Cloud Runner
A cloud runner moves the Omnigent runner from your laptop to a remote container. Your agent keeps working after you close your laptop, in an isolated environment with cloud compute.
Looking to restrict what your agent can access on the filesystem and network instead? That's Omnibox.
| Local runner | Cloud runner | |
|---|---|---|
| Availability | Stops when laptop closes | Runs independently |
| Compute | Your CPU and memory | Cloud compute |
| Environment | Local files | Isolated, reproducible |
| Best for | Interactive work | Long-running tasks |
Omnigent currently supports Modal and Daytona as hosting platforms for cloud runners, with more on the way.
| Modal | Daytona | |
|---|---|---|
| Runner lifetime | 24 hours (platform cap) | No cap (runs until deleted) |
| Credential injection | Named secrets (Modal secret store) | Env vars copied from server |
| Free-tier egress | Full egress | Allowlisted domains only |
Server-managed (recommended)
Configure your server once and anyone on the team can launch a cloud runner from the web UI.
1. Install
pip install 'omnigent[modal]' # for Modal
pip install 'omnigent[daytona]' # for Daytona2. Set provider credentials
Modal: run modal setup to authenticate, or set MODAL_TOKEN_ID and MODAL_TOKEN_SECRET on the server.
Daytona: create an API key in the Daytona dashboard (Dashboard > Keys) and set it on the server:
export DAYTONA_API_KEY=dtn_…3. Configure the cloud runner
Add a sandbox section to your server config YAML (~/.omnigent/config.yaml on a laptop, /data/config.yaml in Docker). This is the same file where you define server-wide policies.
Only provider and server_url are required. The provider block is optional.
Modal:
sandbox:
provider: modal
server_url: https://your-server.example.com
modal:
image: ghcr.io/omnigent/omnigent-host:latest # optional, official image by default
secrets: [omnigent-llm] # Modal secrets with LLM API keyssecrets injects Modal secrets (API keys, gateway URLs) into the cloud runner. Values stay in Modal's secret store.
Daytona:
sandbox:
provider: daytona
server_url: https://your-server.example.com
daytona:
image: docker.io/you/omnigent-host:latest # optional, official image by default
env: [OPENAI_API_KEY, ANTHROPIC_API_KEY] # server env vars to copy into sandboxenv lists env var names to copy from the server's environment into each cloud runner. Values never live in the config file. A listed variable that isn't set fails the launch loudly.
Daytona free-tier egress: Daytona Tier 1/2 organizations restrict outbound traffic to a fixed allowlist. Your server_url and model endpoints must be reachable from Daytona's cloud. Tier 3+ ($500 usage top-up) lifts the restriction. On free tier, use a Cloudflare Worker relay on the allowlisted *.workers.dev domain (see deploy/daytona-relay/ in the repo). Modal has full egress on its entry tier.
4. Launch from the web UI
Start a new session and select New Sandbox in the host picker. The server provisions the cloud host, starts the runner, and connects it back automatically. This works the same on both hosting platforms.
CLI
Create and manage cloud runners from the command line. The commands are the same across hosting platforms, just switch the --provider flag.
omni sandbox create --provider modal # or --provider daytona
omni sandbox connect --provider modal \
--sandbox-id <id> --server <url>