Since AI assistants such as Codex CLI or Claude Code can execute arbitrary commands they should be isolated from the main computer. However Docker isolation has its own problems, so some kind of virtualization is best.
Also, it would be nice to have the environment available over the internet, so a VPS of some sort seems to be the best option.
VPS Setup
Configure a VPS running Debian Stable (currently Debian 13 Trixie).
SSH Hardening
Disable root login by editing /etc/ssh/sshd_config:
PermitRootLogin no
sudo /etc/init.d/ssh restart
sudo dpkg-reconfigure locales
Choose en_US.UTF-8
Update the system:
apt update
apt install command-not-found sudo build-essential autoconf vnstat iotop man-db supervisor rsync bind9 lsof ncdu certbot pigz net-tools gettext dstat nmap htop sysstat ack-grep curl git
apt-file update
update-command-not-found
Install and Enable fail2ban
apt-get install fail2ban nftables
update-rc.d fail2ban defaults
systemctl enable fail2ban
systemctl start fail2ban
Install Assistant Dependencies
apt install ca-certificates man-db build-essential silversearcher-ag cscope unzip zip python-is-python3 pkg-config libssl-dev eza fzf ripgrep ack jq yq procps psmisc vim wget npm pngquant lsof pigz ncdu gettext command-not-found
Install the AI Assistant
sudo npm i -g @openai/codex
Configure the development environment
You can connect from you machine to the VPS using an IDE with remote capabilities such as VS Code or Jetbrains IntelliJ.
Increase Remote Jetbrains IDE component RAM use
After installing the remote component.
~/.cache/JetBrains/RemoteDev/dist/
cd to the active backend and, edit bin/idea64.vmoptions and set increase -Xmx, for example -Xmx4096m
Restart the remote backend.
iTerm2 and tmux
To persist remote commands use the iTerm2 terminal emulator on the mac and configure your ssh configuration ~/.ssh/config on the mac like this:
Host dev
HostName dev.example.com
User your-user-name
RequestTTY force
RemoteCommand tmux -CC new -A -s 0
After this you can just ssh dev and iTerm2 will automatically open a tmux enabled window. When opening a tab iTerm2 will ask if it should create a tmux tab or a regular tab, set it to tmux (don't ask again), and closing the windows set it to "Detach" (don't ask again). In this way sessions will persist, scrollback and copy/paste work.
Synchronize files using mutagen
Install on the mac the conflict aware file sync mutagen.
brew install mutagen-io/mutagen/mutagen
Configure ~/.mutagen.yml
sync:
defaults:
ignore:
vcs: true
paths:
- .git
- .idea
- .cache
- .venv
- .env
- .DS_Store
- node_modules
- vendor
- tmp
Then create the sync:
mutagen sync create --name=mac-vps-dev --ignore-vcs ~/Documents/code user@vps:Documents/code
It can take a while to complete the first sync, monitor with mutagen sync list -l