default unprivileged

2025-10-06 11:19:21 -05:00 · 2025-10-06 11:19:21 -05:00 · 00337b3bdf
commit 00337b3bdf
parent a30ef222d5
2 changed files with 18 additions and 2 deletions
--- a/registry/coder/modules/claude-code/main.tf
+++ b/registry/coder/modules/claude-code/main.tf
@ -204,6 +204,12 @@ variable "boundary_log_dir" {
  default     = "/tmp/boundary_logs"
 }

+variable "boundary_unprivileged" {
+  type        = bool
+  description = "Whether to use --unprivileged flag with coder boundary (recommended for security)"
+  default     = true
+}
+
 resource "coder_env" "claude_code_md_path" {
  count = var.claude_md_path == "" ? 0 : 1

@ -286,6 +292,7 @@ module "agentapi" {
     ARG_AI_PROMPT='${base64encode(var.ai_prompt)}' \
     ARG_ENABLE_BOUNDARY='${var.enable_boundary}' \
     ARG_BOUNDARY_LOG_DIR='${var.boundary_log_dir}' \
+     ARG_BOUNDARY_UNPRIVILEGED='${var.boundary_unprivileged}' \
     ARG_CODER_HOST='${local.coder_host}' \
     /tmp/start.sh
   EOT
--- a/registry/coder/modules/claude-code/scripts/start.sh
+++ b/registry/coder/modules/claude-code/scripts/start.sh
@ -17,6 +17,7 @@ ARG_WORKDIR=${ARG_WORKDIR:-"$HOME"}
 ARG_AI_PROMPT=$(echo -n "${ARG_AI_PROMPT:-}" | base64 -d)
 ARG_ENABLE_BOUNDARY=${ARG_ENABLE_BOUNDARY:-false}
 ARG_BOUNDARY_LOG_DIR=${ARG_BOUNDARY_LOG_DIR:-"/tmp/boundary_logs"}
+ARG_BOUNDARY_UNPRIVILEGED=${ARG_BOUNDARY_UNPRIVILEGED:-true}
 ARG_CODER_HOST=${ARG_CODER_HOST:-}

 echo "--------------------------------"
@ -30,6 +31,7 @@ printf "ARG_AI_PROMPT: %s\n" "$ARG_AI_PROMPT"
 printf "ARG_WORKDIR: %s\n" "$ARG_WORKDIR"
 printf "ARG_ENABLE_BOUNDARY: %s\n" "$ARG_ENABLE_BOUNDARY"
 printf "ARG_BOUNDARY_LOG_DIR: %s\n" "$ARG_BOUNDARY_LOG_DIR"
+printf "ARG_BOUNDARY_UNPRIVILEGED: %s\n" "$ARG_BOUNDARY_UNPRIVILEGED"
 printf "ARG_CODER_HOST: %s\n" "$ARG_CODER_HOST"

 echo "--------------------------------"
@ -84,9 +86,16 @@ function start_agentapi() {
  if [ "${ARG_ENABLE_BOUNDARY:-false}" = "true" ]; then
    mkdir -p "$ARG_BOUNDARY_LOG_DIR"
    printf "Starting with coder boundary enabled\n"
+    
+    # Build boundary args with conditional --unprivileged flag
+    BOUNDARY_ARGS=(--log-dir "$ARG_BOUNDARY_LOG_DIR")
+    if [ "${ARG_BOUNDARY_UNPRIVILEGED:-true}" = "true" ]; then
+      BOUNDARY_ARGS+=(--unprivileged)
+    fi
+    BOUNDARY_ARGS+=(--allow "*.anthropic.com" --allow "$ARG_CODER_HOST")
+    
    agentapi server --type claude --term-width 67 --term-height 1190 -- \
-      coder boundary --log-dir "$ARG_BOUNDARY_LOG_DIR" \
-      --allow "*.anthropic.com" --allow "$ARG_CODER_HOST" -- \
+      coder boundary "${BOUNDARY_ARGS[@]}" -- \
      claude "${ARGS[@]}"
  else
    agentapi server --type claude --term-width 67 --term-height 1190 -- claude "${ARGS[@]}"