logoalt Hacker News

NanoClaw Moved from Apple Containers to Docker

76 pointsby simplesorttoday at 7:12 PM55 commentsview on HN

Comments

botusaurustoday at 7:39 PM

> But NanoClaw isn't just my personal project anymore. Thousands of people are using it. People are running production workloads on it. Businesses are building on it. There's a real community now.

as OpenClaw and now NanoClaw became "enterprise", now we need a new FemtoClaw to pick up the indie/boutique place

show 7 replies
stavrostoday at 7:44 PM

For my version of the AI assistant, I used a Docker container and Unix permissions:

https://github.com/skorokithakis/stavrobot

All plugins run in one Docker container, but they're isolated from each other by different *nix users, so they can't read each other's files. That's much more lightweight, and you don't have to run one container per plugin.

Crucially, plugins can't read each other's secrets or modify each other's code. I even have a plugin configuration webpage that doesn't go through an LLM, so the LLM never sees your secrets if you don't want to.

ameliustoday at 7:41 PM

Putting these NanoClowns inside a container will not protect you from all kinds of safety hazards.

show 2 replies
einarfdtoday at 10:07 PM

I’ve been building sandboxing for Claude code workloads. So I can let it run wild without breaking my computer. Originally I used docker, but I’m now in the process of jettisoning that, and switching to qemu.

For my use case I want ssh access and being able to use docker in docker. This allows for things like test containers and docker compose. You can get all of that working with docker. But you kind of have to fight docker the whole way.

NanoClaw might have different needs, and docker could work better for it, and I hope so for their sake. But I’m not optimistic.

arsalanbtoday at 9:49 PM

I'm surprised that the developer experience around sandboxing on macOS is generally so bad. Seatbelt is in limbo and apple containers are just a pain to work with as some have highlighted in this thread

Xx_crazy420_xXtoday at 8:55 PM

I can't believe the solution is creating uncompatibile branch and forcing users to use cladue for resolving merge conflits. Why not bake in the dual compatibility?

show 1 reply
sergiotapiatoday at 10:07 PM

I installed nanoclaw last night funny to see it here on HN.

It was easy to install it, and get it running. I could @Andy message it on whatsapp but after that it fell apart fast.

I asked it to login to Facebook and check my notifications, and it started saving credentials and random things in the repo as json files. And din't work. It was hard to even figure out what was happening and why it didn't work.

Then I tried messaging it again and it didn't respond to me.

These things are extremely brittle despite the enourmous amount of github stars. I think it's just normies starring things trying to get on the train unfortunately. The promise of an AI Jarvis is unrealized still.

brcmthrowawaytoday at 7:45 PM

Can someone explain the special sauce of the claws compared to just use claude.ai etc

show 7 replies
ericbuildsiotoday at 8:27 PM

Sensible, this broadens our hosting options.

gretoday at 9:04 PM

apple container is really buggy with networking

show 1 reply
benatkintoday at 7:32 PM

So they're making it use OCI images? Cool. Hopefully there will be good support for Podman.

show 2 replies
john_alantoday at 8:21 PM

Use containerd , Docker is cancer.