This guide covers the deploy-claude-config Make target and localhost deployment support.
The deploy-claude-config target allows you to deploy both CLAUDE.md and settings.json configuration files to target VMs without running a full deployment. This is useful for:
- Updating Claude Code context on existing deployments
- Testing different CLAUDE.md templates
- Configuring Claude Code permissions with settings.json
- Quick configuration changes without infrastructure modifications
- Local testing before remote deployment
Deploy CLAUDE.md and settings.json with auto-detection based on installed components:
make deploy-claude-config VM_HOST=192.168.1.100 TARGET_USER=developerDeploy a specific CLAUDE.md template:
make deploy-claude-config VM_HOST=192.168.1.100 TARGET_USER=developer \
CLAUDE_CONFIG_TEMPLATE=config/CLAUDE.full.mdAvailable templates:
config/CLAUDE.common.md- Base template (included by all others)config/CLAUDE.minimal.md- For baseline deploymentsconfig/CLAUDE.enhanced.md- For enhanced deployments with MCP/Dockerconfig/CLAUDE.containerized.md- For containerized deploymentsconfig/CLAUDE.full.md- For full deployments with Kubernetes
Override existing CLAUDE.md and/or settings.json files:
# Override CLAUDE.md only
make deploy-claude-config VM_HOST=192.168.1.100 TARGET_USER=developer \
CLAUDE_CONFIG_FORCE_OVERRIDE=true
# Override settings.json only
make deploy-claude-config VM_HOST=192.168.1.100 TARGET_USER=developer \
CLAUDE_SETTINGS_FORCE_OVERRIDE=true
# Override both files
make deploy-claude-config VM_HOST=192.168.1.100 TARGET_USER=developer \
CLAUDE_CONFIG_FORCE_OVERRIDE=true \
CLAUDE_SETTINGS_FORCE_OVERRIDE=trueDeploy to your local machine without SSH:
make deploy-claude-config VM_HOST=localhost TARGET_USER=$USERThe system automatically detects localhost deployments when VM_HOST is set to:
localhost127.0.0.1
- No SSH Required: Uses Ansible local connection
- No Sudo Required: Runs with current user permissions
- Instant Testing: Test configurations locally before remote deployment
- Same Interface: Uses the same Make commands as remote deployments
-
Test locally first:
make deploy-claude-config VM_HOST=localhost TARGET_USER=$USER \ CLAUDE_CONFIG_TEMPLATE=config/CLAUDE.minimal.md -
Verify the deployment:
cat ~/.claude/CLAUDE.md -
Deploy to remote VM:
make deploy-claude-config VM_HOST=192.168.1.100 TARGET_USER=developer \ CLAUDE_CONFIG_TEMPLATE=config/CLAUDE.minimal.md
| Parameter | Description | Default |
|---|---|---|
VM_HOST |
Target host (IP or hostname) | Required |
TARGET_USER |
User on target system | Required |
CLAUDE_CONFIG_TEMPLATE |
Path to CLAUDE.md template file | Auto-detected |
CLAUDE_CONFIG_FORCE_OVERRIDE |
Force override existing CLAUDE.md | false |
| Parameter | Description | Default |
|---|---|---|
CLAUDE_SETTINGS_TEMPLATE |
Path to settings.json template | config/claude-settings.template.json |
CLAUDE_SETTINGS_FILE |
Path to external settings.json file | config/claude-settings.json |
CLAUDE_SETTINGS_FORCE_OVERRIDE |
Force override existing settings.json | false |
Note: Use either CLAUDE_SETTINGS_TEMPLATE for template files or CLAUDE_SETTINGS_FILE for external configuration files. CLAUDE_SETTINGS_TEMPLATE takes precedence if both are specified.
- Configuration Check: Validates required parameters
- Connection Test:
- For remote hosts: Tests SSH connectivity
- For localhost: Skips SSH checks
- Template Resolution:
- CLAUDE.md: If template specified, uses it; otherwise auto-detects based on deployment tier
- settings.json: Uses specified template or default config/claude-settings.template.json
- Deployment:
- Creates
~/.claude/directory if needed - For CLAUDE.md: Processes template includes and deploys
- For settings.json: Copies template directly
- Creates backups if overriding existing files
- Creates
When no template is specified, the system detects the deployment tier:
- Checks for Kubernetes tools → Uses
CLAUDE.full.md - Checks for Docker Compose → Uses
CLAUDE.containerized.md - Checks for Docker/MCP → Uses
CLAUDE.enhanced.md - Otherwise → Uses
CLAUDE.minimal.md
The default config/claude-settings.template.json includes comprehensive allow/deny rules:
- File operations: Read, Edit, Write, Glob, Grep, LS, find
- Development tools: Make, npm, node, python, git (including branch/merge), docker, kubectl
- Safe shell commands: ls, cat, grep, find, curl, wget (with restrictions)
- Project cleanup: rm -rf within current directory (./* and .//)
- SSH/SCP: Operations to localhost, 10.0.0., 192.168.1., 192.168.0.*
- AI tools: sequential-thinking, context7, web search/fetch
- Container operations: Docker commands, docker-compose, kubernetes
- Destructive commands: rm -rf /, disk formatting, fork bombs
- Security risks: Reverse shells, privilege escalation, credential exposure
- System modifications: User management, firewall disabling, kernel changes
- Dangerous git operations: Force push to main/master (basic push not included)
- System operations: Log deletion, crypto mining
- git push: Not included in allow rules (neither allowed nor denied - requires explicit permission)
Template inspired by claude-settings project
❌ Template file not found: config/CLAUDE.custom.md
💡 Available templates in config/:
config/CLAUDE.common.md
config/CLAUDE.enhanced.md
config/CLAUDE.full.md
config/CLAUDE.minimal.md
Solution: Check template path and spelling.
Status: Skipped - file exists (use claude_config_force_override=true to override)
Solution: Add CLAUDE_CONFIG_FORCE_OVERRIDE=true to override.
Full stack deployments to localhost may fail on non-Debian systems (e.g., macOS) due to:
- Different package managers
- System-specific paths
- Sudo requirements
Solution: Use deploy-claude-config for configuration-only deployments on non-Debian localhost.
- Test Locally First: Use localhost deployment to verify templates
- Use Version Control: Keep custom templates in version control
- Document Changes: Update templates with clear comments
- Backup Important Configs: System creates automatic backups when overriding
- CLAUDE Configuration Guide - Template creation and customization
- Make Targets Reference - Complete list of available targets
- Deployment Tiers - Understanding deployment levels