XNDV is a sandboxed, GPU-accelerated, terminal-first development environment. A ready-to-run box of overpowered dotfiles, like a living Awesome List of development tools, all wired into the same AI control plane.
Unify agentic tools through a local AI gateway for greater visibility, multi-provider resilience, OAuth-friendly logins, and optional local LLMs.
Run it as a:
- GPU-accelerated terminal with clipboard integration ← recommended
- TTY-only terminal for headless servers
- Full desktop environment in a window (x11docker)
- Docker-in-Docker environment for nested containers (sysbox)
Developed on and for Linux. Other platforms untested.
git clone https://github.com/xendarboh/xndv.git ~/src/xndv
cd ~/src/xndv
cp .env-example .env # edit to enable optional tools
cp -a conf.local-example conf.local # local overrides (see Customization)
make build
./bin.host/xndv- Open Source!
- Latest greatest terminal tools, LTS versions, vi-bindings
- Unified theming via tinty with native Neovim colorscheme sync
- Reproducible environment from Ubuntu base
- Security via sandboxing with analog control over isolation vs. functionality
| Dependency | Required For | Notes |
|---|---|---|
| docker or podman | Core | Container runtime |
| docker compose | Building | Build orchestration |
| make | Building | Recommended; or run Makefile commands manually |
| x11docker | max, min, sys modes |
Not needed for tty mode |
| sysbox | sys mode |
Recommended for Docker-in-Docker |
| rofi / dmenu / fzf | Launcher | Any one; detected in order |
| Nerd Font | tty mode |
Container provides fonts for GUI modes |
| Docker Model Runner | Local AI (optional) | GPU-accelerated inference via nvidia-container-toolkit, etc |
The bin.host/xndv launcher provides an interactive menu (via rofi, dmenu, or fzf) for selecting modes, naming containers, and toggling volume mounts.
| Mode | Description | X11 | GPU | Use Case |
|---|---|---|---|---|
max |
Most host integration, direct GPU | Yes | Direct | Daily development |
min |
Minimal host integration, fallback GPU | Yes | Fallback | Sandboxed agents, untrusted code |
sys |
Docker-in-Docker via sysbox | Yes | Fallback | Stronger isolation, run containers |
tty |
TTY-only, no X11 | No | No | Headless servers, SSH sessions |
All modes are containerized and sandboxed; the difference is capability and host integration.
Selector: The launcher probes for an available selector. Override with bin.host/xndv -s <selector>.
Run directly without the interactive menu, for example:
# GPU-accelerated terminal with clipboard
x11docker --gpu --clipboard --network --user=RETAIN -- --tmpfs=/tmp:exec -- xen/dev
# Full desktop in a window
x11docker --desktop --gpu --clipboard --network -- xen/dev
# TTY-only (no x11docker needed)
docker run -it --rm --network=host xen/devThe sys mode uses sysbox for secure, rootless Docker-in-Docker without --privileged.
Tradeoffs: No direct GPU (uses --gpu fallback), bridged networking (no --network=host).
Persistence: Inner Docker data stored at ~/.local/share/xndv/xndv/sysbox/docker.
{alias}— invoke via shell alias (likeomofor oh-my-opencode).
- x11docker: Secure GUI containers
- Sysbox: Rootless system containers, enabling Docker-in-Docker
- Xen: Elven Tech Wizard
- Neovim: Vim-fork focused on extensibility and usability
- LazyVim: Neovim config for the lazy (INSTALL_NVIM_LAZYVIM)
- avante.nvim: Use your Neovim like using Cursor AI IDE!
- better-escape.nvim: Escape from insert mode without delay
- gruvbox.nvim: Gruvbox colorscheme
- markdown-preview.nvim: Markdown preview plugin
- noir.nvim: Syntax highlighting and LSP for Noir
- nx.nvim: NX console features for Neovim
- smart-splits.nvim: Seamless navigation and resizing
- tinted-nvim: Tinty colorscheme sync with native fallback
- tokyonight.nvim: Tokyo Night colorscheme
- wakatime.nvim: Automatic time tracking
- LazyVim: Neovim config for the lazy (INSTALL_NVIM_LAZYVIM)
- aider: AI pair programming in your terminal (INSTALL_AIDER)
- aider.nvim: Neovim integration for aider
- claude-code: Agentic coding tool in your terminal (INSTALL_CLAUDECODE)
- GSD: Meta-prompting and spec-driven development system
- CLIProxyAPIPlus: OAuth adapter for login-based LLM providers
- Docker Model Runner (DMR): Run LLMs locally via Docker
- LiteLLM: Unified LLM proxy — 100+ providers, one endpoint, cost tracking, caching
- llmfit: Score and rank LLMs by hardware fit (RAM, CPU, GPU)
- Open WebUI: Chat UI for local LLMs
- OpenCode: Open source coding agent (INSTALL_OPENCODE)
{oc}- GSD: Meta-prompting and spec-driven development system
- oh-my-opencode: Batteries-included agent harness
{omo} - opentmux: Smart tmux integration for real-time agent panes
- opencode-notifier: Desktop notifications for OpenCode
- opencode-wakatime: OpenCode usage time tracking
- opencode.nvim: Neovim integration for opencode
- OpenPackage: Universal package manager for AI coding agent skills/rules/commands
- repomix: Pack repository into AI-friendly file
- tuicr: Human-in-the-loop code review TUI for AI-generated changes
- ack: Grep-like tool for searching code
- bat: A cat(1) clone with syntax highlighting
- btop: Resource monitor with GPU support
- exa: Modern replacement for 'ls'
- fd: Simple, fast alternative to 'find'
- fish-shell: User-friendly command line shell
- fish-exa: exa aliases for fish
- fish-nx: Fish completions for Nx
- fisher: Plugin manager for Fish
- nix-env.fish: Nix environment for fish (INSTALL_NIX)
- Shortcuts:
bgit branchsgit statusgggit grepglgit loggagit absorb --baseHEAD~N(auto-detect ahead count)gr [N]git interactive rebaseHEAD~N(auto-detect ahead count)fmfastmod --hiddenkt-*kitty kittenstctinty cycle configured themes
- fzf: Command-line fuzzy finder
- htop: Interactive process viewer
- jq: Command-line JSON processor
- ripgrep: Fast regex search respecting gitignore
- silversearcher-ag: Code search faster than ack
- ShellCheck: Shell script static analysis tool
- spacer: Insert spacers in command output
- starship: Minimal, fast, customizable prompt
- stow: Symlink farm manager
- tinty: Unified colorscheme manager for 70+ apps
- tmux: Terminal multiplexer
- tmux-resurrect: Persist environment across restarts
- tmux-window-name: Smart window naming
- tpm: Tmux Plugin Manager
- tree: Directory tree viewer
- zoxide: Smarter cd command
- diff-so-fancy: Best-lookin' diffs
- git: Latest stable version
- gh: GitHub's official CLI
- git-absorb: Automatic fixup commits
- git-crypt: Transparent file encryption [fork]
- git-filter-repo: Rewrite git history fast
- gfr-bfg-ish: BFG Repo Cleaner reimplementation
- gfr-clean-ignore: Remove gitignored files from history
- gfr-insert-beginning: Insert a file at history start
- gfr-lint-history: Lint all non-binary files across history
- gfr-signed-off-by: Add Signed-off-by tags to commit range
- git-lfs: Large file versioning
- lazygit: Terminal UI for git
{lz}
- Bun: Fast JS runtime, bundler, test runner, package manager
- Deno: Modern JavaScript/TypeScript runtime
- Go: The Go programming language
- LLVM: Clang toolchain (INSTALL_LLVM)
- Nix: Purely functional package manager (INSTALL_NIX)
- Node.js: JavaScript runtime
- fnm: Fast Node.js version manager
- npm-check-updates: Find newer package versions
- npm-check: Check for outdated dependencies
- pnpm: Fast, disk space efficient package manager
- yarn: Dependency management
- Python: Programming language
- uv: Extremely fast Python package and project manager
- Ruby: Dynamic programming language
- rake: Ruby build automation tool
- Rust: Reliable and efficient software
- cargo-edit: Manage cargo dependencies from CLI
- rust-analyzer: Rust compiler front-end for IDEs
- rustup: Rust toolchain installer
- circom: zkSnark circuit compiler (INSTALL_CIRCOM)
- Noir: DSL for zero knowledge proofs (INSTALL_NOIR)
- barretenberg: ZK prover backend
- Solidity: Smart contract language
- Ansible: IT automation
- AWS CLI v2: AWS interaction
- OpenTofu: Open source Terraform alternative
- Packer: Machine image builder
- terraform-local: Deploy to LocalStack
- Terraform: Infrastructure as code
- cpanminus: CPAN module installer
- cypress: Browser testing deps (INSTALL_CYPRESS_DEPS)
- fastmod: Large-scale codebase refactors
- ImageMagick: Image manipulation
- kpcli: KeePass CLI
- ncdu: NCurses Disk Usage
- ninja-build: Fast build system
- platformio-core: Embedded development (INSTALL_PLATFORMIO)
- prettier: Opinionated code formatter
- protobuf: Protocol Buffers (INSTALL_PB)
- buf: Modern protobuf workflow
- ranger: VIM-inspired file manager
- sqlite: SQL database engine
- tauri-cli: Build desktop apps (INSTALL_TAURI)
- Tomb: Crypto Undertaker (INSTALL_TOMB)
- tree-sitter-cli: Parser generator for syntax trees
- watchexec: Execute on file changes
- websocat: WebSocket CLI client
- Brave browser (INSTALL_BROWSER_BRAVE)
- Chromium (INSTALL_BROWSER_CHROMIUM)
- kitty: GPU-accelerated terminal
- Nerd Fonts: Developer fonts with icons
- Hack: Typeface for code
- xclip: X11 clipboard CLI
- Xfce: Lightweight desktop environment
- xfce4-notifyd: Desktop notification daemon
- xfce4-taskmanager: Process/task manager
- xfce4-terminal: Terminal emulator
- docker: The Docker CLI
- docker-compose: Orchestrate multi-container Docker apps
Scripts in bin/ are available inside the container:
- x-ai: Query a local LLM (via Docker Model Runner) directly from the terminal
- x-aztec-ai-tools: Setup a project with Aztec/Noir AI Tooling (MCP servers, skills, platform configs)
- x-git-commit: AI-generated conventional git commit messages
- auto-selects local LLM (DMR) when available, falls back to opencode
- opens editor (neovim) with N alternatives for final selection
- invoke from lazygit with
CTRL+a
Scripts in bin.host/ run on the host (outside the container):
- xndv: Interactive menu for managing the xndv environment
launch: Select mode, name container, toggle mounts, attach to running instancesclean: Disk monitor and selective cleanup for host-persistent directories
Optional tools installed on-demand via setup.d/:
- Aztec Toolchain: Privacy-first L2
- WhisperX: Speech recognition with timestamps
Edit .env to set versions and enable optional tools (copy from .env-example).
make build # Full image with X11 support
make build-tty # TTY-only image (smaller, no X11)
make help # All available targetsconf/— Built-in configs, shipped with xndv source, baked into imageconf.local/— Your customizations go here; gitignored, volume-mapped at runtime
Both directories are stow'd to the user's home directory at container start (ex: conf.local/.aws/ → ~/.aws/).
cp -a conf.local-example conf.localNotable files in conf.local/, for example:
| File | Purpose |
|---|---|
xndv/bash.sh |
Custom env vars (GH_TOKEN, FLEEK_API_KEY, etc.) |
xndv/directory_map.txt |
Path mappings for tmux/kitty CWD preservation |
.wakatime.cfg |
Wakatime/Wakapi config |
.aws/ |
AWS credentials |
Include xndv's git config conditionally:
# ~/.config/git/config
[includeIf "gitdir:/home/xndv"]
path = ~/src/xndv/conf/gitconfigColorschemes are managed by tinty, providing unified theming across apps.
Set OPTIONS_THEME in .env for the image build-time default.
Neovim listens for theme changes and applies the corresponding native plugin (tokyonight, gruvbox) when available.
Change theme at runtime:
tinty cycle # cycle through preferred schemes
tinty apply base24-tokyo-night-dark # or any scheme from `tinty list`Verify terminal capabilities with scripts in test/:
./test/truecolor.sh # Terminal color support
./test/glyphs.sh # Nerd font rendering
./test/italics.sh # Italic text
./test/gpg.sh # GPG volume mappingRun local AI model(s) with Docker Model Runner and interact via Open WebUI, OpenCode, or bin/x-ai. Optional, independent of the main xndv build.
# Edit MODELS_* vars in .env (see .env-example) to configure the model
make models-upAccess Open Webui at http://localhost:12444
Model downloads on first start. See docker model list and use docker model for management.
For more models, check out the published Docker Hub AI models or Hugging Face Transformers (compatible with Docker Model Runner). Pull any model with docker model pull and set MODELS_PRIMARY to your chosen image.
| Variable | Description |
|---|---|
MODELS_PRIMARY |
Model (any docker model pull compatible) |
MODELS_WEBUI_PORT |
Open WebUI port |
make models-up # Start docker containers (detached)
make models-down # Stop
make models-logs # Follow logs
make models-status # Show containersRoute LLM traffic through a local LiteLLM proxy for unified observability, cost tracking, and response caching across AI clients and model providers. This is an optional, independent component of the main environment.
cp conf.local-example/xndv/litellm.yaml conf.local/xndv/
# Edit conf.local/xndv/litellm.yaml for your setup
make gateway-up # on docker host
# set ENABLE_GATEWAY=1 in .env, then restart shell in containerAccess LiteLLM UI at http://localhost:4000
| Variable | Description |
|---|---|
ENABLE_GATEWAY |
Set to 1 to activate gateway routing in the container |
GATEWAY_MASTER_KEY |
LiteLLM master key (used as default client auth) |
GATEWAY_PROXY_PORT |
LiteLLM proxy port (default: 4000) |
GATEWAY_OAUTH_PORT |
CLIProxyAPIPlus OAuth port (default: 8317) |
GATEWAY_API_KEY_* |
Provider API keys passed to LiteLLM |
GATEWAY_CLIENT_BASE_URL |
Override gateway URL (default: http://${XNDV_HOSTNAME}:PORT) |
GATEWAY_CLIENT_API_KEY |
Override client auth key (default: GATEWAY_MASTER_KEY) |
XNDV_HOSTNAME is injected by the launcher at runtime so containers can reach host-exposed services across modes. It defaults to localhost in host-networked modes and host.docker.internal in isolated modes such as sys and min.
Route login-based providers through the gateway via CLIProxyAPIPlus:
cp conf.local-example/xndv/cliproxyapi.yaml conf.local/xndv/
make gateway-up
make gateway-login # see list of supported providers
make gateway-login PROVIDER=someprovider # one-time per account: follow the URL to authorizeSupports any provider available in CLIProxyAPIPlus. Run once per account. Re-run if a token is revoked or to add accounts for load balancing.
After logging in, uncomment the corresponding entries in conf.local/xndv/litellm.yaml and restart the gateway. Each model can have multiple deployments across providers and accounts — the gateway tries them in priority order, falling back to the next if one is rate-limited or down.
make gateway-up # Start gateway (detached)
make gateway-down # Stop
make gateway-logs # Follow logs
make gateway-status # Show containers
make gateway-login PROVIDER=<provider> # OAuth login