Daytona Setup

Overview

Daytona provides VM-level sandbox isolation. Each agent gets its own remote development environment with full OS isolation.

Prerequisites

• A Daytona account and API key
• A GitHub personal access token (for repo cloning in sandboxes)

Configuration

Credential commands:

tack auth add daytona
tack auth add github

If you manage the credentials file manually, the current structure is:

sandbox:
  daytona:
    type: api_key
    api_key: DAYTONA_API_KEY

git:
  type: pat
  host: github.com
  token: GITHUB_TOKEN

Configure your project to use Daytona:

# .tack/config.yaml
sandbox:
  provider: daytona
  daytona:
    snapshot: "snap_123"   # optional snapshot id

project_setup:
  commands:
    - "bun install"

daemon:
  external_url: "http://your-machine:9800"  # required for remote callbacks

How It Works

1. Tack creates a Daytona sandbox for each stream
2. The sandbox clones your repo and checks out a working branch
3. Git credentials are embedded for push/pull within the sandbox
4. Agents execute inside the sandbox via Daytona's API
5. After completion, branches are pushed to origin for merging

Snapshot Workflow

Tack includes helper commands for managing Daytona snapshots:

tack snapshot create
tack snapshot check
tack snapshot update

These commands help you create and refresh snapshots from the current repo state and project_setup.commands.

Sandbox Reuse And Recovery

Tack reuses sandboxes within a stream — if a fix-loop retry occurs, the same sandbox is used. The merger sandbox is shared across all streams in an objective for cumulative merging.

Recovery-aware behavior matters here too:

• gate failure reruns reuse the same stream sandbox
• reviewer-driven builder reruns reuse the same stream sandbox
• restarted runs reload Daytona sandboxes and keep the repo workdir stable
• blocked recovery can be resumed later without losing the stream sandbox context