Dockerized Claude Code MCP Server
A simple Docker container for running Claude Code MCP server with enhanced security features.
Development Environment
This Docker container provides a pre-configured development environment with:
- Base OS: Ubuntu
- Build Tools: git, curl, wget, etc.
- Security: Network firewall to prevent unauthorized outbound connections
You can customize the Dockerfile to add additional development tools or languages specific to your projects.
Setup Instructions
1. Build Docker Image
docker build -t my-claude-mcp:latest .
Or if you have just installed:
just build
2. MCP Client Configuration
(Example) Claude Desktop Configuration
Configure Claude Desktop settings file (~/Library/Application\\ Support/Claude/claude_desktop_config.json on macOS for example) as follows:
{
"mcpServers": {
"claude-code": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"--cap-add=NET_ADMIN",
"-v", "/Users/username/.claude:/home/claude/.claude",
"-v", "/Users/username/project-1:/workspace/project-1",
"-v", "/Users/username/project-2:/workspace/project-2",
"my-claude-mcp:latest"
]
}
}
}
This configuration:
- Mounts your Claude settings directory (
~/.claude) - Mounts your project directories for access within the container
- Gives you the flexibility to add as many project directories as needed
Customization
Feel free to modify the Dockerfile to add more development tools based on your needs. For example:
- Additional programming languages (Go, Python, etc.)
- Database clients
- Cloud CLIs (AWS, GCP, Azure)
- Container tools (Docker, Kubernetes tools)
After modifying the Dockerfile, rebuild the image with:
docker build -t my-claude-mcp:latest .
Or with just:
just build
Environment Variables
The container supports the following environment variables:
| Variable | Description | Default | Required |
|---|---|---|---|
GIT_USER_NAME |
User name for Git commits | Claude | No |
GIT_USER_EMAIL |
Email address for Git commits | None | No |
Security Features
This container includes a network firewall that restricts outbound connections to only approved domains:
- GitHub domains (api.github.com, github.com, etc.)
- NPM registry (registry.npmjs.org)
- Anthropic APIs (api.anthropic.com, statsig.anthropic.com)
- Other required services (sentry.io, etc.)
The firewall is automatically enabled when the container is started with the necessary capabilities (--cap-add=NET_ADMIN). These capabilities are required for the container to run - if they are not provided, the container will exit immediately for security reasons.
Key security features:
- Firewall configuration is handled by the root user
- Claude Code MCP runs as a non-root user (claude) without sudo privileges
- Strict firewall rules prevent unauthorized network access
- Automatic verification of firewall configuration during startup
This security feature helps prevent potential data exfiltration attempts through the MCP server.
Recommend MCP Servers 💡
mcp-server-generator
An MCP server for creating and managing Model Context Protocol (MCP) servers for Claude Desktop
@codacy/codacy-mcp
Codacy's MCP Server provides access to the Codacy API, enabling AI models to interact with repositories, analyze code quality, security, coverage, and manage files and pull requests.
hunter-mcp
Integrates Hunter API with LLM providers via MCP, enabling natural language interaction with Hunter's B2B data for tasks like domain search, email verification, and lead creation.
wikipedia-mcp
Retrieves information from Wikipedia to provide context to Large Language Models through MCP
balldontlie-mcp
An MCP Server implementation that integrates the Balldontlie API, to provide information about players, teams and games for the NBA, NFL and MLB
nacos-mcp-router
A MCP server that provides search, installation, proxy functionalities for other MCP servers with advanced search capabilities.