Docker Open Interpreter

A Docker container for Open Interpreter that follows Docker-in-Docker patterns, providing a secure, isolated, and production-ready environment for running Open Interpreter with full containerization workflow capabilities.

Table of Contents

• Prerequisites
• Quick Start
• Configuration
• Usage
  • Docker Usage
  • Docker Compose Usage
  • Model Configuration
• Docker-in-Docker Capabilities
• Advanced Usage
• Security Notes
• Troubleshooting

Prerequisites

• Docker installed and running
• Docker Compose (optional, for compose usage)
• API key for your chosen model (DeepSeek, OpenAI, Anthropic, etc.)

Quick Start

# Clone the repository
git clone https://github.com/legido-ai/docker-open-interpreter.git
cd docker-open-interpreter

# Copy the example environment file
cp .env.example .env

# Edit the .env file with your configuration
nano .env  # Or use your favorite editor

# Build and start the container
docker-compose up --build

Configuration

The container supports various configuration options through environment variables. Copy .env.example to .env and customize the settings:

Required Environment Variables

• DEEPSEEK_API_KEY - Your DeepSeek API key (or your preferred model provider)

Usage

Docker Usage

Pull the pre-built image from GitHub Container Registry:

docker pull ghcr.io/legido-ai/docker-open-interpreter:latest

Or build locally from source:

docker build . -t docker-open-interpreter

Set API key, for instance Deepseek:

export DEEPSEEK_API_KEY=sk-mykey

Run interactively:

docker run \
  -it \
  --rm \
  --name agent \
  -e DEEPSEEK_API_KEY=$DEEPSEEK_API_KEY \
  -v /var/run/docker.sock:/var/run/docker.sock \
  ghcr.io/legido-ai/docker-open-interpreter interpreter \
  --model deepseek/deepseek-chat

Docker Compose Usage

Using the provided docker-compose.yml:

# Build and start in the foreground
docker-compose up --build

# Build and start in the background
docker-compose up -d --build

# Stop the container
docker-compose down

Model Configuration

The container supports multiple model providers:

DeepSeek

# In your .env file:
DEEPSEEK_API_KEY="your_deepseek_api_key"

OpenAI

# In your .env file:
OPENAI_API_KEY="your_openai_api_key"

Anthropic

# In your .env file:
ANTHROPIC_API_KEY="your_anthropic_api_key"

Docker-in-Docker Capabilities

This container supports Docker-in-Docker functionality, allowing Open Interpreter to run Docker containers from within the container:

• Mount the Docker socket: /var/run/docker.sock:/var/run/docker.sock:ro
• The container runs in privileged mode to enable Docker functionality
• The appuser is added to the Docker group for socket access
• Works with the host's Docker installation

Security Notes

⚠️ Important Security Considerations

1. Privileged Mode: The container runs in privileged mode to enable Docker-in-Docker functionality. This grants the container extended privileges that could potentially affect the host system. Only run this container with trusted code.

2. Docker Socket Access: Mounting the Docker socket gives the container access to create and manage containers on the host. This is necessary for Docker-in-Docker but presents a security risk if the container is compromised.

3. API Keys: Never commit API keys to version control. Use the .env file for local development, and use secure secret management in production.

4. Non-root Execution: The container runs as the non-root user appuser (UID 1000, GID 1000) to reduce potential impact of security vulnerabilities.

Troubleshooting

Common Issues

Issue: "permission denied" when accessing Docker socket

Symptom:

Got permission denied while trying to connect to the Docker daemon socket...

Solution:

1. Ensure the Docker group ID matches between host and container:
   • Check host Docker GID: getent group docker
   • Set DOCKER_GID in .env to match
   • Rebuild the container: docker-compose build

Issue: "API key not found"

Symptom:

AuthenticationError: Invalid API key

Solution:

1. Verify the correct environment variable is set in .env
2. Ensure the variable is being passed to the container
3. Check the API key value is correct

Issue: Container won't start

Symptom:

docker-compose up fails to start service

Solution:

1. Check Docker daemon is running: systemctl status docker
2. Ensure Docker-in-Docker isn't conflicting with host Docker
3. Verify all required environment variables are set

Issue: Interpreter can't execute Docker commands

Symptom:

Error: Docker command not found or permission denied

Solution:

1. Ensure privileged mode is enabled
2. Verify the Docker socket is mounted: /var/run/docker.sock:/var/run/docker.sock:ro
3. Check that the user is in the Docker group: groups appuser (inside container)

Health Check

The container includes a health check that verifies Open Interpreter is running:

• Runs every 30 seconds
• Times out after 10 seconds
• Starts checking after initial 5 second period
• Retries 3 times before marking container as unhealthy

Check container health status:

docker ps
# Look for "healthy" status

Verifying Installation

To verify Open Interpreter is working inside the container:

# Enter the running container
docker exec -it open-interpreter bash

# Test the interpreter installation
python -c "import interpreter; print('Open Interpreter is installed')"

Debugging Configuration

To debug configuration values:

# Check environment variables inside the container
docker exec -it open-interpreter env

# Check if API keys are properly set
docker exec -it open-interpreter bash -c 'echo $DEEPSEEK_API_KEY'
# Note: This will show your API key - be careful in shared environments

Contributing

We welcome contributions to this project. Please see our Contributing Guidelines for more information.

License

This project is licensed under the GNU General Public License v3.0. See the LICENSE file for details.

Support

If you encounter issues with this container, please file an issue in the GitHub repository.