opencode-claude-max-proxy 1.7.3 → 1.8.1

package/README.md

@@ -59,9 +59,17 @@ No monkey-patching. No forked SDKs. No fragile stream rewriting. Just a hook and
 
 1. **Claude Max subscription** — [Subscribe here](https://claude.ai/settings/subscription)
 2. **Claude CLI** authenticated: `npm install -g @anthropic-ai/claude-code && claude login`
-3. **Bun** runtime: `curl -fsSL https://bun.sh/install | bash`
 
-### Install & Run
+### Option A: npm Install
+
+```bash
+npm install -g opencode-claude-max-proxy
+
+# Start in passthrough mode (recommended)
+CLAUDE_PROXY_PASSTHROUGH=1 claude-max-proxy
+```
+
+### Option B: From Source
 
 ```bash
 git clone https://github.com/rynfar/opencode-claude-max-proxy
@@ -72,21 +80,62 @@ bun install
 CLAUDE_PROXY_PASSTHROUGH=1 bun run proxy
 ```
 
+> **Note:** Running from source requires [Bun](https://bun.sh): `curl -fsSL https://bun.sh/install | bash`
+
+### Option C: Docker
+
+```bash
+git clone https://github.com/rynfar/opencode-claude-max-proxy
+cd opencode-claude-max-proxy
+
+# Start the container
+docker compose up -d
+
+# Login to Claude inside the container (one-time)
+docker compose exec proxy claude login
+
+# Verify
+curl http://127.0.0.1:3456/health
+```
+
+> **Note:** On macOS, `claude login` must be run inside the container (keychain credentials can't be mounted). On Linux, volume-mounting `~/.claude` may work without re-login.
+
 ### Connect OpenCode
 
+#### Environment Variables
+
 ```bash
 ANTHROPIC_API_KEY=dummy ANTHROPIC_BASE_URL=http://127.0.0.1:3456 opencode
 ```
 
 The `ANTHROPIC_API_KEY` can be any non-empty string — the proxy doesn't use it. Authentication is handled by your `claude login` session.
 
-### Shell Alias
+#### Shell Alias
 
 ```bash
-# Add to ~/.zshrc or ~/.bashrc
+# Add to ~/.zshrc or ~/.bashrc or ~/.config/fish/config.fish
 alias oc='ANTHROPIC_API_KEY=dummy ANTHROPIC_BASE_URL=http://127.0.0.1:3456 opencode'
 ```
 
+#### OpenCode Config File
+
+Alternatively, the proxy URL and API key can be set globally in `~/.config/opencode/opencode.json`. This has the benefit of working in OpenCode Desktop as well.
+
+```json
+{
+  ...
+  "provider": {
+    "anthropic": {
+      "options": {
+        "baseURL": "http://127.0.0.1:3456",
+        "apiKey": "dummy"
+      }
+    }
+  }
+  ...
+}
+```
+
 ## Modes
 
 ### Passthrough Mode (recommended)

package/bin/docker-auth.sh

@@ -0,0 +1,77 @@
+#!/bin/bash
+# Copy Claude credentials from host into Docker container.
+#
+# macOS stores scopes in Keychain, so the credentials file has scopes: ""
+# Linux Claude CLI needs scopes as an array. This script fixes the format.
+#
+# Usage: ./bin/docker-auth.sh
+
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+cd "$SCRIPT_DIR/.."
+
+HOST_CREDS="$HOME/.claude/.credentials.json"
+
+if [ ! -f "$HOST_CREDS" ]; then
+  echo "❌ No credentials found at $HOST_CREDS"
+  echo "   Run 'claude login' on your host first."
+  exit 1
+fi
+
+# Check if host is logged in
+if ! claude auth status 2>/dev/null | grep -q '"loggedIn": true'; then
+  echo "❌ Not logged in on host. Run 'claude login' first."
+  exit 1
+fi
+
+echo "📋 Reading credentials from host..."
+
+# Fix the scopes field and copy into container
+python3 -c "
+import json, sys
+
+with open('$HOST_CREDS') as f:
+    creds = json.load(f)
+
+oauth = creds.get('claudeAiOauth', {})
+if not oauth.get('accessToken'):
+    print('❌ No access token found in credentials')
+    sys.exit(1)
+
+# Fix scopes: empty string -> proper array
+if not oauth.get('scopes') or oauth['scopes'] == '':
+    oauth['scopes'] = [
+        'user:profile',
+        'user:inference', 
+        'user:sessions:claude_code',
+        'user:mcp_servers',
+        'user:file_upload'
+    ]
+
+creds['claudeAiOauth'] = oauth
+print(json.dumps(creds))
+" | docker compose exec -T proxy bash -c 'cat > /home/claude/.claude/.credentials.json'
+
+if [ $? -ne 0 ]; then
+  echo "❌ Failed to copy credentials. Is the container running?"
+  echo "   Run 'docker compose up -d' first."
+  exit 1
+fi
+
+# Also copy .claude.json if it exists
+if [ -f "$HOME/.claude/.claude.json" ]; then
+  docker compose exec -T proxy bash -c 'cat > /home/claude/.claude/.claude.json' < "$HOME/.claude/.claude.json"
+fi
+
+# Verify
+echo "🔍 Verifying..."
+AUTH=$(docker compose exec proxy claude auth status 2>&1)
+if echo "$AUTH" | grep -q '"loggedIn": true'; then
+  EMAIL=$(echo "$AUTH" | grep -o '"email": "[^"]*"' | head -1)
+  echo "✅ Docker container authenticated! $EMAIL"
+else
+  echo "❌ Authentication failed inside container"
+  echo "$AUTH"
+  exit 1
+fi

package/bin/docker-entrypoint.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+# Docker entrypoint:
+# 1. Fix volume permissions (created as root, need claude ownership)
+# 2. Symlink .claude.json into persistent volume
+
+CLAUDE_DIR="/home/claude/.claude"
+CLAUDE_JSON="/home/claude/.claude.json"
+CLAUDE_JSON_VOL="$CLAUDE_DIR/.claude.json"
+
+# Fix ownership if volume was created as root
+if [ -d "$CLAUDE_DIR" ] && [ ! -w "$CLAUDE_DIR" ]; then
+  echo "[entrypoint] Fixing volume permissions..."
+fi
+
+# Symlink .claude.json into volume so it persists across restarts
+if [ -f "$CLAUDE_JSON_VOL" ] && [ ! -f "$CLAUDE_JSON" ]; then
+  ln -sf "$CLAUDE_JSON_VOL" "$CLAUDE_JSON"
+elif [ -f "$CLAUDE_JSON" ] && [ ! -L "$CLAUDE_JSON" ] && [ -w "$CLAUDE_DIR" ]; then
+  cp "$CLAUDE_JSON" "$CLAUDE_JSON_VOL" 2>/dev/null
+  rm -f "$CLAUDE_JSON"
+  ln -sf "$CLAUDE_JSON_VOL" "$CLAUDE_JSON"
+fi
+
+exec "$@"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-claude-max-proxy",
-  "version": "1.7.3",
+  "version": "1.8.1",
   "description": "Use your Claude Max subscription with OpenCode via proxy server",
   "type": "module",
   "main": "./src/proxy/server.ts",