Daytona

Run your agents in a managed Daytona cloud sandbox (default 2 vCPU / 4 GB RAM / 8 GB disk) when the work outgrows your laptop or a teammate needs to attach — no local Docker needed. Each box is a remote Daytona sandbox you drive with the same agentbox commands as a local box, seeded from your host repo with renewable agent tokens on a shared per-org volume. Heads up: Daytona's snapshot/checkpoint path is still slow and experimental, and a running box bills per-second (no free pause).

Switch per box with --provider daytona, or pin it project-wide with box.provider: daytona in agentbox.yaml. Comparing options? See local-docker, hetzner, vercel, and e2b.

Set up

The easiest path is the interactive wizard — it signs you in and bakes the base snapshot in one flow:

agentbox install        # then select daytona

Approve the browser sign-in when prompted (or paste a DAYTONA_API_KEY; an optional DAYTONA_ORGANIZATION_ID can also be entered). Credentials persist to ~/.agentbox/secrets.env; project .env files are never harvested. install also bakes the base snapshot (a one-time agentbox prepare --provider daytona under the hood) with the AgentBox runtime — agentbox-ctl, the agents, tmux — so every new box boots in seconds instead of eating a ~7-minute cold Dockerfile build.

For CI or scripted setup, run the explicit equivalents:

agentbox daytona login                 # credentials only
agentbox prepare --provider daytona    # bake the base snapshot

Use it

agentbox daytona claude

agentbox daytona create|claude|codex|opencode is sugar for the same command with --provider daytona.

Prepare image

Unlike Docker, Daytona does not auto-build the box image on first create. Run agentbox prepare --provider daytona once per org: it builds a base snapshot server-side (runtime + your agent static config — plugins, skills, settings, Codex/OpenCode config) and pins it into project config as box.image, so later creates boot in seconds.

# one-off, ~7 min — bakes the base snapshot
agentbox prepare --provider daytona

When you upgrade AgentBox, create --provider daytona notices if the new install would bake a different snapshot (the comparison is checksum-based on the baked files — CLI version strings on their own don't count) and offers to rebake inline; with -y or non-TTY it instead warns loudly and boots on the existing snapshot. agentbox daytona login also nudges you toward agentbox prepare --provider daytona on the first successful login.

See CLI commands for all flags.

The base snapshot is shared org-wide and holds only runtime + agent config. A later project setup snapshot captured with agentbox checkpoint create also includes /workspace. See checkpoints & pausing.

Workspace seeding

Docker bind-mounts your .git/; Daytona can't, so each box is seeded from a host git clone plus your uncommitted and untracked files. Booting from a checkpoint skips the seed entirely. See teleport a project for how files reach the box.

Credentials & resync

Agent static config is baked into the snapshot at prepare time. Renewable tokens (Claude .credentials.json, Codex/OpenCode auth.json) live on a shared per-org volume, kept separate so they refresh without republishing the snapshot.

After re-authing an agent on the host, run agentbox daytona resync to re-upload the tokens.

# re-upload all agent credentials after a host re-auth
agentbox daytona resync

See run an agent for logging agents in on the host first, and CLI commands for all flags.

Preview URLs

Cloud boxes run the same @agentbox/relay in box mode, reached over preview URLs:

• Signed — token embedded in the URL; a browser attaches by click. Used by agentbox url and agentbox screen.
• Header-token — used by programmatic clients (the poller, cp/upload helpers).
• Per-service — every services.*.expose.port in agentbox.yaml gets its own URL, alongside the WebProxy URL on port 8080.

# open / print the box's web preview URL
agentbox url

# the noVNC desktop (port 6080)
agentbox screen

Checkpoints & snapshots

Cloud checkpoints map to Daytona snapshots, each paired with a local host manifest. The box must be running to capture one, so AgentBox resumes or starts it first.

# capture /workspace state (deps installed, DB seeded, …) and make it the default
agentbox checkpoint create --set-default

--set-default writes box.defaultCheckpointDaytona, a per-provider key so Docker creates in the same project don't pick up a snapshot they can't resolve. Booting from a snapshot skips workspace seeding entirely — cold create is seconds.

# boot a fresh box straight from a saved snapshot (no reseed)
agentbox create --provider daytona --checkpoint setup

Two differences from Docker: there is no --merged (Daytona snapshots are flattened by construction) and no --replace (deletes are async — checkpoint rm then recreate). Full mechanics live in checkpoints & pausing.

Specs

Caveats

• Custom --size only applies on the from-image create — snapshot-based creates inherit the snapshot's baked size, so bake the size you want at first create or prepare time.
• No base image auto-build — prepare --provider daytona is required, unlike Docker.
• No live stats — agentbox top and dashboard render — for cloud CPU/mem and no live attach pane.
• Destroy lag in the dashboard — the resource is gone immediately, but the Daytona web UI lags ~30s (cosmetic).
• download.env|config|claude not implemented for cloud — download.workspace works.

# find and clean up Daytona sandboxes AgentBox no longer tracks
agentbox prune --provider daytona

Every command honors box.provider, so once a project pins Daytona the whole CLI routes there. Flag-level detail is in the CLI reference; the per-provider config keys (box.imageDaytona, box.sizeDaytona, box.defaultCheckpointDaytona, box.bundleDepth, box.provider) are in configuration.