Configure Claude Code for sandboxed workspaces

- Add credentials bind mount in container.nix
- Create claude-credentials-dir service to copy credentials for VMs
- Generate .claude.json with onboarding skipped and workspace trusted
- Add allowUnfree to container config

common/sandboxed-workspace/container.nix

@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, lib, pkgs, ... }:
 
 # Container-specific configuration for sandboxed workspaces using systemd-nspawn
 # This module is imported by default.nix for workspaces with type = "container"
@@ -47,10 +47,16 @@ in
             hostPath = "/home/googlebot/sandboxed/${name}/ssh-host-keys";
             isReadOnly = false;
           };
+          # Per-workspace claude config for isolated session data
           "/home/googlebot/claude-config" = {
             hostPath = "/home/googlebot/sandboxed/${name}/claude-config";
             isReadOnly = false;
           };
+          # Share credentials from host (read-only)
+          "/home/googlebot/claude-config/.credentials.json" = {
+            hostPath = "/home/googlebot/.claude/.credentials.json";
+            isReadOnly = true;
+          };
         };
 
         config = { config, lib, pkgs, ... }: {
@@ -65,6 +71,8 @@ in
           ];
 
           networking.useHostResolvConf = false;
+
+          nixpkgs.config.allowUnfree = true;
         };
       })
       containerWorkspaces;