Run coding agents on remote Docker containers. Your terminal is a thin client — everything executes on a pod. Encrypted end-to-end.
Your terminal Your VPS
┌──────────────────┐ encrypted WSS ┌──────────────────────┐
│ offload │ ◄─────────────────► │ offload swarm │
│ (thin terminal) │ PTY I/O stream │ │
│ │ │ ┌────────────────┐ │
│ stdin ───────────┼────────────────► │ │ Docker pod │ │
│ stdout ◄─────────┼──────────────── │ │ pi / claude │ │
│ │ │ └────────────────┘ │
└──────────────────┘ └──────────────────────┘
When you run offload, a Docker container is spun up (or claimed from a warm pool), and the agent launches inside it with a PTY. Your terminal streams keystrokes up and output back. All frames are encrypted with NaCl secretbox using a pre-shared passphrase.
# Install
npm install -g offload
# Create config
mkdir -p ~/.offload
cat > ~/.offload/config.json << 'EOF'
{
"passphrase": "your-secret-passphrase",
"command": "pi"
}
EOF
# Build the Docker image (one-time)
offload build
# Start the daemon
offload swarm
# Connect (in another terminal)
offload| Command | Description |
|---|---|
offload |
Connect to a pod and run the default command |
offload swarm |
Start the daemon and pod pool |
offload build |
Build the runner Docker image |
offload run "claude" |
Run a specific command in a pod |
offload status |
Show pool statistics |
offload attach <id> |
Reattach to a detached session |
Press Ctrl+\ to detach from a session — the pod stays alive. Reattach with offload attach <session-id>.
~/.offload/config.json:
{
"passphrase": "your-secret-passphrase",
"command": "pi",
"server": "ws://localhost:9876",
"port": 9876,
"host": "0.0.0.0",
"poolSize": 0,
"image": "offload/runner:latest"
}| Field | Description | Default |
|---|---|---|
passphrase |
Encryption key (required) | — |
command |
Default agent command | pi |
server |
Daemon URL (client-side) | ws://localhost:9876 |
port |
Listen port (daemon-side) | 9876 |
host |
Listen host (daemon-side) | 0.0.0.0 |
poolSize |
Warm pods to pre-create | 0 (on-demand) |
image |
Docker image for pods | offload/runner:latest |
dockerHost |
Docker socket path | auto-detected |
Set poolSize to a higher number (e.g. 5) if you want instant pod assignment without cold-start delay.
All config values can be overridden with environment variables: OFFLOAD_PASSPHRASE, OFFLOAD_SERVER, OFFLOAD_PORT, OFFLOAD_POOL_SIZE, OFFLOAD_IMAGE, OFFLOAD_COMMAND, DOCKER_HOST.
The daemon auto-forwards these env vars into pods:
ANTHROPIC_API_KEYOPENAI_API_KEYGOOGLE_API_KEYGROQ_API_KEYMISTRAL_API_KEY
Set them in your shell before running offload swarm.
| Layer | Protection |
|---|---|
| TLS (WSS) | Transport encryption |
| NaCl secretbox | E2E per-frame encryption |
| Pre-shared passphrase | Only matching clients can connect |
| Container isolation | Each session gets its own pod |
MIT