registry

yamanin/registry

Fork 0

Commit Graph

Author	SHA1	Message	Date
35C4n0r	99510a1f75	feat(coder/modules/boundary): add agent-firewall module (#840 ) ## Description Extracts boundary installation and wrapper logic into a standalone `coder/agent-firewall` module, decoupling it from `agentapi`. ### Why Boundary is currently embedded inside `agentapi` (`scripts/boundary.sh`) and duplicated in `claude-code`. This couples network isolation to the AI/Tasks stack, but boundary is a general-purpose primitive — users running a plain agent with no agentapi or tasks should be able to use it too. ### What this adds `registry/coder/modules/agent-firewall/` — a new first-class module that: * Installs boundary via one of three strategies: 1. `coder boundary` subcommand (default, zero-install) 2. Direct binary from release (`use_agent_firewall_directly = true`) 3. Compiled from source (`compile_agent_firewall_from_source = true`) * Ships a comprehensive [default allowlist config](registry/coder/modules/agent-firewall/config.yaml.tftpl) (Anthropic, OpenAI, VCS, package managers, cloud platforms, etc.) * Auto-fills the Coder deployment domain via `data.coder_workspace.me.access_url` * Supports inline config (`agent_firewall_config`) or external file (`agent_firewall_config_path`), mutually exclusive with cross-variable validation * Creates a wrapper script at `$HOME/.coder-modules/coder/agent-firewall/scripts/agent-firewall-wrapper.sh` * Strips `CAP_NET_ADMIN` from the coder binary (copies to `coder-no-caps`) to allow execution inside network namespaces without `sys_admin` * Supports `pre_install_script` / `post_install_script` hooks * Exposes `agent_firewall_wrapper_path`, `agent_firewall_config_path`, and `scripts` outputs for script coordination * No env vars exported — everything is output-only ### Usage ```tf module "agent-firewall" { source = "registry.coder.com/coder/agent-firewall/coder" version = "0.0.1" agent_id = coder_agent.main.id } ``` Works standalone with any agent — no agentapi dependency required. ### Testing * 8 Terraform plan tests (`agent-firewall.tftest.hcl`): default outputs, compile from source, use directly, custom hooks, custom module directory, inline config, external config path, mutual exclusion validation * TypeScript integration tests (`main.test.ts`): state verification, coder subcommand happy path, inline config, config path skip, custom hooks, env var absence, wrapper execution, idempotent installation ## Type of Change - [X] New module ## Module Information Path: `registry/coder/modules/agent-firewall` <br>New version: `v0.0.1` <br>Breaking change: No ## Related Issues Closes coder/registry#844 🤖 Generated by Coder Agents --------- Co-authored-by: Jay Kumar <jay.kumar@coder.com>	2026-05-10 06:23:37 +00:00

Author

SHA1

Message

Date

35C4n0r

99510a1f75

feat(coder/modules/boundary): add agent-firewall module (#840 )

## Description

Extracts boundary installation and wrapper logic into a standalone
`coder/agent-firewall` module, decoupling it from `agentapi`.

### Why

Boundary is currently embedded inside `agentapi` (`scripts/boundary.sh`)
and duplicated in `claude-code`. This couples network isolation to the
AI/Tasks stack, but boundary is a general-purpose primitive — users
running a plain agent with no agentapi or tasks should be able to use it
too.

### What this adds

`registry/coder/modules/agent-firewall/` — a new first-class module
that:

* Installs boundary via one of three strategies:
  1. `coder boundary` subcommand (default, zero-install)
  2. Direct binary from release (`use_agent_firewall_directly = true`)
  3. Compiled from source (`compile_agent_firewall_from_source = true`)
* Ships a comprehensive [default allowlist
config](registry/coder/modules/agent-firewall/config.yaml.tftpl)
(Anthropic, OpenAI, VCS, package managers, cloud platforms, etc.)
* Auto-fills the Coder deployment domain via
`data.coder_workspace.me.access_url`
* Supports inline config (`agent_firewall_config`) or external file
(`agent_firewall_config_path`), mutually exclusive with cross-variable
validation
* Creates a wrapper script at
`$HOME/.coder-modules/coder/agent-firewall/scripts/agent-firewall-wrapper.sh`
* Strips `CAP_NET_ADMIN` from the coder binary (copies to
`coder-no-caps`) to allow execution inside network namespaces without
`sys_admin`
* Supports `pre_install_script` / `post_install_script` hooks
* Exposes `agent_firewall_wrapper_path`, `agent_firewall_config_path`,
and `scripts` outputs for script coordination
* No env vars exported — everything is output-only

### Usage

```tf
module "agent-firewall" {
  source   = "registry.coder.com/coder/agent-firewall/coder"
  version  = "0.0.1"
  agent_id = coder_agent.main.id
}
```

Works standalone with any agent — no agentapi dependency required.

### Testing

* 8 Terraform plan tests (`agent-firewall.tftest.hcl`): default outputs,
compile from source, use directly, custom hooks, custom module
directory, inline config, external config path, mutual exclusion
validation
* TypeScript integration tests (`main.test.ts`): state verification,
coder subcommand happy path, inline config, config path skip, custom
hooks, env var absence, wrapper execution, idempotent installation

## Type of Change

- [X] New module

## Module Information

**Path:** `registry/coder/modules/agent-firewall` <br>**New version:**
`v0.0.1` <br>**Breaking change:** No

## Related Issues

Closes coder/registry#844

🤖 Generated by Coder Agents

---------

Co-authored-by: Jay Kumar <jay.kumar@coder.com>

2026-05-10 06:23:37 +00:00

1 Commits