@kokorolx/ai-sandbox-wrapper 1.0.0 → 1.1.1

package/README.md

@@ -293,6 +293,41 @@ export DOCKER_HOST=unix:///var/run/docker.sock
 export DOCKER_HOST=tcp://localhost:2375
 ```
 
+#### Port Exposure
+Expose container ports to the host for web development, APIs, and dev servers:
+
+```bash
+# Expose a single port (localhost only - secure default)
+PORT=3000 ai-run opencode
+
+# Expose multiple ports
+PORT=3000,5555,5556,5557 ai-run opencode
+
+# Expose to network (use with caution)
+PORT=3000 PORT_BIND=all ai-run opencode
+```
+
+| Variable | Values | Default | Description |
+|----------|--------|---------|-------------|
+| `PORT` | Comma-separated ports | (none) | Ports to expose (e.g., `3000,5555`) |
+| `PORT_BIND` | `localhost`, `all` | `localhost` | Bind to localhost only or all interfaces |
+
+**Security Notes:**
+- Default binding is `127.0.0.1` (localhost only) - only accessible from your machine
+- Using `PORT_BIND=all` exposes ports to your network - a warning is displayed
+- Invalid port numbers (outside 1-65535) are skipped with a warning
+
+**Example: Rails Development**
+```bash
+# Start container with Rails default port exposed
+PORT=3000 ai-run opencode --shell
+
+# Inside container, start Rails server
+rails server -b 0.0.0.0
+
+# Access from host browser at http://localhost:3000
+```
+
 #### API Keys
 Configure in `~/.ai-env`:
 
@@ -353,7 +388,9 @@ Each tool's config is mounted to `/home/agent/` inside the container.
 
 ### Additional Tools (Container-Only)
 
-During setup, you can optionally install additional tools into the base Docker image:
+During setup, you can optionally install additional tools into the base Docker image. Tools are organized into two categories:
+
+#### AI Enhancement Tools
 
 | Tool | Description | Size Impact |
 |------|-------------|-------------|
@@ -362,22 +399,44 @@ During setup, you can optionally install additional tools into the base Docker i
 | openspec | OpenSpec - spec-driven development | ~20MB |
 | playwright | Browser automation with Chromium/Firefox/WebKit | ~500MB |
 
-**Always Installed (for LSP support):**
-- `typescript` + `typescript-language-server` - Required for AI coding assistants with LSP integration
-
 **Playwright** is useful when AI tools need to:
 - Run browser-based tests
 - Scrape web content
 - Verify UI changes
 - Automate browser workflows
 
+#### Language Runtimes
+
+| Runtime | Description | Size Impact |
+|---------|-------------|-------------|
+| ruby | Ruby 3.3.0 + Rails 8.0.2 (via rbenv) | ~500MB |
+
+**Ruby/Rails** is useful when:
+- Developing Ruby on Rails applications
+- Running Rails generators and migrations
+- Using Bundler for dependency management
+- Building Ruby-based APIs and web apps
+
+#### Always Installed
+
+- `typescript` + `typescript-language-server` - Required for AI coding assistants with LSP integration
+
+#### Manual Installation
+
 ```bash
 # Manual build with Playwright (if not selected during setup)
 INSTALL_PLAYWRIGHT=1 bash lib/install-base.sh
 
+# Manual build with Ruby/Rails (if not selected during setup)
+INSTALL_RUBY=1 bash lib/install-base.sh
+
 # Verify Playwright in container
 docker run --rm ai-base:latest npx playwright --version
 
+# Verify Ruby/Rails in container
+docker run --rm ai-base:latest ruby --version
+docker run --rm ai-base:latest rails --version
+
 # Verify TypeScript LSP
 docker run --rm ai-base:latest tsc --version
 ```

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kokorolx/ai-sandbox-wrapper",
-  "version": "1.0.0",
+  "version": "1.1.1",
   "description": "Docker-based security sandbox for AI coding agents. Isolate Claude, Gemini, Aider, and other AI tools from your host system.",
   "keywords": [
     "ai",
@@ -24,6 +24,7 @@
   "license": "MIT",
   "author": "kokorolx",
   "bin": {
+    "@kokorolx/ai-sandbox-wrapper": "./bin/cli.js",
     "ai-sandbox-wrapper": "./bin/cli.js"
   },
   "files": [

package/setup.sh

@@ -315,15 +315,32 @@ done
 
 echo ""
 if [[ ${#CONTAINERIZED_TOOLS[@]} -gt 0 ]]; then
-  ADDITIONAL_TOOL_OPTIONS="spec-kit,ux-ui-promax,openspec,playwright,ruby"
-  ADDITIONAL_TOOL_DESCS="Spec-driven development toolkit,UI/UX design intelligence tool,OpenSpec - spec-driven development,Playwright browser automation (adds ~500MB),Ruby 3.3.0 + Rails 8.0.2 (adds ~500MB)"
+  # Category 1: AI Enhancement Tools (spec-driven development, UI/UX, browser automation)
+  AI_TOOL_OPTIONS="spec-kit,ux-ui-promax,openspec,playwright"
+  AI_TOOL_DESCS="Spec-driven development toolkit,UI/UX design intelligence tool,OpenSpec - spec-driven development,Browser automation + Chromium/Firefox/WebKit (~500MB)"
 
-  multi_select "Select Additional Tools (installed in containers)" "$ADDITIONAL_TOOL_OPTIONS" "$ADDITIONAL_TOOL_DESCS"
-  ADDITIONAL_TOOLS=("${SELECTED_ITEMS[@]}")
+  multi_select "Select AI Enhancement Tools (installed in containers)" "$AI_TOOL_OPTIONS" "$AI_TOOL_DESCS"
+  AI_ENHANCEMENT_TOOLS=("${SELECTED_ITEMS[@]}")
 
-  if [[ ${#ADDITIONAL_TOOLS[@]} -gt 0 ]]; then
-    echo "Additional tools selected: ${ADDITIONAL_TOOLS[*]}"
+  if [[ ${#AI_ENHANCEMENT_TOOLS[@]} -gt 0 ]]; then
+    echo "AI tools selected: ${AI_ENHANCEMENT_TOOLS[*]}"
   fi
+
+  echo ""
+
+  # Category 2: Language Runtimes (Ruby, etc.)
+  LANG_OPTIONS="ruby"
+  LANG_DESCS="Ruby 3.3.0 + Rails 8.0.2 via rbenv (~500MB)"
+
+  multi_select "Select Additional Language Runtimes (installed in containers)" "$LANG_OPTIONS" "$LANG_DESCS"
+  LANGUAGE_RUNTIMES=("${SELECTED_ITEMS[@]}")
+
+  if [[ ${#LANGUAGE_RUNTIMES[@]} -gt 0 ]]; then
+    echo "Language runtimes selected: ${LANGUAGE_RUNTIMES[*]}"
+  fi
+
+  # Combine both categories for processing
+  ADDITIONAL_TOOLS=("${AI_ENHANCEMENT_TOOLS[@]}" "${LANGUAGE_RUNTIMES[@]}")
 else
   ADDITIONAL_TOOLS=()
   echo "ℹ️  No containerized AI tools selected. Skipping additional tools."