OpenCode with superpowers. It can do everything in a container with Docker / Nix
grigio.orgThis is an interesting direction for “open” tooling. Combining containerization (Docker) with reproducible environments (Nix) addresses two of the biggest pain points in developer workflows: environment drift and opaque build/runtime assumptions. Running everything inside a container gives isolation and portability, while Nix provides declarative, deterministic dependency resolution that Docker alone doesn’t solve well. The result is closer to a truly reproducible dev and execution environment, which is especially valuable for CI, code review, and long lived projects. The real test will be how approachable the Nix layer is for non experts and whether the abstractions stay transparent rather than becoming another black box. If done right, this could reduce a lot of “works on my machine” overhead without requiring teams to fully buy into heavyweight orchestration or custom infra.
Exactly, also the fact that this container is build from a flake.nix instead of a Dockerfile it's quite unusual.
I would contend the nix ecosystem is sloppy, 3 of the primary projects I use are wrong for various reasons. I'm not really sure what's here beyond a prebuilt image with nix and open code, is there?
Can this be adjusted to give the agents access to environments rather than being boxed into them. You want their exec's and fs work boxed in, and likely you also want them to use multiple agents in multiple envs, or have a single agent leverage multiple envs (i.e. with different permissions available for different tasks). You also likely don't need a full on env when you are making an API call with the right secrets
The user cases could be very different. Personally, I like the idea to run AI agents like opencode in a sandbox, but I also want it to be able to install software without sudo. Have a look at flake.nix (it's like a Dockerfile in this context). There's opencode but also some permission tweaks to use the container as user instead of root.
If you have a better idea to accomplish that, suggestions are welcome.
I have no need for nix, I have containers via dagger
You can find my alternative on github, same handle
Odd thing to proclaim, as Nix and Dagger-orchestrated containers are not 1:1?
they don't have to be 1:1 for me to have all the features I need
I don't see the value of adding nix to my toolbox when
1. I already have tools that do the same job just fine
2. The packages are a mess, I've looked at several of my daily cli tools and they are all wrong (except one, which is missing completely)
Which packages did you notice that had issues? I'd like to take a look.