Skip to content

feat: support extra host mounts via ~/.agent-vm/volumes#9

Open
jbpenrath wants to merge 1 commit intosylvinus:mainfrom
jbpenrath:feat/extra-mount
Open

feat: support extra host mounts via ~/.agent-vm/volumes#9
jbpenrath wants to merge 1 commit intosylvinus:mainfrom
jbpenrath:feat/extra-mount

Conversation

@jbpenrath
Copy link
Copy Markdown

@jbpenrath jbpenrath commented Apr 1, 2026
edited
Loading

Allow to mount extra folders. It can be useful, to mount global claude configuration or a git config for example.

@sylvinus
Copy link
Copy Markdown
Owner

sylvinus commented Apr 4, 2026

good idea, would be cool to support write volumes too?

@Fingarde
Copy link
Copy Markdown

Fingarde commented Apr 21, 2026

#11

@Fingarde
Copy link
Copy Markdown

Fingarde commented Apr 21, 2026

good idea, would be cool to support write volumes too?

If mount points are stored in the project folder, the AI could modify writable mount points, which I think poses a security risk.
Maybe additional mount points should be read-only and only used to mount folders such as ~/.config/opencode or ~/claude.

But we absolutely need this feature !!!

@jbpenrath jbpenrath force-pushed the feat/extra-mount branch 2 times, most recently from 12ad1dc to 21edc59 Compare April 23, 2026 23:34
@jbpenrath
Copy link
Copy Markdown
Author

jbpenrath commented Apr 23, 2026
edited
Loading

I tried to complete this work.
Now you can mount folders and also single files through a little tweak because I did not find secure and easy way to mount single files with virtiofs. (As a workaround, I create a staging folder that is mounted in the VM. Then for each files, I create an hard link in this staging folder then I'm able within the VM to bind each file to its destination.)

Furthermore like docker compose, for folder only, you can suffix volume entry by :ro or :rw to make folder writable or read-only (read-only by default if no suffix is provided)

@jbpenrath
feat: support extra host mounts via ~/.agent-vm/volumes
838d85a 
Lets users expose host configuration (e.g. ~/.gitconfig) inside every VM
without widening the write surface of the project mount. Files are
hardlinked into a per-VM staging dir so the VM never sees the source's
parent directory, and bind-mounted at their final path inside the VM.
Read-only by default; directories and individual files are both supported,
and directories can opt into rw via a trailing ":rw" mode (docker-compose
style). Files are kept ro because the hardlink/copy staging would desync
silently on cross-filesystem setups.
@jbpenrath jbpenrath changed the title ✨(agent-vm) allow to mount extra folders feat: support extra host mounts via ~/.agent-vm/volumes Apr 24, 2026
@JeSuisUnCaillou
Copy link
Copy Markdown

JeSuisUnCaillou commented Apr 27, 2026

Maybe additional mount points should be read-only and only used to mount folders such as ~/.config/opencode or ~/claude.

Read-only would allow claude code to read its global skills and all which would already be great, but it would prevent claude code to write memories in ~/.claude/projects/<the-project-slug>/memory. And it's a pretty useful feature of claude code in my opinion.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jbpenrath @sylvinus @Fingarde @JeSuisUnCaillou