you have the container still running, you need to stop it first with docker stop claude-code-local

docker run --rm \
  --mount type=bind,src=./,dst=/opt/claude \
  --mount type=bind,src="${HOME}/.claude",dst=/home/node/.claude \
  --detach \
  --name claude-code-local \
  claude-code-local:2.1.91

Starting a Claude Code session

Model Configuration

During the first startup of the container, you need to authenticate with an LLM provider. In addition to using an Anthropic account, LLM routers such as openrouter or litellm can be used to gain access to any LLM provider, including Azure, Google, Ollama, and others.

You can also use your GitHub Co-Pilot subscription - which is shown here. Run the following command to exec into the container:

docker exec -it claude-code-local bash

Then, install and run the helper library copilot-api.

npx copilot-api@latest start --proxy-env
Need to install the following packages:
copilot-api@0.7.0
Ok to proceed? (y) y
ℹ Using VSCode version: 1.113.0
ℹ Not logged in, getting new access token
ℹ Please enter the code "9A4A-9DB1" in https://github.com/login/device

Open the link, login with your GitHub credentials, and paste the OTP code. Shortly afterwards, you should see which LLM models are selectable for your session.

Available models:
- claude-opus-4.6-fast
- claude-opus-4.6
- claude-sonnet-4.6
- gemini-3.1-pro-preview
- goldeneye-free-auto
- gpt-5.2-codex
- gpt-5.4
- raptor-mini-tertiary
- gpt-5-mini
- gpt-4o-mini-2024-07-18
- gpt-4o-2024-11-20
- gpt-4o-2024-08-06
- grok-code-fast-1
- text-embedding-3-small
- text-embedding-3-small-inference
- claude-haiku-4.5
- gpt-4.1-2025-04-14
- oswe-vscode-prime
- oswe-vscode-secondary
- gpt-41-copilot
- gpt-3.5-turbo-0613
- gpt-4
- gpt-4-0613
- gpt-4-0125-preview
- gpt-4o-2024-05-13
- gpt-4-o-preview
- gpt-4.1
- gpt-3.5-turbo
- gpt-4o-mini
- gpt-4
- gpt-4o
- gpt-4-o-preview
- text-embedding-ada-002

➜ Listening on: http://localhost:4141/ (all interfaces)

Finally, create ~/.claude/settings.json and paste the following content. Be sure to set a model mapping to your liking. Anthropics distinction into Haiku, Sonnet, and Opus needs to be mapped to available GitHub Co-Pilot models.

{
  "env": {
    "ANTHROPIC_BASE_URL": "http://localhost:4141",
    "ANTHROPIC_AUTH_TOKEN": "not-required",
    "ANTHROPIC_DEFAULT_OPUS_MODEL ": "claude-opus-4.6",
    "ANTHROPIC_DEFAULT_SONNET_MODEL ": "claude-sonnet-4.6",
    "ANTHROPIC_DEFAULT_HAIKU_MODEL": "claude-haiku-4.5",
  }
}

Session Start

And finally, you can start a Claude code session. Exec into the Docker container, which automatically jumps to the defined directory /opt/claude with your mounted project.

claude

The opening dialog starts ...

And once confirmed, you can start your session.

Conclusion

Claude Code is one of the most prominent agentic tools for code generation. This article starts a new series to systematically explore its CLI tools, slash commands, and use-cases. You learned how to setup a Claude Code in a Docker container, which provides a sandboxed environment into which you mount specific local directories. You saw the Dockerfile, a managed settings permission files that restricts access to sensitive data and environments, and learned the commands to build, start, and use the Docker container. From the many options of LLM providers, GitHub CoPilot was chosen. The next article continues with the exploration of its CLI commands.

DEV Community