Use case

Run coding agents on a remote or ephemeral host

Give a coding agent on a remote or ephemeral Linux host your real ~/Code and .env, and sync its edits back to every machine. Gate risky runs behind review.

Who this is for

Search intent: run coding agent on a remote host.

You run Claude Code, Cursor, Codex, or Aider on a Linux box or a throwaway cloud host, not on your laptop. The agent is not the problem. The host is. It starts empty: no source, no .env, no auth. So you script a clone and a key copy for every run, and whatever the agent produces is stranded on a box you are about to destroy.

Before and after

The status quo, and what changes once bowline is keeping this workspace in sync.

Today

  • Every agent host starts from an empty home directory: clone the repo, copy .env, re-auth the CLI, hope the base is current.
  • The agent works against whatever it could fetch, which is usually last night's commit, not your uncommitted work.
  • Edits live on the remote box. You commit them just to move them, or lose them when the host is torn down.
  • Risky refactors run straight against real state with no gate between the agent and your working tree.

With bowline

  • Approve the host once. Your ~/Code namespace, .env, and secrets are already there when the agent starts.
  • The agent edits the live tree, including files you never committed, and every change syncs to your laptop and desktop as it goes.
  • Tear the host down whenever you want. The work already landed everywhere else.
  • For risky runs, put the agent in an isolated overlay and use bowline review / bowline accept before anything touches your real ~/Code.

The setup

Install once, approve the device, and open the folder. No manifests and no keys to copy between machines.

01
curl -fsSL https://install.bowline.sh | sh

Install on the agent host, then run bowline login.

02
bowline connect agent-gpu-01

Approve the host once from a device you already trust.

03
cd ~/Code/acme/web && claude

Source and .env are present; the agent runs against the real project.

04
bowline review

For gated runs: inspect the overlay diff, then bowline accept.

What makes it work

The bowline capabilities that carry this workflow.

Env and secrets follow the project, encrypted, so pnpm dev and API calls work on the host without a key copy.

Agent leases scope how an ephemeral host holds and works your workspace.

Isolated overlays with bowline review / bowline accept for runs you don't want landing unreviewed.

Live edits snapshot and sync back to every trusted device as the agent works.

Common questions

Short answers to the questions this setup raises first.

Does the agent get my uncommitted work, or just what's pushed?

The whole working state (uncommitted edits, untracked files, config, and .env), not just committed history. The agent works against what is actually on your machine, so it doesn't start from a stale commit.

What happens to the agent's edits when I tear down the host?

They are already on your other devices. Every change the agent makes is snapshotted and synced to your laptop and desktop as it happens, so destroying the host loses nothing.

Can I stop an agent from writing straight to my real ~/Code?

Yes. Run it in an isolated overlay. Its changes accumulate in a sandbox, and nothing lands until you inspect the diff with bowline review and apply it with bowline accept.

Do I have to copy API keys onto the agent host?

No. Your .env files and secrets travel with the project, encrypted, and rematerialize as normal files only on hosts you have approved. The agent's tools authenticate as they would on your laptop.

ready when you are

Your ~/Code, on every machine and every agent.

Install bowline and your projects follow you. It just works.

Get started
curl -fsSL https://install.bowline.sh | sh

macOS app · Linux CLI. Then run bowline login.