holyclaude-ai-workstation
Deploy a full AI coding workstation with Claude Code, web UI, headless browser, and 5 AI CLIs in a single Docker container
Best use case
holyclaude-ai-workstation is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Deploy a full AI coding workstation with Claude Code, web UI, headless browser, and 5 AI CLIs in a single Docker container
Teams using holyclaude-ai-workstation should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/holyclaude-ai-workstation/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How holyclaude-ai-workstation Compares
| Feature / Agent | holyclaude-ai-workstation | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Deploy a full AI coding workstation with Claude Code, web UI, headless browser, and 5 AI CLIs in a single Docker container
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
ChatGPT vs Claude for Agent Skills
Compare ChatGPT and Claude for AI agent skills across coding, writing, research, and reusable workflow execution.
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
SKILL.md Source
# HolyClaude AI Workstation
> Skill by [ara.so](https://ara.so) — Daily 2026 Skills collection.
HolyClaude is a containerized AI development workstation that bundles Claude Code CLI, a CloudCLI web UI, Chromium headless browser with Playwright, 5 AI CLIs (Claude, Gemini, OpenAI Codex, Cursor, TaskMaster AI), and 50+ dev tools into a single Docker image. One `docker compose up` replaces hours of manual setup.
---
## Installation
### Prerequisites
- Docker + Docker Compose installed
- Existing Anthropic account (Max/Pro subscription or API key)
### Quick Start
```bash
mkdir holyclaude && cd holyclaude
```
Create `docker-compose.yaml`:
```yaml
services:
holyclaude:
image: CoderLuii/HolyClaude:latest
container_name: holyclaude
hostname: holyclaude
restart: unless-stopped
shm_size: 2g
ports:
- "3001:3001"
volumes:
- ./data/claude:/root/.claude
- ./data/config:/root/.config
- ./projects:/workspace
environment:
- PUID=1000
- PGID=1000
```
```bash
docker compose up -d
# Open http://localhost:3001
```
### Image Variants
```bash
# Full image — all tools pre-installed (recommended)
docker pull CoderLuii/HolyClaude:latest
# Slim image — smaller download, tools installed on demand
docker pull CoderLuii/HolyClaude:slim
# Pinned version for production stability
docker pull CoderLuii/HolyClaude:1.2.3
docker pull CoderLuii/HolyClaude:1.2.3-slim
```
---
## Full Docker Compose Configuration
```yaml
services:
holyclaude:
image: CoderLuii/HolyClaude:latest
container_name: holyclaude
hostname: holyclaude
restart: unless-stopped
shm_size: 2g # Required for Chromium
ports:
- "3001:3001" # CloudCLI web UI
volumes:
- ./data/claude:/root/.claude # Claude credentials & config (persisted)
- ./data/config:/root/.config # App config (persisted)
- ./projects:/workspace # Your project files
environment:
# User/group IDs (match host user to avoid permission issues)
- PUID=1000
- PGID=1000
# AI provider API keys (optional — can also set via web UI)
- ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
- GEMINI_API_KEY=${GEMINI_API_KEY}
- OPENAI_API_KEY=${OPENAI_API_KEY}
- CURSOR_API_KEY=${CURSOR_API_KEY}
# NAS/SMB mount polling (enable if using Synology/QNAP)
- CHOKIDAR_USEPOLLING=true
# Notification webhooks (optional)
- DISCORD_WEBHOOK_URL=${DISCORD_WEBHOOK_URL}
- SLACK_WEBHOOK_URL=${SLACK_WEBHOOK_URL}
security_opt:
- seccomp:unconfined # Required for Chromium sandbox
```
### Environment Variable Reference
| Variable | Required | Description |
|---|---|---|
| `PUID` | Recommended | Host user ID (run `id -u` to find yours) |
| `PGID` | Recommended | Host group ID (run `id -g` to find yours) |
| `ANTHROPIC_API_KEY` | Optional | Anthropic API key (alternative to OAuth login) |
| `GEMINI_API_KEY` | Optional | Google AI API key for Gemini CLI |
| `OPENAI_API_KEY` | Optional | OpenAI API key for Codex CLI |
| `CURSOR_API_KEY` | Optional | Cursor API key |
| `CHOKIDAR_USEPOLLING` | NAS only | Set `true` for SMB/NFS mounts |
| `DISCORD_WEBHOOK_URL` | Optional | Discord notifications |
| `SLACK_WEBHOOK_URL` | Optional | Slack notifications |
---
## Authentication
### Method 1: OAuth (Claude Max/Pro Subscription)
1. Open `http://localhost:3001`
2. Create a CloudCLI account (10 seconds)
3. Sign in with your Anthropic account via OAuth
4. No API key needed — uses your existing subscription
### Method 2: API Key
```yaml
environment:
- ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
```
Or paste the key directly in the CloudCLI web UI settings.
### Credential Persistence
Credentials are stored in the bind-mounted volume:
```
./data/claude/ → /root/.claude/
./data/config/ → /root/.config/
```
Credentials survive container restarts, updates, and recreation.
---
## Platform-Specific Configuration
### Linux (amd64/arm64) — Default
```yaml
# No extra config needed
shm_size: 2g
```
### macOS (Docker Desktop)
```yaml
# Works out of the box with Docker Desktop
shm_size: 2g
```
### Windows (WSL2 + Docker Desktop)
```yaml
# Requires WSL2 backend enabled in Docker Desktop
shm_size: 2g
```
### Synology / QNAP NAS
```yaml
environment:
- CHOKIDAR_USEPOLLING=true # Fixes file watching on SMB mounts
volumes:
- /volume1/docker/holyclaude/data/claude:/root/.claude
- /volume1/docker/holyclaude/projects:/workspace
```
### Kubernetes (ARM64 / Oracle Cloud Graviton)
```yaml
# arm64 image is published alongside amd64
image: CoderLuii/HolyClaude:latest # multi-arch manifest auto-selects correct arch
```
---
## What's Inside the Container
### AI CLIs
| CLI | Invocation | Key Provider |
|---|---|---|
| Claude Code | `claude` | Anthropic (`ANTHROPIC_API_KEY` or OAuth) |
| Gemini CLI | `gemini` | Google (`GEMINI_API_KEY`) |
| OpenAI Codex | `codex` | OpenAI (`OPENAI_API_KEY`) |
| Cursor | `cursor` | Cursor (`CURSOR_API_KEY`) |
| TaskMaster AI | `task-master` | Uses configured AI provider keys |
### Headless Browser Stack
- **Chromium** — pre-installed and configured
- **Xvfb** — virtual display on `:99`
- **Playwright** — configured and ready
- **Shared memory** — `shm_size: 2g` pre-configured (fixes the 64MB Docker default)
### Dev Tools (50+)
- **Languages**: Node.js, Python 3, TypeScript, Bun, Deno
- **Package managers**: npm, yarn, pnpm, pip, cargo
- **Database clients**: PostgreSQL, MySQL, SQLite, Redis CLI
- **Cloud CLIs**: AWS CLI, Google Cloud SDK, Azure CLI
- **Dev tools**: GitHub CLI (`gh`), Git, curl, jq, ripgrep, fd
- **Process manager**: s6-overlay (auto-restart, graceful shutdown)
---
## Working with Projects
### Mount your project directory
```yaml
volumes:
- ./projects:/workspace
# Or mount a specific project:
- /path/to/my-app:/workspace/my-app
```
### Inside the container
```bash
# Access the container shell
docker exec -it holyclaude bash
# Navigate to workspace
cd /workspace
# Run Claude Code directly
claude
# Run other AI CLIs
gemini
codex
```
---
## Playwright / Headless Browser Usage
Playwright is pre-configured. Use it from Claude Code tasks or directly:
```typescript
// playwright.config.ts — already works inside the container
import { defineConfig } from '@playwright/test';
export default defineConfig({
use: {
// Chromium is pre-installed, no download needed
browserName: 'chromium',
launchOptions: {
args: [
'--no-sandbox',
'--disable-setuid-sandbox',
'--disable-dev-shm-usage', // Use /tmp instead of /dev/shm
],
},
},
});
```
```typescript
// Direct Playwright usage inside container
import { chromium } from 'playwright';
const browser = await chromium.launch({
args: [
'--no-sandbox',
'--disable-setuid-sandbox',
'--disable-dev-shm-usage',
],
});
const page = await browser.newPage();
await page.goto('https://example.com');
const screenshot = await page.screenshot({ path: '/workspace/screenshot.png' });
await browser.close();
```
```bash
# Run Playwright tests inside container
docker exec -it holyclaude bash -c "cd /workspace && npx playwright test"
# Run with headed mode via Xvfb
docker exec -it holyclaude bash -c "DISPLAY=:99 npx playwright test --headed"
```
---
## Updating HolyClaude
```bash
# Pull latest image
docker compose pull
# Recreate container with new image (zero data loss — data is in bind mounts)
docker compose up -d
# Or explicit recreation
docker compose down && docker compose up -d
```
### Pinned Version Strategy
```yaml
# For production: pin to a specific version
image: CoderLuii/HolyClaude:1.2.3
# Update by changing the tag and running:
docker compose up -d
```
---
## Data & Persistence
```
holyclaude/
├── docker-compose.yaml
├── data/
│ ├── claude/ # Claude credentials, .claude.json, history
│ └── config/ # CloudCLI and app configuration
└── projects/ # Your workspace (mount your code here)
```
**All credentials and config survive:**
- Container restarts
- `docker compose down && up`
- Image updates via `docker compose pull`
- Container recreation
---
## Common Patterns
### Pattern: Multiple Projects
```yaml
volumes:
- ./data/claude:/root/.claude
- ./data/config:/root/.config
- ~/code/project-a:/workspace/project-a
- ~/code/project-b:/workspace/project-b
- ~/code/project-c:/workspace/project-c
```
### Pattern: Read-only API Keys via .env file
```bash
# .env (never commit this)
ANTHROPIC_API_KEY=sk-ant-...
GEMINI_API_KEY=AIza...
OPENAI_API_KEY=sk-...
```
```yaml
# docker-compose.yaml
services:
holyclaude:
env_file: .env
```
### Pattern: Custom Port
```yaml
ports:
- "8080:3001" # Access via http://localhost:8080
```
### Pattern: Remote Server Access
```yaml
ports:
- "0.0.0.0:3001:3001" # Accessible from network
# Then access via http://your-server-ip:3001
# Recommend putting behind nginx/Caddy with HTTPS for production
```
### Pattern: Nginx Reverse Proxy
```yaml
services:
holyclaude:
image: CoderLuii/HolyClaude:latest
# Don't expose ports directly — nginx handles it
expose:
- "3001"
networks:
- web
nginx:
image: nginx:alpine
ports:
- "443:443"
volumes:
- ./nginx.conf:/etc/nginx/conf.d/default.conf
- ./certs:/etc/nginx/certs
networks:
- web
networks:
web:
```
---
## Troubleshooting
### Container won't start
```bash
# Check logs
docker compose logs holyclaude
# Check if port 3001 is already in use
lsof -i :3001
```
### Chromium crashes / headless browser fails
```yaml
# Ensure shm_size is set (CRITICAL)
shm_size: 2g
# Ensure seccomp is unconfined
security_opt:
- seccomp:unconfined
```
```bash
# Verify display is available inside container
docker exec holyclaude bash -c "echo $DISPLAY"
# Should output: :99
```
### Permission denied errors on bind mounts
```yaml
environment:
- PUID=1000 # Must match your host user: `id -u`
- PGID=1000 # Must match your host group: `id -g`
```
```bash
# Fix existing permissions on host
sudo chown -R 1000:1000 ./data ./projects
```
### File watching broken on NAS / SMB mounts
```yaml
environment:
- CHOKIDAR_USEPOLLING=true
```
### Claude Code installer hangs
This is pre-solved in HolyClaude — the container sets the correct WORKDIR ownership. If you're building a custom image on top:
```dockerfile
# Ensure WORKDIR is not root-owned before running Claude Code installer
RUN chown -R node:node /app
WORKDIR /app
```
### SQLite locks on NAS mount
```yaml
volumes:
# Move SQLite databases to a local volume, not NAS mount
- holyclaude-db:/root/.local/share/holyclaude
- /nas/mount:/workspace # NAS mount only for project files
volumes:
holyclaude-db:
```
### Claude Code authentication lost after restart
```yaml
# Ensure this volume is mounted (credentials live here)
volumes:
- ./data/claude:/root/.claude
```
### Process keeps dying / not restarting
HolyClaude uses s6-overlay for process supervision. Check service status:
```bash
docker exec holyclaude s6-svstat /run/service/cloudcli
docker exec holyclaude s6-svstat /run/service/xvfb
```
---
## Building Locally
```bash
git clone https://github.com/CoderLuii/HolyClaude.git
cd HolyClaude
# Build full image
docker build -t holyclaude:local .
# Build slim image
docker build -t holyclaude:local-slim --target slim .
# Build for specific platform
docker buildx build --platform linux/arm64 -t holyclaude:arm64 .
# Run your local build
docker run -d \
--name holyclaude \
--shm-size=2g \
-p 3001:3001 \
-v $(pwd)/data/claude:/root/.claude \
holyclaude:local
```
---
## Quick Reference
```bash
# Start
docker compose up -d
# Stop
docker compose down
# View logs (live)
docker compose logs -f holyclaude
# Shell access
docker exec -it holyclaude bash
# Update to latest
docker compose pull && docker compose up -d
# Restart only the container
docker compose restart holyclaude
# Check resource usage
docker stats holyclaude
```Related Skills
---
name: article-factory-wechat
humanizer
Remove signs of AI-generated writing from text. Use when editing or reviewing text to make it sound more natural and human-written. Based on Wikipedia's comprehensive "Signs of AI writing" guide. Detects and fixes patterns including: inflated symbolism, promotional language, superficial -ing analyses, vague attributions, em dash overuse, rule of three, AI vocabulary words, negative parallelisms, and excessive conjunctive phrases.
find-skills
Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express interest in extending capabilities. This skill should be used when the user is looking for functionality that might exist as an installable skill.
tavily-search
Use Tavily API for real-time web search and content extraction. Use when: user needs real-time web search results, research, or current information from the web. Requires Tavily API key.
baidu-search
Search the web using Baidu AI Search Engine (BDSE). Use for live information, documentation, or research topics.
agent-autonomy-kit
Stop waiting for prompts. Keep working.
Meeting Prep
Never walk into a meeting unprepared again. Your agent researches all attendees before calendar events—pulling LinkedIn profiles, recent company news, mutual connections, and conversation starters. Generates a briefing doc with talking points, icebreakers, and context so you show up informed and confident. Triggered automatically before meetings or on-demand. Configure research depth, advance timing, and output format. Walking into meetings blind is amateur hour—missed connections, generic small talk, zero leverage. Use when setting up meeting intelligence, researching specific attendees, generating pre-meeting briefs, or automating your prep workflow.
self-improvement
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Claude ('No, that's wrong...', 'Actually...'), (3) User requests a capability that doesn't exist, (4) An external API or tool fails, (5) Claude realizes its knowledge is outdated or incorrect, (6) A better approach is discovered for a recurring task. Also review learnings before major tasks.
botlearn-healthcheck
botlearn-healthcheck — BotLearn autonomous health inspector for OpenClaw instances across 5 domains (hardware, config, security, skills, autonomy); triggers on system check, health report, diagnostics, or scheduled heartbeat inspection.
linkedin-cli
A bird-like LinkedIn CLI for searching profiles, checking messages, and summarizing your feed using session cookies.
notebooklm
Google NotebookLM 非官方 Python API 的 OpenClaw Skill。支持内容生成(播客、视频、幻灯片、测验、思维导图等)、文档管理和研究自动化。当用户需要使用 NotebookLM 生成音频概述、视频、学习材料或管理知识库时触发。
小红书长图文发布 Skill
## 概述