Run AI coding agents locally, contained
You don't need a separate box to get the isolation. Dejima runs on the laptop or workstation you already work on, putting each agent in its own container instead of loose on the machine you keep your life on. No remote server, no cloud, just walls around the agents.
Why contain an agent on your own machine
It's tempting to skip isolation when the agent is running right where you're sitting. That's exactly where the risk is highest, though, because your daily machine is where everything lives.
An agent running directly on your laptop can read every repo you have checked out, your ~/.ssh keys, your cloud credentials, your browser-adjacent secrets, and your shell history. One bad tool call or one prompt injection from something it fetched, and the blast radius is your whole working life. Running it in an island draws a real wall around it. The agent sees its own container and nothing of yours, unless you hand it a specific folder, read-only, through a broker that logs the crossing.
What you need
- Your Mac or Linux machine. On macOS and Windows that means Docker Desktop; on Linux, Docker. The installer sets this up if it's missing.
gitandcurl. That's it. No Tailscale, no remote anything, since everything is local.- API keys for the agents you run.
Install and run
curl -fsSL https://dejima.tech/install.sh | bash
This installs the binaries and runs the daemon as a local service. Then just start the TUI, which talks to the daemon on localhost with no host variable to set.
dejima
Work against your local repos
You probably have the code right there on disk, including work you haven't pushed. Point an island at a local path instead of a remote.
dejima init --local-copy ./my-project # copies your working tree into the island
dejima agent add my-project --type codex
The island gets its own copy of the tree, so an agent experimenting inside it can't touch your real checkout. When you like what it did, pull the changes out through git or dejima cp. Your original working directory stays exactly as you left it.
When to graduate to a dedicated box. Local is great for trying agents and for work you want to keep on your own machine. Once you want them running while your laptop is closed, or you don't want a fleet eating your RAM mid-meeting, move to a Mac mini, a Linux server, or a cloud VM. The commands are identical; only the box changes.
Common questions
Why run agents in a container on my own machine?
An agent running loose on your machine can read every repo, your SSH keys, and your shell history, with no record of what it touched. A container walls it off: it sees only its own island, and reaches your files only through folders you grant, read-only, with every crossing logged.
Can an agent mess up my local repo?
No, if you use dejima init --local-copy. The island gets its own copy of your working tree, so an agent experimenting inside it can't touch your real checkout. When you like the result, pull it out through git or dejima cp. Your original directory stays as you left it.
Do I need Tailscale to run Dejima locally?
No. Running on your own machine is all local, so there's no remote box and no Tailscale needed. You just need Docker, which the installer sets up, and the TUI talks to the daemon on localhost. Tailscale only matters when you reach a separate server.
Have an AI walk you through it
Paste this into your own AI and it'll guide you through the steps, adapted to your setup.
Other ways to run: Mac mini · a Linux server · your own cloud VM · all guides
