claude-container-mssql
Verified Safeby aubi-one-david
Overview
Provides a secure, isolated Podman container environment for running Claude Code with pre-configured MSSQL database tools and multiple MCP servers.
Installation
./claude-run.shEnvironment Variables
- ANTHROPIC_API_KEY
- DB_SERVER
- DB_PORT
- DB_USERNAME
- DB_PASSWORD
- DB_DATABASE
- BRAVE_API_KEY
- CLAUDE_CONTAINER_IMAGE
- GITHUB_USERNAME
- CLAUDE_AUTO_PULL
- CLAUDE_SHARE_AUTH
- CLAUDE_CPU_LIMIT
- CLAUDE_MEM_LIMIT
- CLAUDE_WEB_ACCESS
Security Notes
The container employs robust security measures against the host, including iptables for strict network isolation (whitelist by default), running as a non-root user, and restricting filesystem access to the mounted workspace. API keys are passed at runtime rather than baked into the image. However, it explicitly runs Claude Code with '--dangerously-skip-permissions', granting Claude arbitrary execution capabilities *within the container*. While this is mitigated by the container's isolation from the host, users must be aware of the high trust implicitly placed in the AI's actions inside the sandbox. The 'NET_ADMIN' capability is added for firewall management, a powerful permission, but used for a restrictive whitelist.
Similar Servers
claude-code-mcp
Acts as an MCP server to enable LLMs to run Claude Code CLI in one-shot mode, bypassing permissions for complex coding, file system, Git, and terminal operations.
podman-mcp-server
A Model Context Protocol (MCP) server that enables AI assistants to interact with container runtimes like Podman and Docker for container management tasks.
mcpick
Manages MCP server configurations for Claude Code to optimize context usage and performance by enabling/disabling servers, creating backups, and using profiles.
vibes
Vibes transforms Claude Desktop into a conversational development environment through distributed MCP servers, allowing users to describe what they want to build and have Claude implement it while teaching them.