feat(coder/modules/agentapi): add state persistence support (#736 )

AgentAPI can now save and restore conversation state across workspace restarts. The module exports env vars (AGENTAPI_STATE_FILE, AGENTAPI_SAVE_STATE, AGENTAPI_LOAD_STATE, AGENTAPI_PID_FILE) that the binary reads directly. No consumer module changes needed. New variables: enable_state_persistence (default false), state_file_path, pid_file_path. State and PID files default to $HOME/<module_dir_name>/. Requires agentapi >= v0.12.0. A shared version_at_least function in lib.sh gates the env var exports and SIGUSR1 in the shutdown script. Old binaries get a warning and graceful skip. Shutdown script now does SIGUSR1 (state save), log snapshot capture (existing, now fault-tolerant via subshell), then SIGTERM with wait. Closes coder/internal#1257 Refs coder/internal#1256 Refs #696
maintenance(coder-labs/modules/codex): skip migration notice and add agentapi type flag (#781 )
2026-06-03 13:08:14 +00:00 · 2026-03-03 13:27:23 +02:00 · 2026-03-03 10:35:45 +05:30 · 2026-03-02 10:07:58 +05:00 · 2026-02-27 14:48:55 -06:00 · 2026-02-27 11:15:47 -06:00
47 changed files with 1026 additions and 1052 deletions
@@ -1 +1,11 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="135" height="62" fill="none" viewBox="0 0 135 62"><path fill="#fff" d="M3.168 48V22.272H9.648L9.888 28.464L9.216 28.176C9.568 26.8 10.096 25.632 10.8 24.672C11.536 23.712 12.416 22.976 13.44 22.464C14.464 21.952 15.584 21.696 16.8 21.696C18.944 21.696 20.672 22.32 21.984 23.568C23.328 24.816 24.192 26.496 24.576 28.608L23.664 28.656C23.952 27.152 24.448 25.888 25.152 24.864C25.888 23.808 26.784 23.024 27.84 22.512C28.896 21.968 30.08 21.696 31.392 21.696C33.184 21.696 34.72 22.064 36 22.8C37.28 23.536 38.272 24.64 38.976 26.112C39.68 27.552 40.032 29.328 40.032 31.44V48H32.832V33.456C32.832 31.44 32.528 29.936 31.92 28.944C31.312 27.92 30.32 27.408 28.944 27.408C28.08 27.408 27.344 27.648 26.736 28.128C26.128 28.608 25.648 29.312 25.296 30.24C24.976 31.136 24.816 32.24 24.816 33.552V48H18.336V33.552C18.336 31.568 18.048 30.048 17.472 28.992C16.896 27.936 15.904 27.408 14.496 27.408C13.632 27.408 12.88 27.648 12.24 28.128C11.632 28.608 11.168 29.312 10.848 30.24C10.528 31.168 10.368 32.272 10.368 33.552V48H3.168ZM54.2254 48.576C51.5694 48.576 49.4894 47.728 47.9854 46.032C46.5134 44.304 45.7774 41.904 45.7774 38.832V22.272H52.9774V37.152C52.9774 39.136 53.2814 40.592 53.8894 41.52C54.4974 42.416 55.4574 42.864 56.7694 42.864C58.2414 42.864 59.3774 42.368 60.1774 41.376C61.0094 40.352 61.4254 38.832 61.4254 36.816V22.272H68.6254V48H62.0494L61.8574 40.608L62.7694 40.8C62.3854 43.36 61.4734 45.296 60.0334 46.608C58.5934 47.92 56.6574 48.576 54.2254 48.576ZM72.8486 48L82.0166 34.944L73.0886 22.272H80.7206L86.2406 30.528L91.5686 22.272H99.3926L90.5126 34.992L99.6326 48H92.0006L86.3366 39.264L80.6246 48H72.8486Z"/><rect width="26" height="35" x="109" y="13" fill="#fff"/></svg>
+<svg width="256" height="256" viewBox="0 0 256 256" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g clip-path="url(#clip0_147_2)">
+<path d="M162.358 73H257V182H162.358V73Z" fill="white"/>
+<path d="M0 182V78.4618H26.039L27.0034 103.381L24.3033 102.221C25.7177 96.6843 27.8391 91.9835 30.6684 88.1202C33.6255 84.2569 37.1618 81.2949 41.2769 79.2343C45.3914 77.1742 49.8921 76.1439 54.7785 76.1439C63.3938 76.1439 70.3377 78.6552 75.6097 83.6773C81.0105 88.6998 84.4824 95.4606 86.0251 103.96L82.3606 104.153C83.518 98.1008 85.5112 93.0138 88.3401 88.8931C91.2976 84.6431 94.8978 81.4883 99.1411 79.4277C103.385 77.2387 108.143 76.1439 113.415 76.1439C120.615 76.1439 126.788 77.6249 131.931 80.5869C137.075 83.5488 141.061 87.9913 143.89 93.9152C146.719 99.7102 148.133 106.858 148.133 115.357V182H119.201V123.47C119.201 115.357 117.98 109.305 115.536 105.312C113.093 101.191 109.107 99.1311 103.577 99.1311C100.106 99.1311 97.1484 100.097 94.7052 102.029C92.262 103.96 90.3332 106.793 88.9188 110.528C87.6326 114.134 86.9895 118.577 86.9895 123.857V182H60.9506V123.857C60.9506 115.872 59.7936 109.755 57.4787 105.505C55.1642 101.256 51.1779 99.1311 45.5202 99.1311C42.0482 99.1311 39.0263 100.097 36.4548 102.029C34.0117 103.96 32.1472 106.793 30.861 110.528C29.5753 114.262 28.9322 118.705 28.9322 123.857V182H0Z" fill="white"/>
+</g>
+<defs>
+<clipPath id="clip0_147_2">
+<rect width="256" height="256" fill="white"/>
+</clipPath>
+</defs>
+</svg>
@@ -13,7 +13,7 @@ Run Codex CLI in your workspace to access OpenAI's models through the Codex inte
 ```tf
 module "codex" {
  source         = "registry.coder.com/coder-labs/codex/coder"
-  version        = "4.1.1"
+  version        = "4.1.2"
  agent_id       = coder_agent.example.id
  openai_api_key = var.openai_api_key
  workdir        = "/home/coder/project"
@@ -32,7 +32,7 @@ module "codex" {
 module "codex" {
  count          = data.coder_workspace.me.start_count
  source         = "registry.coder.com/coder-labs/codex/coder"
-  version        = "4.1.1"
+  version        = "4.1.2"
  agent_id       = coder_agent.example.id
  openai_api_key = "..."
  workdir        = "/home/coder/project"
@@ -51,7 +51,7 @@ For tasks integration with AI Bridge, add `enable_aibridge = true` to the [Usage
 ```tf
 module "codex" {
  source          = "registry.coder.com/coder-labs/codex/coder"
-  version         = "4.1.1"
+  version         = "4.1.2"
  agent_id        = coder_agent.example.id
  workdir         = "/home/coder/project"
  enable_aibridge = true
@@ -94,7 +94,7 @@ data "coder_task" "me" {}

 module "codex" {
  source         = "registry.coder.com/coder-labs/codex/coder"
-  version        = "4.1.1"
+  version        = "4.1.2"
  agent_id       = coder_agent.example.id
  openai_api_key = "..."
  ai_prompt      = data.coder_task.me.prompt
@@ -112,7 +112,7 @@ This example shows additional configuration options for custom models, MCP serve
 ```tf
 module "codex" {
  source         = "registry.coder.com/coder-labs/codex/coder"
-  version        = "4.1.1"
+  version        = "4.1.2"
  agent_id       = coder_agent.example.id
  openai_api_key = "..."
  workdir        = "/home/coder/project"
@@ -464,22 +464,13 @@ describe("codex", async () => {
    });

    await execModuleScript(id);
-
-    const startLog = await readFileContainer(
-      id,
-      "/home/coder/.codex-module/agentapi-start.log",
-    );
-
    const configToml = await readFileContainer(
      id,
      "/home/coder/.codex/config.toml",
    );
-    expect(startLog).toContain("AI Bridge is enabled, using profile aibridge");
-    expect(startLog).toContain(
-      "Starting Codex with arguments: --profile aibridge",
-    );
    expect(configToml).toContain(
      "[profiles.aibridge]\n" + 'model_provider = "aibridge"',
    );
+    expect(configToml).toContain('profile = "aibridge"');
  });
 });
@@ -136,8 +136,8 @@ variable "agentapi_version" {

 variable "codex_model" {
  type        = string
-  description = "The model for Codex to use. Defaults to gpt-5.2-codex."
-  default     = "gpt-5.2-codex"
+  description = "The model for Codex to use. Defaults to gpt-5.3-codex."
+  default     = "gpt-5.3-codex"
 }

 variable "pre_install_script" {
@@ -184,12 +184,13 @@ resource "coder_env" "coder_aibridge_session_token" {
 }

 locals {
-  workdir         = trimsuffix(var.workdir, "/")
-  app_slug        = "codex"
-  install_script  = file("${path.module}/scripts/install.sh")
-  start_script    = file("${path.module}/scripts/start.sh")
-  module_dir_name = ".codex-module"
-  aibridge_config = <<-EOF
+  workdir            = trimsuffix(var.workdir, "/")
+  app_slug           = "codex"
+  install_script     = file("${path.module}/scripts/install.sh")
+  start_script       = file("${path.module}/scripts/start.sh")
+  module_dir_name    = ".codex-module"
+  latest_codex_model = "gpt-5.3-codex"
+  aibridge_config    = <<-EOF
  [model_providers.aibridge]
  name = "AI Bridge"
  base_url = "${data.coder_workspace.me.access_url}/api/v2/aibridge/openai/v1"
@@ -249,6 +250,8 @@ module "agentapi" {
    chmod +x /tmp/install.sh
    ARG_OPENAI_API_KEY='${var.openai_api_key}' \
    ARG_REPORT_TASKS='${var.report_tasks}' \
+    ARG_CODEX_MODEL='${var.codex_model}' \
+    ARG_LATEST_CODEX_MODEL='${local.latest_codex_model}' \
    ARG_INSTALL='${var.install_codex}' \
    ARG_CODEX_VERSION='${var.codex_version}' \
    ARG_BASE_CONFIG_TOML='${base64encode(var.base_config_toml)}' \
@@ -20,6 +20,8 @@ echo "=== Codex Module Configuration ==="
 printf "Install Codex: %s\n" "$ARG_INSTALL"
 printf "Codex Version: %s\n" "$ARG_CODEX_VERSION"
 printf "App Slug: %s\n" "$ARG_CODER_MCP_APP_STATUS_SLUG"
+printf "Codex Model: %s\n" "${ARG_CODEX_MODEL:-"Default"}"
+printf "Latest Codex Model: %s\n" "${ARG_LATEST_CODEX_MODEL}"
 printf "Start Directory: %s\n" "$ARG_CODEX_START_DIRECTORY"
 printf "Has Base Config: %s\n" "$([ -n "$ARG_BASE_CONFIG_TOML" ] && echo "Yes" || echo "No")"
 printf "Has Additional MCP: %s\n" "$([ -n "$ARG_ADDITIONAL_MCP_SERVERS" ] && echo "Yes" || echo "No")"
@@ -90,15 +92,25 @@ function install_codex() {

 write_minimal_default_config() {
  local config_path="$1"
+
+  ARG_DEFAULT_PROFILE=""
+
+  if [[ "${ARG_ENABLE_AIBRIDGE}" = "true" ]]; then
+    ARG_DEFAULT_PROFILE='profile = "aibridge"'
+  fi
+
  cat << EOF > "$config_path"
 # Minimal Default Codex Configuration
 sandbox_mode = "workspace-write"
 approval_policy = "never"
 preferred_auth_method = "apikey"
+${ARG_DEFAULT_PROFILE}

 [sandbox_workspace_write]
 network_access = true

+[notice.model_migrations]
+"${ARG_CODEX_MODEL}" = "${ARG_LATEST_CODEX_MODEL}"
 EOF
 }

@@ -155,11 +155,8 @@ setup_workdir() {
 build_codex_args() {
  CODEX_ARGS=()

-  if [ "$ARG_ENABLE_AIBRIDGE" = "true" ]; then
-    printf "AI Bridge is enabled, using profile aibridge\n"
-    CODEX_ARGS+=("--profile" "aibridge")
-  elif [ -n "$ARG_CODEX_MODEL" ]; then
-    CODEX_ARGS+=("--model" "$ARG_CODEX_MODEL")
+  if [[ -n "${ARG_CODEX_MODEL}" ]] && [[ "${ARG_ENABLE_AIBRIDGE}" != "true" ]]; then
+    CODEX_ARGS+=("--model" "${ARG_CODEX_MODEL}")
  fi

  if [ "$ARG_CONTINUE" = "true" ]; then
@@ -213,7 +210,7 @@ capture_session_id() {

 start_codex() {
  printf "Starting Codex with arguments: %s\n" "${CODEX_ARGS[*]}"
-  agentapi server --term-width 67 --term-height 1190 -- codex "${CODEX_ARGS[@]}" &
+  agentapi server --type codex --term-width 67 --term-height 1190 -- codex "${CODEX_ARGS[@]}" &
  capture_session_id
 }

@@ -16,7 +16,7 @@ The AgentAPI module is a building block for modules that need to run an AgentAPI
 ```tf
 module "agentapi" {
  source  = "registry.coder.com/coder/agentapi/coder"
-  version = "2.1.0"
+  version = "2.2.0"

  agent_id             = var.agent_id
  web_app_slug         = local.app_slug
@@ -62,6 +62,33 @@ module "agentapi" {
 }
 ```

+## State Persistence
+
+AgentAPI can save and restore conversation state across workspace restarts.
+This is disabled by default and requires agentapi binary >= v0.12.0.
+
+State and PID files are stored in `$HOME/<module_dir_name>/` alongside other
+module files (e.g. `$HOME/.claude-module/agentapi-state.json`).
+
+To enable:
+
+```tf
+module "agentapi" {
+  # ... other config
+  enable_state_persistence = true
+}
+```
+
+To override file paths:
+
+```tf
+module "agentapi" {
+  # ... other config
+  state_file_path = "/custom/path/state.json"
+  pid_file_path   = "/custom/path/agentapi.pid"
+}
+```
+
 ## For module developers

 For a complete example of how to use this module, see the [Goose module](https://github.com/coder/registry/blob/main/registry/coder/modules/goose/main.tf).
@@ -0,0 +1,108 @@
+mock_provider "coder" {}
+
+variables {
+  agent_id             = "test-agent"
+  web_app_icon         = "/icon/test.svg"
+  web_app_display_name = "Test"
+  web_app_slug         = "test"
+  cli_app_display_name = "Test CLI"
+  cli_app_slug         = "test-cli"
+  start_script         = "echo test"
+  module_dir_name      = ".test-module"
+}
+
+run "default_values" {
+  command = plan
+
+  assert {
+    condition     = var.enable_state_persistence == false
+    error_message = "enable_state_persistence should default to false"
+  }
+
+  assert {
+    condition     = var.state_file_path == ""
+    error_message = "state_file_path should default to empty string"
+  }
+
+  assert {
+    condition     = var.pid_file_path == ""
+    error_message = "pid_file_path should default to empty string"
+  }
+
+  # Verify start script contains state persistence ARG_ vars.
+  assert {
+    condition     = can(regex("ARG_ENABLE_STATE_PERSISTENCE", coder_script.agentapi.script))
+    error_message = "start script should contain ARG_ENABLE_STATE_PERSISTENCE"
+  }
+
+  assert {
+    condition     = can(regex("ARG_STATE_FILE_PATH", coder_script.agentapi.script))
+    error_message = "start script should contain ARG_STATE_FILE_PATH"
+  }
+
+  assert {
+    condition     = can(regex("ARG_PID_FILE_PATH", coder_script.agentapi.script))
+    error_message = "start script should contain ARG_PID_FILE_PATH"
+  }
+
+  # Verify shutdown script contains PID-related ARG_ vars.
+  assert {
+    condition     = can(regex("ARG_PID_FILE_PATH", coder_script.agentapi_shutdown.script))
+    error_message = "shutdown script should contain ARG_PID_FILE_PATH"
+  }
+
+  assert {
+    condition     = can(regex("ARG_MODULE_DIR_NAME", coder_script.agentapi_shutdown.script))
+    error_message = "shutdown script should contain ARG_MODULE_DIR_NAME"
+  }
+
+  assert {
+    condition     = can(regex("ARG_ENABLE_STATE_PERSISTENCE", coder_script.agentapi_shutdown.script))
+    error_message = "shutdown script should contain ARG_ENABLE_STATE_PERSISTENCE"
+  }
+}
+
+run "state_persistence_disabled" {
+  command = plan
+
+  variables {
+    enable_state_persistence = false
+  }
+
+  assert {
+    condition     = var.enable_state_persistence == false
+    error_message = "enable_state_persistence should be false"
+  }
+
+  # Even when disabled, the ARG_ vars should still be in the script
+  # (the shell script handles the conditional logic).
+  assert {
+    condition     = can(regex("ARG_ENABLE_STATE_PERSISTENCE='false'", coder_script.agentapi.script))
+    error_message = "start script should contain ARG_ENABLE_STATE_PERSISTENCE='false'"
+  }
+}
+
+run "custom_paths" {
+  command = plan
+
+  variables {
+    state_file_path = "/custom/state.json"
+    pid_file_path   = "/custom/agentapi.pid"
+  }
+
+  assert {
+    condition     = can(regex("/custom/state.json", coder_script.agentapi.script))
+    error_message = "start script should contain custom state_file_path"
+  }
+
+  assert {
+    condition     = can(regex("/custom/agentapi.pid", coder_script.agentapi.script))
+    error_message = "start script should contain custom pid_file_path"
+  }
+
+  # Verify custom paths also appear in shutdown script.
+  assert {
+    condition     = can(regex("/custom/agentapi.pid", coder_script.agentapi_shutdown.script))
+    error_message = "shutdown script should contain custom pid_file_path"
+  }
+}
@@ -258,11 +258,76 @@ describe("agentapi", async () => {
    expect(agentApiStartLog).toContain("AGENTAPI_ALLOWED_HOSTS: *");
  });

+  test("state-persistence-disabled", async () => {
+    const { id } = await setup({
+      moduleVariables: {
+        enable_state_persistence: "false",
+      },
+    });
+    await execModuleScript(id);
+    await expectAgentAPIStarted(id);
+    const mockLog = await readFileContainer(
+      id,
+      "/home/coder/agentapi-mock.log",
+    );
+    // PID file should always be exported
+    expect(mockLog).toContain("AGENTAPI_PID_FILE:");
+    // State vars should NOT be present when disabled
+    expect(mockLog).not.toContain("AGENTAPI_STATE_FILE:");
+    expect(mockLog).not.toContain("AGENTAPI_SAVE_STATE:");
+    expect(mockLog).not.toContain("AGENTAPI_LOAD_STATE:");
+  });
+
+  test("state-persistence-custom-paths", async () => {
+    const { id } = await setup({
+      moduleVariables: {
+        enable_state_persistence: "true",
+        state_file_path: "/home/coder/custom/state.json",
+        pid_file_path: "/home/coder/custom/agentapi.pid",
+      },
+    });
+    await execModuleScript(id);
+    await expectAgentAPIStarted(id);
+    const mockLog = await readFileContainer(
+      id,
+      "/home/coder/agentapi-mock.log",
+    );
+    expect(mockLog).toContain(
+      "AGENTAPI_STATE_FILE: /home/coder/custom/state.json",
+    );
+    expect(mockLog).toContain(
+      "AGENTAPI_PID_FILE: /home/coder/custom/agentapi.pid",
+    );
+  });
+
+  test("state-persistence-default-paths", async () => {
+    const { id } = await setup({
+      moduleVariables: {
+        enable_state_persistence: "true",
+      },
+    });
+    await execModuleScript(id);
+    await expectAgentAPIStarted(id);
+    const mockLog = await readFileContainer(
+      id,
+      "/home/coder/agentapi-mock.log",
+    );
+    expect(mockLog).toContain(
+      `AGENTAPI_STATE_FILE: /home/coder/${moduleDirName}/agentapi-state.json`,
+    );
+    expect(mockLog).toContain(
+      `AGENTAPI_PID_FILE: /home/coder/${moduleDirName}/agentapi.pid`,
+    );
+    expect(mockLog).toContain("AGENTAPI_SAVE_STATE: true");
+    expect(mockLog).toContain("AGENTAPI_LOAD_STATE: true");
+  });
+
  describe("shutdown script", async () => {
    const setupMocks = async (
      containerId: string,
      agentapiPreset: string,
      httpCode: number = 204,
+      pidFilePath: string = "",
    ) => {
      const agentapiMock = await loadTestFile(
        import.meta.dir,
@@ -285,10 +350,11 @@ describe("agentapi", async () => {
        content: coderMock,
      });

+      const pidFileEnv = pidFilePath ? `AGENTAPI_PID_FILE=${pidFilePath}` : "";
      await execContainer(containerId, [
        "bash",
        "-c",
-        `PRESET=${agentapiPreset} nohup node /usr/local/bin/mock-agentapi 3284 > /tmp/mock-agentapi.log 2>&1 &`,
+        `PRESET=${agentapiPreset} ${pidFileEnv} nohup node /usr/local/bin/mock-agentapi 3284 > /tmp/mock-agentapi.log 2>&1 &`,
      ]);

      await execContainer(containerId, [
@@ -303,12 +369,25 @@ describe("agentapi", async () => {
    const runShutdownScript = async (
      containerId: string,
      taskId: string = "test-task",
+      pidFilePath: string = "",
+      enableStatePersistence: string = "false",
    ) => {
      const shutdownScript = await loadTestFile(
        import.meta.dir,
        "../scripts/agentapi-shutdown.sh",
      );

+      const libScript = await loadTestFile(
+        import.meta.dir,
+        "../scripts/lib.sh",
+      );
+
+      await writeExecutable({
+        containerId,
+        filePath: "/tmp/agentapi-lib.sh",
+        content: libScript,
+      });
+
      await writeExecutable({
        containerId,
        filePath: "/tmp/shutdown.sh",
@@ -318,7 +397,7 @@ describe("agentapi", async () => {
      return await execContainer(containerId, [
        "bash",
        "-c",
-        `ARG_TASK_ID=${taskId} ARG_AGENTAPI_PORT=3284 CODER_AGENT_URL=http://localhost:18080 CODER_AGENT_TOKEN=test-token /tmp/shutdown.sh`,
+        `ARG_TASK_ID=${taskId} ARG_AGENTAPI_PORT=3284 ARG_PID_FILE_PATH=${pidFilePath} ARG_ENABLE_STATE_PERSISTENCE=${enableStatePersistence} CODER_AGENT_URL=http://localhost:18080 CODER_AGENT_TOKEN=test-token /tmp/shutdown.sh`,
      ]);
    };

@@ -334,6 +413,7 @@ describe("agentapi", async () => {
      expect(result.exitCode).toBe(0);
      expect(result.stdout).toContain("Retrieved 5 messages for log snapshot");
      expect(result.stdout).toContain("Log snapshot posted successfully");
+      expect(result.stdout).not.toContain("Log snapshot capture failed");

      const posted = await readFileContainer(id, "/tmp/snapshot-posted.json");
      const snapshot = JSON.parse(posted);
@@ -409,5 +489,128 @@ describe("agentapi", async () => {
        "Log snapshot endpoint not supported by this Coder version",
      );
    });
+
+    test("sends SIGUSR1 before shutdown", async () => {
+      const { id } = await setup({
+        moduleVariables: {},
+        skipAgentAPIMock: true,
+      });
+      const pidFile = "/tmp/agentapi-test.pid";
+      await setupMocks(id, "normal", 204, pidFile);
+      const result = await runShutdownScript(id, "test-task", pidFile, "true");
+
+      expect(result.exitCode).toBe(0);
+      expect(result.stdout).toContain("Sending SIGUSR1 to AgentAPI");
+
+      const sigusr1Log = await readFileContainer(id, "/tmp/sigusr1-received");
+      expect(sigusr1Log).toContain("SIGUSR1 received");
+    });
+
+    test("handles missing PID file gracefully", async () => {
+      const { id } = await setup({
+        moduleVariables: {},
+        skipAgentAPIMock: true,
+      });
+      await setupMocks(id, "normal");
+      // Pass a non-existent PID file path with persistence enabled to
+      // exercise the SIGUSR1 path with a missing PID.
+      const result = await runShutdownScript(
+        id,
+        "test-task",
+        "/tmp/nonexistent.pid",
+        "true",
+      );
+
+      expect(result.exitCode).toBe(0);
+      expect(result.stdout).toContain("Shutdown complete");
+    });
+
+    test("sends SIGTERM even when snapshot fails", async () => {
+      const { id } = await setup({
+        moduleVariables: {},
+        skipAgentAPIMock: true,
+      });
+      const pidFile = "/tmp/agentapi-test.pid";
+      // HTTP 500 will cause snapshot to fail
+      await setupMocks(id, "normal", 500, pidFile);
+      const result = await runShutdownScript(id, "test-task", pidFile, "true");
+
+      expect(result.exitCode).toBe(0);
+      expect(result.stdout).toContain(
+        "Log snapshot capture failed, continuing shutdown",
+      );
+      expect(result.stdout).toContain("Sending SIGTERM to AgentAPI");
+    });
+
+    test("resolves default PID path from MODULE_DIR_NAME", async () => {
+      const { id } = await setup({
+        moduleVariables: {},
+        skipAgentAPIMock: true,
+      });
+      // Start mock with PID file at the module_dir_name default location.
+      const defaultPidPath = `/home/coder/${moduleDirName}/agentapi.pid`;
+      await setupMocks(id, "normal", 204, defaultPidPath);
+      // Don't pass pidFilePath - let shutdown script compute it from MODULE_DIR_NAME.
+      const shutdownScript = await loadTestFile(
+        import.meta.dir,
+        "../scripts/agentapi-shutdown.sh",
+      );
+      const libScript = await loadTestFile(
+        import.meta.dir,
+        "../scripts/lib.sh",
+      );
+      await writeExecutable({
+        containerId: id,
+        filePath: "/tmp/agentapi-lib.sh",
+        content: libScript,
+      });
+      await writeExecutable({
+        containerId: id,
+        filePath: "/tmp/shutdown.sh",
+        content: shutdownScript,
+      });
+      const result = await execContainer(id, [
+        "bash",
+        "-c",
+        `ARG_TASK_ID=test-task ARG_AGENTAPI_PORT=3284 ARG_MODULE_DIR_NAME=${moduleDirName} ARG_ENABLE_STATE_PERSISTENCE=true CODER_AGENT_URL=http://localhost:18080 CODER_AGENT_TOKEN=test-token /tmp/shutdown.sh`,
+      ]);
+
+      expect(result.exitCode).toBe(0);
+      expect(result.stdout).toContain("Sending SIGUSR1 to AgentAPI");
+      expect(result.stdout).toContain("Sending SIGTERM to AgentAPI");
+    });
+
+    test("skips SIGUSR1 when no PID file available", async () => {
+      const { id } = await setup({
+        moduleVariables: {},
+        skipAgentAPIMock: true,
+      });
+      await setupMocks(id, "normal", 204);
+      // No pidFilePath and no MODULE_DIR_NAME, so no PID file can be resolved.
+      const result = await runShutdownScript(id, "test-task", "", "false");
+
+      expect(result.exitCode).toBe(0);
+      // Should not send SIGUSR1 or SIGTERM (no PID to signal).
+      expect(result.stdout).not.toContain("Sending SIGUSR1");
+      expect(result.stdout).not.toContain("Sending SIGTERM");
+      expect(result.stdout).toContain("Shutdown complete");
+    });
+
+    test("skips SIGUSR1 when state persistence disabled", async () => {
+      const { id } = await setup({
+        moduleVariables: {},
+        skipAgentAPIMock: true,
+      });
+      const pidFile = "/tmp/agentapi-test.pid";
+      await setupMocks(id, "normal", 204, pidFile);
+      // PID file exists but state persistence is disabled.
+      const result = await runShutdownScript(id, "test-task", pidFile, "false");
+
+      expect(result.exitCode).toBe(0);
+      // Should NOT send SIGUSR1 (persistence disabled).
+      expect(result.stdout).not.toContain("Sending SIGUSR1");
+      // Should still send SIGTERM (graceful shutdown always happens).
+      expect(result.stdout).toContain("Sending SIGTERM to AgentAPI");
+    });
  });
 });
@@ -164,6 +164,23 @@ variable "module_dir_name" {
  description = "Name of the subdirectory in the home directory for module files."
 }

+variable "enable_state_persistence" {
+  type        = bool
+  description = "Enable AgentAPI conversation state persistence across restarts."
+  default     = false
+}
+
+variable "state_file_path" {
+  type        = string
+  description = "Path to the AgentAPI state file. Defaults to $HOME/<module_dir_name>/agentapi-state.json."
+  default     = ""
+}
+
+variable "pid_file_path" {
+  type        = string
+  description = "Path to the AgentAPI PID file. Defaults to $HOME/<module_dir_name>/agentapi.pid."
+  default     = ""
+}

 locals {
  # we always trim the slash for consistency
@@ -182,6 +199,7 @@ locals {
  agentapi_chat_base_path = var.agentapi_subdomain ? "" : "/@${data.coder_workspace_owner.me.name}/${data.coder_workspace.me.name}.${var.agent_id}/apps/${var.web_app_slug}/chat"
  main_script             = file("${path.module}/scripts/main.sh")
  shutdown_script         = file("${path.module}/scripts/agentapi-shutdown.sh")
+  lib_script              = file("${path.module}/scripts/lib.sh")
 }

 resource "coder_script" "agentapi" {
@@ -195,6 +213,7 @@ resource "coder_script" "agentapi" {

    echo -n '${base64encode(local.main_script)}' | base64 -d > /tmp/main.sh
    chmod +x /tmp/main.sh
+    echo -n '${base64encode(local.lib_script)}' | base64 -d > /tmp/agentapi-lib.sh

    ARG_MODULE_DIR_NAME='${var.module_dir_name}' \
    ARG_WORKDIR="$(echo -n '${base64encode(local.workdir)}' | base64 -d)" \
@@ -209,6 +228,9 @@ resource "coder_script" "agentapi" {
    ARG_AGENTAPI_CHAT_BASE_PATH='${local.agentapi_chat_base_path}' \
    ARG_TASK_ID='${try(data.coder_task.me.id, "")}' \
    ARG_TASK_LOG_SNAPSHOT='${var.task_log_snapshot}' \
+    ARG_ENABLE_STATE_PERSISTENCE='${var.enable_state_persistence}' \
+    ARG_STATE_FILE_PATH='${var.state_file_path}' \
+    ARG_PID_FILE_PATH='${var.pid_file_path}' \
    /tmp/main.sh
    EOT
  run_on_start = true
@@ -225,10 +247,14 @@ resource "coder_script" "agentapi_shutdown" {

    echo -n '${base64encode(local.shutdown_script)}' | base64 -d > /tmp/agentapi-shutdown.sh
    chmod +x /tmp/agentapi-shutdown.sh
+    echo -n '${base64encode(local.lib_script)}' | base64 -d > /tmp/agentapi-lib.sh

    ARG_TASK_ID='${try(data.coder_task.me.id, "")}' \
    ARG_TASK_LOG_SNAPSHOT='${var.task_log_snapshot}' \
    ARG_AGENTAPI_PORT='${var.agentapi_port}' \
+    ARG_ENABLE_STATE_PERSISTENCE='${var.enable_state_persistence}' \
+    ARG_MODULE_DIR_NAME='${var.module_dir_name}' \
+    ARG_PID_FILE_PATH='${var.pid_file_path}' \
    /tmp/agentapi-shutdown.sh
    EOT
 }
@@ -1,9 +1,9 @@
 #!/usr/bin/env bash
 # AgentAPI shutdown script.
 #
-# Captures the last 10 messages from AgentAPI and posts them to Coder instance
-# as a snapshot. This script is called during workspace shutdown to access
-# conversation history for paused tasks.
+# Performs a graceful shutdown of AgentAPI: sends SIGUSR1 to trigger state save,
+# captures the last 10 messages as a log snapshot posted to the Coder instance,
+# then sends SIGTERM for graceful termination.

 set -euo pipefail

@@ -11,6 +11,13 @@ set -euo pipefail
 readonly TASK_ID="${ARG_TASK_ID:-}"
 readonly TASK_LOG_SNAPSHOT="${ARG_TASK_LOG_SNAPSHOT:-true}"
 readonly AGENTAPI_PORT="${ARG_AGENTAPI_PORT:-3284}"
+readonly ENABLE_STATE_PERSISTENCE="${ARG_ENABLE_STATE_PERSISTENCE:-false}"
+readonly MODULE_DIR_NAME="${ARG_MODULE_DIR_NAME:-}"
+readonly PID_FILE_PATH="${ARG_PID_FILE_PATH:-${MODULE_DIR_NAME:+$HOME/$MODULE_DIR_NAME/agentapi.pid}}"
+
+# Source shared utilities (written by the coder_script wrapper).
+# shellcheck source=lib.sh
+source /tmp/agentapi-lib.sh

 # Runtime environment variables.
 readonly CODER_AGENT_URL="${CODER_AGENT_URL:-}"
@@ -20,7 +27,7 @@ readonly CODER_AGENT_TOKEN="${CODER_AGENT_TOKEN:-}"
 readonly MAX_PAYLOAD_SIZE=65536    # 64KB
 readonly MAX_MESSAGE_CONTENT=57344 # 56KB
 readonly MAX_MESSAGES=10
-readonly FETCH_TIMEOUT=5
+readonly FETCH_TIMEOUT=10
 readonly POST_TIMEOUT=10

 log() {
@@ -138,44 +145,45 @@ post_task_log_snapshot() {
 capture_task_log_snapshot() {
  if [[ -z $TASK_ID ]]; then
    log "No task ID, skipping log snapshot"
-    exit 0
+    return 0
  fi

  if [[ -z $CODER_AGENT_URL ]]; then
    error "CODER_AGENT_URL not set, cannot capture log snapshot"
-    exit 1
+    return 1
  fi

  if [[ -z $CODER_AGENT_TOKEN ]]; then
    error "CODER_AGENT_TOKEN not set, cannot capture log snapshot"
-    exit 1
+    return 1
  fi

  if ! command -v jq > /dev/null 2>&1; then
    error "jq not found, cannot capture log snapshot"
-    exit 1
+    return 1
  fi

  if ! command -v curl > /dev/null 2>&1; then
    error "curl not found, cannot capture log snapshot"
-    exit 1
+    return 1
  fi

+  # Not local, must be visible to the EXIT trap after the function returns.
  tmpdir=$(mktemp -d)
-  trap 'rm -rf "$tmpdir"' EXIT
+  trap 'trap - EXIT; rm -rf "$tmpdir"' EXIT

  local payload_file="${tmpdir}/payload.json"

  if ! fetch_and_build_messages_payload "$payload_file"; then
    error "Cannot capture log snapshot without messages"
-    exit 1
+    return 1
  fi

  local message_count
  message_count=$(jq '.messages | length' < "$payload_file")
  if ((message_count == 0)); then
    log "No messages for log snapshot"
-    exit 0
+    return 0
  fi

  log "Retrieved $message_count messages for log snapshot"
@@ -183,7 +191,7 @@ capture_task_log_snapshot() {
  # Ensure payload fits within size limit.
  if ! truncate_messages_payload_to_size "$payload_file" "$MAX_PAYLOAD_SIZE"; then
    error "Failed to truncate payload to size limit"
-    exit 1
+    return 1
  fi

  local final_size final_count
@@ -193,19 +201,60 @@ capture_task_log_snapshot() {

  if ! post_task_log_snapshot "$payload_file" "$tmpdir"; then
    error "Log snapshot capture failed"
-    exit 1
+    return 1
  fi
 }

 main() {
  log "Shutting down AgentAPI"

+  local agentapi_pid=
+  if [[ -n $PID_FILE_PATH ]]; then
+    agentapi_pid=$(cat "$PID_FILE_PATH" 2> /dev/null || echo "")
+  fi
+
+  # State persistence is only enabled when the binary supports it (>= v0.12.0).
+  # The default SIGUSR1 disposition on Linux is terminate, so sending it to an
+  # older binary would kill the process.
+  local state_persistence=0
+  if [[ $ENABLE_STATE_PERSISTENCE == true ]] && version_at_least 0.12.0 "$(agentapi_version)"; then
+    state_persistence=1
+  fi
+
+  # Trigger state save via SIGUSR1 (saves without exiting).
+  if ((state_persistence)) && [[ -n $agentapi_pid ]] && kill -0 "$agentapi_pid" 2> /dev/null; then
+    log "Sending SIGUSR1 to AgentAPI (pid $agentapi_pid) to save state"
+    kill -USR1 "$agentapi_pid" || true
+    # Allow time for state save to complete before proceeding.
+    sleep 1
+  fi
+
+  # Capture log snapshot for task history.
  if [[ $TASK_LOG_SNAPSHOT == true ]]; then
-    capture_task_log_snapshot
+    # Subshell scopes the EXIT trap (tmpdir cleanup) inside
+    # capture_task_log_snapshot and preserves set -e, which
+    # || would otherwise disable for the function body.
+    (capture_task_log_snapshot) || log "Log snapshot capture failed, continuing shutdown"
  else
    log "Log snapshot disabled, skipping"
  fi

+  # Graceful termination.
+  if [[ -n $agentapi_pid ]] && kill -0 "$agentapi_pid" 2> /dev/null; then
+    log "Sending SIGTERM to AgentAPI (pid $agentapi_pid)"
+    kill -TERM "$agentapi_pid" 2> /dev/null || true
+
+    # Wait for process to exit to guarantee a clean shutdown.
+    local elapsed=0
+    while kill -0 "$agentapi_pid" 2> /dev/null; do
+      sleep 1
+      ((elapsed++)) || true
+      if ((elapsed % 5 == 0)); then
+        log "Warning: AgentAPI (pid $agentapi_pid) still running after ${elapsed}s"
+      fi
+    done
+  fi
+
  log "Shutdown complete"
 }

@@ -3,20 +3,22 @@ set -o errexit
 set -o pipefail

 port=${1:-3284}
+max_attempts=150

-# This script waits for the agentapi server to start on port 3284.
+# This script waits for the agentapi server to start on the given port.
+# Each attempt sleeps 0.1s, so 150 attempts ≈ 15 seconds.
 # It considers the server started after 3 consecutive successful responses.

 agentapi_started=false

 echo "Waiting for agentapi server to start on port $port..."
-for i in $(seq 1 150); do
+for i in $(seq 1 "$max_attempts"); do
  for j in $(seq 1 3); do
    sleep 0.1
    if curl -fs -o /dev/null "http://localhost:$port/status"; then
      echo "agentapi response received ($j/3)"
    else
-      echo "agentapi server not responding ($i/15)"
+      echo "agentapi server not responding ($i/$max_attempts)"
      continue 2
    fi
  done
@@ -25,7 +27,7 @@ for i in $(seq 1 150); do
 done

 if [ "$agentapi_started" != "true" ]; then
-  echo "Error: agentapi server did not start on port $port after 15 seconds."
+  echo "Error: agentapi server did not start on port $port after $max_attempts attempts."
  exit 1
 fi

@@ -0,0 +1,45 @@
+#!/usr/bin/env bash
+# Shared utility functions for agentapi module scripts.
+
+# version_at_least checks if an actual version meets a minimum requirement.
+# Non-semver strings (e.g. "latest", custom builds) always pass.
+# Usage: version_at_least <minimum> <actual>
+#   version_at_least v0.12.0 v0.10.0  # returns 1 (false)
+#   version_at_least v0.12.0 v0.12.0  # returns 0 (true)
+#   version_at_least v0.12.0 latest   # returns 0 (true)
+version_at_least() {
+  local min="${1#v}"
+  local actual="${2#v}"
+
+  # Non-semver versions pass through (e.g. "latest", custom builds).
+  if ! [[ $actual =~ ^([0-9]+)\.([0-9]+)\.([0-9]+)$ ]]; then
+    return 0
+  fi
+
+  local act_major="${BASH_REMATCH[1]}"
+  local act_minor="${BASH_REMATCH[2]}"
+  local act_patch="${BASH_REMATCH[3]}"
+
+  [[ $min =~ ^([0-9]+)\.([0-9]+)\.([0-9]+)$ ]] || return 0
+
+  local min_major="${BASH_REMATCH[1]}"
+  local min_minor="${BASH_REMATCH[2]}"
+  local min_patch="${BASH_REMATCH[3]}"
+
+  # Arithmetic expressions set exit status: 0 (true) if non-zero, 1 (false) if zero.
+  if ((act_major != min_major)); then
+    ((act_major > min_major))
+    return
+  fi
+  if ((act_minor != min_minor)); then
+    ((act_minor > min_minor))
+    return
+  fi
+  ((act_patch >= min_patch))
+}
+
+# agentapi_version returns the installed agentapi binary version (e.g. "0.11.8").
+# Returns empty string if the binary is missing or doesn't support --version.
+agentapi_version() {
+  agentapi --version 2> /dev/null | awk '{print $NF}'
+}
@@ -16,8 +16,14 @@ AGENTAPI_PORT="$ARG_AGENTAPI_PORT"
 AGENTAPI_CHAT_BASE_PATH="${ARG_AGENTAPI_CHAT_BASE_PATH:-}"
 TASK_ID="${ARG_TASK_ID:-}"
 TASK_LOG_SNAPSHOT="${ARG_TASK_LOG_SNAPSHOT:-true}"
+ENABLE_STATE_PERSISTENCE="${ARG_ENABLE_STATE_PERSISTENCE:-false}"
+STATE_FILE_PATH="${ARG_STATE_FILE_PATH:-}"
+PID_FILE_PATH="${ARG_PID_FILE_PATH:-}"
 set +o nounset

+# shellcheck source=lib.sh
+source /tmp/agentapi-lib.sh
+
 command_exists() {
  command -v "$1" > /dev/null 2>&1
 }
@@ -106,5 +112,18 @@ cd "${WORKDIR}"
 export AGENTAPI_CHAT_BASE_PATH="${AGENTAPI_CHAT_BASE_PATH:-}"
 # Disable host header check since AgentAPI is proxied by Coder (which does its own validation)
 export AGENTAPI_ALLOWED_HOSTS="*"
+export AGENTAPI_PID_FILE="${PID_FILE_PATH:-$module_path/agentapi.pid}"
+# Only set state env vars when persistence is enabled and the binary supports
+# it. State persistence requires agentapi >= v0.12.0.
+if [ "${ENABLE_STATE_PERSISTENCE}" = "true" ]; then
+  actual_version=$(agentapi_version)
+  if version_at_least 0.12.0 "$actual_version"; then
+    export AGENTAPI_STATE_FILE="${STATE_FILE_PATH:-$module_path/agentapi-state.json}"
+    export AGENTAPI_SAVE_STATE="true"
+    export AGENTAPI_LOAD_STATE="true"
+  else
+    echo "Warning: State persistence requires agentapi >= v0.12.0 (current: ${actual_version:-unknown}), skipping."
+  fi
+fi
 nohup "$module_path/scripts/agentapi-start.sh" true "${AGENTAPI_PORT}" &> "$module_path/agentapi-start.log" &
 "$module_path/scripts/agentapi-wait-for-start.sh" "${AGENTAPI_PORT}"
@@ -3,8 +3,26 @@
 // Usage: MESSAGES='[...]' node agentapi-mock-shutdown.js [port]

 const http = require("http");
+const fs = require("fs");
 const port = process.argv[2] || 3284;

+// Write PID file for shutdown script.
+if (process.env.AGENTAPI_PID_FILE) {
+  const path = require("path");
+  fs.mkdirSync(path.dirname(process.env.AGENTAPI_PID_FILE), {
+    recursive: true,
+  });
+  fs.writeFileSync(process.env.AGENTAPI_PID_FILE, String(process.pid));
+}
+
+// Handle SIGUSR1 (state save signal from shutdown script).
+process.on("SIGUSR1", () => {
+  fs.writeFileSync(
+    "/tmp/sigusr1-received",
+    `SIGUSR1 received at ${Date.now()}\n`,
+  );
+});
+
 // Parse messages from environment or use default
 let messages = [];
 if (process.env.MESSAGES) {
@@ -6,12 +6,41 @@ const args = process.argv.slice(2);
 const portIdx = args.findIndex((arg) => arg === "--port") + 1;
 const port = portIdx ? args[portIdx] : 3284;

+if (args.includes("--version")) {
+  console.log("agentapi version 99.99.99");
+  process.exit(0);
+}
+
 console.log(`starting server on port ${port}`);
 fs.writeFileSync(
  "/home/coder/agentapi-mock.log",
  `AGENTAPI_ALLOWED_HOSTS: ${process.env.AGENTAPI_ALLOWED_HOSTS}`,
 );

+// Log state persistence env vars.
+for (const v of [
+  "AGENTAPI_STATE_FILE",
+  "AGENTAPI_PID_FILE",
+  "AGENTAPI_SAVE_STATE",
+  "AGENTAPI_LOAD_STATE",
+]) {
+  if (process.env[v]) {
+    fs.appendFileSync(
+      "/home/coder/agentapi-mock.log",
+      `\n${v}: ${process.env[v]}`,
+    );
+  }
+}
+
+// Write PID file for shutdown script.
+if (process.env.AGENTAPI_PID_FILE) {
+  const path = require("path");
+  fs.mkdirSync(path.dirname(process.env.AGENTAPI_PID_FILE), {
+    recursive: true,
+  });
+  fs.writeFileSync(process.env.AGENTAPI_PID_FILE, String(process.pid));
+}
+
 http
  .createServer(function (_request, response) {
    response.writeHead(200);
@@ -16,7 +16,7 @@ Uses the [Coder Remote VS Code Extension](https://github.com/coder/vscode-coder)
 module "antigravity" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/antigravity/coder"
-  version  = "1.0.0"
+  version  = "1.0.1"
  agent_id = coder_agent.example.id
 }
 ```
@@ -29,7 +29,7 @@ module "antigravity" {
 module "antigravity" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/antigravity/coder"
-  version  = "1.0.0"
+  version  = "1.0.1"
  agent_id = coder_agent.example.id
  folder   = "/home/coder/project"
 }
@@ -45,7 +45,7 @@ The following example configures Antigravity to use the GitHub MCP server with a
 module "antigravity" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/antigravity/coder"
-  version  = "1.0.0"
+  version  = "1.0.1"
  agent_id = coder_agent.example.id
  folder   = "/home/coder/project"
  mcp = jsonencode({
@@ -66,15 +66,15 @@ locals {

 module "vscode-desktop-core" {
  source  = "registry.coder.com/coder/vscode-desktop-core/coder"
-  version = "1.0.1"
+  version = "1.0.2"

  agent_id = var.agent_id

-  web_app_icon         = "/icon/antigravity.svg"
-  web_app_slug         = var.slug
-  web_app_display_name = var.display_name
-  web_app_order        = var.order
-  web_app_group        = var.group
+  coder_app_icon         = "/icon/antigravity.svg"
+  coder_app_slug         = var.slug
+  coder_app_display_name = var.display_name
+  coder_app_order        = var.order
+  coder_app_group        = var.group

  folder      = var.folder
  open_recent = var.open_recent
@@ -14,7 +14,7 @@ Automatically install [code-server](https://github.com/coder/code-server) in a w
 module "code-server" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/code-server/coder"
-  version  = "1.4.2"
+  version  = "1.4.3"
  agent_id = coder_agent.example.id
 }
 ```
@@ -29,7 +29,7 @@ module "code-server" {
 module "code-server" {
  count           = data.coder_workspace.me.start_count
  source          = "registry.coder.com/coder/code-server/coder"
-  version         = "1.4.2"
+  version         = "1.4.3"
  agent_id        = coder_agent.example.id
  install_version = "4.106.3"
 }
@@ -43,7 +43,7 @@ Install the Dracula theme from [OpenVSX](https://open-vsx.org/):
 module "code-server" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/code-server/coder"
-  version  = "1.4.2"
+  version  = "1.4.3"
  agent_id = coder_agent.example.id
  extensions = [
    "dracula-theme.theme-dracula"
@@ -61,7 +61,7 @@ Configure VS Code's [settings.json](https://code.visualstudio.com/docs/getstarte
 module "code-server" {
  count      = data.coder_workspace.me.start_count
  source     = "registry.coder.com/coder/code-server/coder"
-  version    = "1.4.2"
+  version    = "1.4.3"
  agent_id   = coder_agent.example.id
  extensions = ["dracula-theme.theme-dracula"]
  settings = {
@@ -78,7 +78,7 @@ Just run code-server in the background, don't fetch it from GitHub:
 module "code-server" {
  count      = data.coder_workspace.me.start_count
  source     = "registry.coder.com/coder/code-server/coder"
-  version    = "1.4.2"
+  version    = "1.4.3"
  agent_id   = coder_agent.example.id
  extensions = ["dracula-theme.theme-dracula", "ms-azuretools.vscode-docker"]
 }
@@ -92,7 +92,7 @@ You can pass additional command-line arguments to code-server using the `additio
 module "code-server" {
  count           = data.coder_workspace.me.start_count
  source          = "registry.coder.com/coder/code-server/coder"
-  version         = "1.4.2"
+  version         = "1.4.3"
  agent_id        = coder_agent.example.id
  additional_args = "--disable-workspace-trust"
 }
@@ -108,7 +108,7 @@ Run an existing copy of code-server if found, otherwise download from GitHub:
 module "code-server" {
  count      = data.coder_workspace.me.start_count
  source     = "registry.coder.com/coder/code-server/coder"
-  version    = "1.4.2"
+  version    = "1.4.3"
  agent_id   = coder_agent.example.id
  use_cached = true
  extensions = ["dracula-theme.theme-dracula", "ms-azuretools.vscode-docker"]
@@ -121,7 +121,7 @@ Just run code-server in the background, don't fetch it from GitHub:
 module "code-server" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/code-server/coder"
-  version  = "1.4.2"
+  version  = "1.4.3"
  agent_id = coder_agent.example.id
  offline  = true
 }
@@ -44,7 +44,7 @@ variable "settings" {
  default     = {}
 }

-variable "machine-settings" {
+variable "machine_settings" {
  type        = any
  description = "A map of template level machine settings to apply to code-server. This will be overwritten at each container start."
  default     = {}
@@ -167,7 +167,7 @@ resource "coder_script" "code-server" {
    INSTALL_PREFIX : var.install_prefix,
    // This is necessary otherwise the quotes are stripped!
    SETTINGS : replace(jsonencode(var.settings), "\"", "\\\""),
-    MACHINE_SETTINGS : replace(jsonencode(var.machine-settings), "\"", "\\\""),
+    MACHINE_SETTINGS : replace(jsonencode(var.machine_settings), "\"", "\\\""),
    OFFLINE : var.offline,
    USE_CACHED : var.use_cached,
    USE_CACHED_EXTENSIONS : var.use_cached_extensions,
@@ -16,7 +16,7 @@ Uses the [Coder Remote VS Code Extension](https://github.com/coder/vscode-coder)
 module "cursor" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/cursor/coder"
-  version  = "1.4.0"
+  version  = "1.4.1"
  agent_id = coder_agent.main.id
 }
 ```
@@ -29,7 +29,7 @@ module "cursor" {
 module "cursor" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/cursor/coder"
-  version  = "1.4.0"
+  version  = "1.4.1"
  agent_id = coder_agent.main.id
  folder   = "/home/coder/project"
 }
@@ -45,7 +45,7 @@ The following example configures Cursor to use the GitHub MCP server with authen
 module "cursor" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/cursor/coder"
-  version  = "1.4.0"
+  version  = "1.4.1"
  agent_id = coder_agent.main.id
  folder   = "/home/coder/project"
  mcp = jsonencode({
@@ -66,7 +66,7 @@ locals {

 module "vscode-desktop-core" {
  source  = "registry.coder.com/coder/vscode-desktop-core/coder"
-  version = "1.0.0"
+  version = "1.0.2"

  agent_id = var.agent_id

@@ -18,7 +18,7 @@ Under the hood, this module uses the [coder dotfiles](https://coder.com/docs/v2/
 module "dotfiles" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/dotfiles/coder"
-  version  = "1.3.0"
+  version  = "1.3.2"
  agent_id = coder_agent.example.id
 }
 ```
@@ -31,7 +31,7 @@ module "dotfiles" {
 module "dotfiles" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/dotfiles/coder"
-  version  = "1.3.0"
+  version  = "1.3.2"
  agent_id = coder_agent.example.id
 }
 ```
@@ -42,7 +42,7 @@ module "dotfiles" {
 module "dotfiles" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/dotfiles/coder"
-  version  = "1.3.0"
+  version  = "1.3.2"
  agent_id = coder_agent.example.id
  user     = "root"
 }
@@ -54,20 +54,34 @@ module "dotfiles" {
 module "dotfiles" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/dotfiles/coder"
-  version  = "1.3.0"
+  version  = "1.3.2"
  agent_id = coder_agent.example.id
 }

 module "dotfiles-root" {
  count        = data.coder_workspace.me.start_count
  source       = "registry.coder.com/coder/dotfiles/coder"
-  version      = "1.3.0"
+  version      = "1.3.2"
  agent_id     = coder_agent.example.id
  user         = "root"
  dotfiles_uri = module.dotfiles.dotfiles_uri
 }
 ```

+## SSH vs HTTPS URLs
+
+If your Git provider (e.g. GitLab, GitHub Enterprise) restricts HTTPS cloning, use an SSH URL instead:
+
+```text
+# HTTPS (may fail if HTTP cloning is disabled)
+https://gitlab.example.com/user/dotfiles.git
+
+# SSH (uses the workspace's SSH key)
+git@gitlab.example.com:user/dotfiles.git
+```
+
+When a Git provider has HTTPS cloning disabled server-side, the clone will silently fail (the `.git` folder may exist but the working tree will be empty). SSH URLs avoid this because they authenticate with the workspace's SSH key instead of a token-based HTTPS flow.
+
 ## Setting a default dotfiles repository

 You can set a default dotfiles repository for all users by setting the `default_dotfiles_uri` variable:
@@ -76,7 +90,7 @@ You can set a default dotfiles repository for all users by setting the `default_
 module "dotfiles" {
  count                = data.coder_workspace.me.start_count
  source               = "registry.coder.com/coder/dotfiles/coder"
-  version              = "1.3.0"
+  version              = "1.3.2"
  agent_id             = coder_agent.example.id
  default_dotfiles_uri = "https://github.com/coder/dotfiles"
 }
@@ -26,6 +26,7 @@ describe("dotfiles", async () => {
      "git@github.com:coder/dotfiles.git",
      "git://github.com/coder/dotfiles.git",
      "ssh://git@github.com/coder/dotfiles.git",
+      "ssh://git@bitbucket.example.org:7999/~myusername/dotfiles.git",
    ];
    for (const url of validUrls) {
      const state = await runTerraformApply(import.meta.dir, {
@@ -29,7 +29,7 @@ variable "agent_id" {
 variable "description" {
  type        = string
  description = "A custom description for the dotfiles parameter. This is shown in the UI - and allows you to customize the instructions you give to your users."
-  default     = "Enter a URL for a [dotfiles repository](https://dotfiles.github.io) to personalize your workspace"
+  default     = "Enter a URL for a [dotfiles repository](https://dotfiles.github.io) to personalize your workspace. Use an SSH URL (e.g. `git@host:user/repo`) if your Git provider restricts HTTPS cloning."
 }

 variable "default_dotfiles_uri" {
@@ -40,7 +40,7 @@ variable "default_dotfiles_uri" {
  validation {
    condition = (
      var.default_dotfiles_uri == "" ||
-      can(regex("^(https?://|ssh://|git@|git://)[a-zA-Z0-9._/:@-]+$", var.default_dotfiles_uri))
+      can(regex("^(https?://|ssh://|git@|git://)[a-zA-Z0-9._/:@~-]+$", var.default_dotfiles_uri))
    )
    error_message = "Must be a valid dotfiles repository URL (https, git@, or git://) without special characters."
  }
@@ -55,7 +55,7 @@ variable "dotfiles_uri" {
    condition = (
      var.dotfiles_uri == null ||
      var.dotfiles_uri == "" ||
-      can(regex("^(https?://|ssh://|git@|git://)[a-zA-Z0-9._/:@-]+$", var.dotfiles_uri))
+      can(regex("^(https?://|ssh://|git@|git://)[a-zA-Z0-9._/:@~-]+$", var.dotfiles_uri))
    )
    error_message = "Must be a valid dotfiles repository URL (https, git@, or git://) without special characters."
  }
@@ -102,7 +102,7 @@ data "coder_parameter" "dotfiles_uri" {
  icon         = "/icon/dotfiles.svg"

  validation {
-    regex = "^$|^(https?://|ssh://|git@|git://)[a-zA-Z0-9._/:@-]+$"
+    regex = "^$|^(https?://|ssh://|git@|git://)[a-zA-Z0-9._/:@~-]+$"
    error = "Must be a valid dotfiles repository URL (https, git@, or git://) without special characters."
  }
 }
@@ -18,7 +18,7 @@ Uses the [Coder Remote VS Code Extension](https://github.com/coder/vscode-coder)
 module "kiro" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/kiro/coder"
-  version  = "1.2.0"
+  version  = "1.2.1"
  agent_id = coder_agent.main.id
 }
 ```
@@ -31,7 +31,7 @@ module "kiro" {
 module "kiro" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/kiro/coder"
-  version  = "1.2.0"
+  version  = "1.2.1"
  agent_id = coder_agent.main.id
  folder   = "/home/coder/project"
 }
@@ -47,7 +47,7 @@ The following example configures Kiro to use the GitHub MCP server with authenti
 module "kiro" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/kiro/coder"
-  version  = "1.2.0"
+  version  = "1.2.1"
  agent_id = coder_agent.main.id
  folder   = "/home/coder/project"
  mcp = jsonencode({
@@ -53,7 +53,7 @@ locals {

 module "vscode-desktop-core" {
  source  = "registry.coder.com/coder/vscode-desktop-core/coder"
-  version = "1.0.0"
+  version = "1.0.2"

  agent_id = var.agent_id

@@ -8,13 +8,13 @@ tags: [ai, agents, development, multiplexer]

 # Mux

-Automatically install and run [Mux](https://github.com/coder/mux) in a Coder workspace. By default, the module installs `mux@next` from npm (with a fallback to downloading the npm tarball if npm is unavailable). Mux is a desktop application for parallel agentic development that enables developers to run multiple AI agents simultaneously across isolated workspaces.
+Automatically install and run [Mux](https://github.com/coder/mux) in a Coder workspace. By default, the module auto-detects an available package manager (`npm`, `pnpm`, or `bun`) to install `mux@next` (with a fallback to downloading the npm tarball if none is found). You can also force a specific package manager via `package_manager` and point to a custom registry with `registry_url`. Mux is a desktop application for parallel agentic development that enables developers to run multiple AI agents simultaneously across isolated workspaces.

 ```tf
 module "mux" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/mux/coder"
-  version  = "1.1.0"
+  version  = "1.3.1"
  agent_id = coder_agent.main.id
 }
 ```
@@ -37,7 +37,7 @@ module "mux" {
 module "mux" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/mux/coder"
-  version  = "1.1.0"
+  version  = "1.3.1"
  agent_id = coder_agent.main.id
 }
 ```
@@ -48,7 +48,7 @@ module "mux" {
 module "mux" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/mux/coder"
-  version  = "1.1.0"
+  version  = "1.3.1"
  agent_id = coder_agent.main.id
  # Default is "latest"; set to a specific version to pin
  install_version = "0.4.0"
@@ -63,9 +63,24 @@ Start Mux with `mux server --add-project /path/to/project`:
 module "mux" {
  count       = data.coder_workspace.me.start_count
  source      = "registry.coder.com/coder/mux/coder"
-  version     = "1.1.0"
+  version     = "1.3.1"
  agent_id    = coder_agent.main.id
-  add-project = "/path/to/project"
+  add_project = "/path/to/project"
+}
+```
+
+### Pass Arbitrary `mux server` Arguments
+
+Use `additional_arguments` to append additional arguments to `mux server`.
+The module parses quoted values, so grouped arguments remain intact.
+
+```tf
+module "mux" {
+  count                = data.coder_workspace.me.start_count
+  source               = "registry.coder.com/coder/mux/coder"
+  version              = "1.3.1"
+  agent_id             = coder_agent.main.id
+  additional_arguments = "--open-mode pinned --add-project '/workspaces/my repo'"
 }
 ```

@@ -75,12 +90,40 @@ module "mux" {
 module "mux" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/mux/coder"
-  version  = "1.1.0"
+  version  = "1.3.1"
  agent_id = coder_agent.main.id
  port     = 8080
 }
 ```

+### Custom Package Manager
+
+Force a specific package manager instead of auto-detection:
+
+```tf
+module "mux" {
+  count           = data.coder_workspace.me.start_count
+  source          = "registry.coder.com/coder/mux/coder"
+  version         = "1.3.1"
+  agent_id        = coder_agent.main.id
+  package_manager = "pnpm" # or "npm", "bun"
+}
+```
+
+### Custom Registry
+
+Use a private or mirrored npm registry:
+
+```tf
+module "mux" {
+  count        = data.coder_workspace.me.start_count
+  source       = "registry.coder.com/coder/mux/coder"
+  version      = "1.3.1"
+  agent_id     = coder_agent.main.id
+  registry_url = "https://npm.pkg.github.com"
+}
+```
+
 ### Use Cached Installation

 Run an existing copy of Mux if found, otherwise install from npm:
@@ -89,7 +132,7 @@ Run an existing copy of Mux if found, otherwise install from npm:
 module "mux" {
  count      = data.coder_workspace.me.start_count
  source     = "registry.coder.com/coder/mux/coder"
-  version    = "1.1.0"
+  version    = "1.3.1"
  agent_id   = coder_agent.main.id
  use_cached = true
 }
@@ -103,7 +146,7 @@ Run without installing from the network (requires Mux to be pre-installed):
 module "mux" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/mux/coder"
-  version  = "1.1.0"
+  version  = "1.3.1"
  agent_id = coder_agent.main.id
  install  = false
 }
@@ -117,4 +160,6 @@ module "mux" {

 - Mux is currently in preview and you may encounter bugs
 - Requires internet connectivity for agent operations (unless `install` is set to false)
- Installs `mux@next` from npm by default (falls back to the npm tarball if npm is unavailable)
+- Auto-detects `npm`, `pnpm`, or `bun` by default; set `package_manager` to force a specific one
+- Installs `mux@next` from the npm registry by default; set `registry_url` to use a private or mirrored registry
+- Falls back to a direct tarball download when no package manager is found
@@ -1,6 +1,11 @@
 import { describe, expect, it } from "bun:test";
 import {
  executeScriptInContainer,
+  execContainer,
+  findResourceInstance,
+  readFileContainer,
+  removeContainer,
+  runContainer,
  runTerraformApply,
  runTerraformInit,
  testRequiredVariables,
@@ -30,7 +35,7 @@ describe("mux", async () => {
    }
    expect(output.exitCode).toBe(0);
    const expectedLines = [
-      "📥 npm not found; downloading tarball from npm registry...",
+      "📥 No package manager found; downloading tarball from registry...",
      "🥳 mux has been installed in /tmp/mux",
      "🚀 Starting mux server on port 4000...",
      "Check logs at /tmp/mux.log!",
@@ -40,6 +45,57 @@ describe("mux", async () => {
    }
  }, 60000);

+  it("parses custom additional_arguments", async () => {
+    const state = await runTerraformApply(import.meta.dir, {
+      agent_id: "foo",
+      install: false,
+      log_path: "/tmp/mux.log",
+      additional_arguments:
+        "--open-mode pinned --add-project '/workspaces/my repo'",
+    });
+
+    const instance = findResourceInstance(state, "coder_script");
+    const id = await runContainer("alpine/curl");
+
+    try {
+      const setup = await execContainer(id, [
+        "sh",
+        "-c",
+        `apk add --no-cache bash >/dev/null
+mkdir -p /tmp/mux
+cat <<'EOF' > /tmp/mux/mux
+#!/usr/bin/env sh
+i=1
+for arg in "$@"; do
+  echo "arg$i=$arg"
+  i=$((i + 1))
+done
+EOF
+chmod +x /tmp/mux/mux`,
+      ]);
+      expect(setup.exitCode).toBe(0);
+
+      const output = await execContainer(id, ["sh", "-c", instance.script]);
+      if (output.exitCode !== 0) {
+        console.log("STDOUT:\n" + output.stdout);
+        console.log("STDERR:\n" + output.stderr);
+      }
+      expect(output.exitCode).toBe(0);
+
+      await execContainer(id, ["sh", "-c", "sleep 1"]);
+      const log = await readFileContainer(id, "/tmp/mux.log");
+      expect(log).toContain("arg1=server");
+      expect(log).toContain("arg2=--port");
+      expect(log).toContain("arg3=4000");
+      expect(log).toContain("arg4=--open-mode");
+      expect(log).toContain("arg5=pinned");
+      expect(log).toContain("arg6=--add-project");
+      expect(log).toContain("arg7=/workspaces/my repo");
+    } finally {
+      await removeContainer(id);
+    }
+  }, 60000);
+
  it("runs with npm present", async () => {
    const state = await runTerraformApply(import.meta.dir, {
      agent_id: "foo",
@@ -55,7 +111,7 @@ describe("mux", async () => {
    expect(output.exitCode).toBe(0);
    const expectedLines = [
      "📦 Installing mux via npm into /tmp/mux...",
-      "⏭️  Skipping npm lifecycle scripts with --ignore-scripts",
+      "⏭️  Skipping lifecycle scripts with --ignore-scripts",
      "🥳 mux has been installed in /tmp/mux",
      "🚀 Starting mux server on port 4000...",
      "Check logs at /tmp/mux.log!",
@@ -49,18 +49,41 @@ variable "log_path" {
  default     = "/tmp/mux.log"
 }

-variable "add-project" {
+variable "add_project" {
  type        = string
  description = "Optional path to add/open as a project in Mux on startup."
  default     = null
 }

+variable "additional_arguments" {
+  type        = string
+  description = "Additional command-line arguments to pass to `mux server` (for example: `--add-project /path --open-mode pinned`)."
+  default     = ""
+}
+
 variable "install_version" {
  type        = string
  description = "The version or dist-tag of Mux to install."
  default     = "next"
 }

+variable "package_manager" {
+  type        = string
+  description = "Package manager to install Mux. 'auto' detects npm, pnpm, or bun (falling back to tarball download). Set to 'npm', 'pnpm', or 'bun' to force a specific one."
+  default     = "auto"
+  validation {
+    condition     = contains(["auto", "npm", "pnpm", "bun"], var.package_manager)
+    error_message = "The 'package_manager' variable must be one of: 'auto', 'npm', 'pnpm', 'bun'."
+  }
+}
+
+variable "registry_url" {
+  type        = string
+  description = "The npm-compatible registry URL to install Mux from. Override this for private registries or mirrors."
+  default     = "https://registry.npmjs.org"
+}
+
+
 variable "share" {
  type    = string
  default = "owner"
@@ -131,6 +154,7 @@ resource "random_password" "mux_auth_token" {

 locals {
  mux_auth_token = random_password.mux_auth_token.result
+  registry_url   = trimsuffix(var.registry_url, "/")
 }

 resource "coder_script" "mux" {
@@ -141,11 +165,14 @@ resource "coder_script" "mux" {
    VERSION : var.install_version,
    PORT : var.port,
    LOG_PATH : var.log_path,
-    ADD_PROJECT : var.add-project == null ? "" : var.add-project,
+    ADD_PROJECT : var.add_project == null ? "" : var.add_project,
+    ADDITIONAL_ARGUMENTS : var.additional_arguments,
    INSTALL_PREFIX : var.install_prefix,
    OFFLINE : !var.install,
    USE_CACHED : var.use_cached,
    AUTH_TOKEN : local.mux_auth_token,
+    PACKAGE_MANAGER : var.package_manager,
+    REGISTRY_URL : local.registry_url,
  })
  run_on_start = true

@@ -79,6 +79,20 @@ run "auth_token_in_url" {
  }
 }

+run "custom_additional_arguments" {
+  command = plan
+
+  variables {
+    agent_id             = "foo"
+    additional_arguments = "--open-mode pinned --add-project '/workspaces/my repo'"
+  }
+
+  assert {
+    condition     = strcontains(resource.coder_script.mux.script, "--open-mode pinned --add-project '/workspaces/my repo'")
+    error_message = "mux launch script must include the configured additional arguments"
+  }
+}
+
 run "custom_version" {
  command = plan

@@ -107,3 +121,96 @@ run "use_cached_only_success" {
    use_cached = true
  }
 }
+
+# Custom package_manager should appear in generated script
+run "custom_package_manager_npm" {
+  command = plan
+
+  variables {
+    agent_id        = "foo"
+    package_manager = "npm"
+  }
+
+  assert {
+    condition     = strcontains(resource.coder_script.mux.script, "PM_CMD=\"npm\"")
+    error_message = "mux script must set PM_CMD to the configured package manager"
+  }
+}
+
+run "custom_package_manager_pnpm" {
+  command = plan
+
+  variables {
+    agent_id        = "foo"
+    package_manager = "pnpm"
+  }
+
+  assert {
+    condition     = strcontains(resource.coder_script.mux.script, "PM_CMD=\"pnpm\"")
+    error_message = "mux script must set PM_CMD to the configured package manager"
+  }
+}
+
+run "custom_package_manager_bun" {
+  command = plan
+
+  variables {
+    agent_id        = "foo"
+    package_manager = "bun"
+  }
+
+  assert {
+    condition     = strcontains(resource.coder_script.mux.script, "PM_CMD=\"bun\"")
+    error_message = "mux script must set PM_CMD to the configured package manager"
+  }
+}
+
+# Invalid package_manager should fail validation
+run "invalid_package_manager" {
+  command = plan
+
+  variables {
+    agent_id        = "foo"
+    package_manager = "yarn"
+  }
+
+  expect_failures = [
+    var.package_manager
+  ]
+}
+
+# Custom registry_url should appear in generated script
+run "custom_registry_url" {
+  command = plan
+
+  variables {
+    agent_id     = "foo"
+    registry_url = "https://npm.example.com"
+  }
+
+  assert {
+    condition     = strcontains(resource.coder_script.mux.script, "https://npm.example.com")
+    error_message = "mux script must use the configured registry URL"
+  }
+
+  assert {
+    condition     = !strcontains(resource.coder_script.mux.script, "registry.npmjs.org")
+    error_message = "mux script must not contain hardcoded registry.npmjs.org when custom registry is set"
+  }
+}
+
+# registry_url trailing slash should be stripped
+run "registry_url_trailing_slash" {
+  command = plan
+
+  variables {
+    agent_id     = "foo"
+    registry_url = "https://npm.example.com/"
+  }
+
+  assert {
+    condition     = strcontains(resource.coder_script.mux.script, "https://npm.example.com/mux/")
+    error_message = "registry URL trailing slash must be stripped to avoid double slashes"
+  }
+}
+
@@ -20,6 +20,22 @@ function run_mux() {
  if [ -n "${ADD_PROJECT}" ]; then
    set -- "$@" --add-project "${ADD_PROJECT}"
  fi
+
+  # Parse additional user-supplied server arguments while preserving quoted groups.
+  if [ -n "${ADDITIONAL_ARGUMENTS}" ]; then
+    local parsed_additional_arguments
+    if ! parsed_additional_arguments="$(printf "%s\n" "${ADDITIONAL_ARGUMENTS}" | xargs -n1 printf "%s\n" 2> /dev/null)"; then
+      echo "❌ Failed to parse additional_arguments. Ensure quotes are balanced."
+      exit 1
+    fi
+    while IFS= read -r parsed_arg; do
+      [ -n "$parsed_arg" ] || continue
+      set -- "$@" "$parsed_arg"
+    done << EOF
+$${parsed_additional_arguments}
+EOF
+  fi
+
  echo "🚀 Starting mux server on port $port_value..."
  echo "Check logs at ${LOG_PATH}!"
  MUX_SERVER_AUTH_TOKEN="$auth_token_value" PORT="$port_value" "$MUX_BINARY" "$@" > "${LOG_PATH}" 2>&1 &
@@ -38,7 +54,7 @@ fi

 # If there is no cached install OR we don't want to use a cached install
 if [ ! -f "$MUX_BINARY" ] || [ "${USE_CACHED}" != true ]; then
-  printf "$${BOLD}Installing mux from npm...\n"
+  printf "$${BOLD}Installing mux...\n"

  # Clean up from other install (in case install prefix changed).
  if [ -n "$CODER_SCRIPT_BIN_DIR" ] && [ -e "$CODER_SCRIPT_BIN_DIR/mux" ]; then
@@ -47,41 +63,76 @@ if [ ! -f "$MUX_BINARY" ] || [ "${USE_CACHED}" != true ]; then

  mkdir -p "$(dirname "$MUX_BINARY")"

-  if command -v npm > /dev/null 2>&1; then
-    echo "📦 Installing mux via npm into ${INSTALL_PREFIX}..."
+  # Determine which package manager to use
+  PM_CMD=""
+  if [ "${PACKAGE_MANAGER}" = "auto" ]; then
+    for pm in npm pnpm bun; do
+      if command -v "$pm" > /dev/null 2>&1; then
+        PM_CMD="$pm"
+        break
+      fi
+    done
+  else
+    PM_CMD="${PACKAGE_MANAGER}"
+    if ! command -v "$PM_CMD" > /dev/null 2>&1; then
+      echo "❌ Configured package manager '${PACKAGE_MANAGER}' not found on PATH"
+      exit 1
+    fi
+  fi
+
+  if [ -n "$PM_CMD" ]; then
+    echo "📦 Installing mux via $PM_CMD into ${INSTALL_PREFIX}..."
    NPM_WORKDIR="${INSTALL_PREFIX}/npm"
    mkdir -p "$NPM_WORKDIR"
    cd "$NPM_WORKDIR" || exit 1
    if [ ! -f package.json ]; then
      echo '{}' > package.json
    fi
-    echo "⏭️  Skipping npm lifecycle scripts with --ignore-scripts"
+    echo "⏭️  Skipping lifecycle scripts with --ignore-scripts"
    PKG="mux"
    if [ -z "${VERSION}" ] || [ "${VERSION}" = "latest" ]; then
      PKG_SPEC="$PKG@latest"
    else
      PKG_SPEC="$PKG@${VERSION}"
    fi
-    if ! npm install --no-audit --no-fund --omit=dev --ignore-scripts "$PKG_SPEC"; then
-      echo "❌ Failed to install mux via npm"
+    INSTALL_OK=true
+    case "$PM_CMD" in
+      npm)
+        if ! npm install --no-audit --no-fund --omit=dev --ignore-scripts --registry "${REGISTRY_URL}" "$PKG_SPEC"; then
+          INSTALL_OK=false
+        fi
+        ;;
+      pnpm)
+        if ! pnpm add --ignore-scripts --registry "${REGISTRY_URL}" "$PKG_SPEC"; then
+          INSTALL_OK=false
+        fi
+        ;;
+      bun)
+        if ! bun add --ignore-scripts --registry "${REGISTRY_URL}" "$PKG_SPEC"; then
+          INSTALL_OK=false
+        fi
+        ;;
+    esac
+    if [ "$INSTALL_OK" != true ]; then
+      echo "❌ Failed to install mux via $PM_CMD"
      exit 1
    fi
    # Determine the installed binary path
    BIN_DIR="$NPM_WORKDIR/node_modules/.bin"
    CANDIDATE="$BIN_DIR/mux"
    if [ ! -f "$CANDIDATE" ]; then
-      echo "❌ Could not locate mux binary after npm install"
+      echo "❌ Could not locate mux binary after $PM_CMD install"
      exit 1
    fi
    chmod +x "$CANDIDATE" || true
    ln -sf "$CANDIDATE" "$MUX_BINARY"
  else
-    echo "📥 npm not found; downloading tarball from npm registry..."
+    echo "📥 No package manager found; downloading tarball from registry..."
    VERSION_TO_USE="${VERSION}"
    if [ -z "$VERSION_TO_USE" ]; then
      VERSION_TO_USE="next"
    fi
-    META_URL="https://registry.npmjs.org/mux/$VERSION_TO_USE"
+    META_URL="${REGISTRY_URL}/mux/$VERSION_TO_USE"
    META_JSON="$(curl -fsSL "$META_URL" || true)"
    if [ -z "$META_JSON" ]; then
      echo "❌ Failed to fetch npm metadata: $META_URL"
@@ -120,7 +171,7 @@ if [ ! -f "$MUX_BINARY" ] || [ "${USE_CACHED}" != true ]; then
        echo "❌ Could not determine version for mux"
        exit 1
      fi
-      TARBALL_URL="https://registry.npmjs.org/mux/-/mux-$VERSION_TO_USE.tgz"
+      TARBALL_URL="${REGISTRY_URL}/mux/-/mux-$VERSION_TO_USE.tgz"
    fi
    TMP_DIR="$(mktemp -d)"
    TAR_PATH="$TMP_DIR/mux.tgz"
@@ -16,15 +16,15 @@ The VSCode Desktop Core module is a building block for modules that need to expo
 ```tf
 module "vscode-desktop-core" {
  source  = "registry.coder.com/coder/vscode-desktop-core/coder"
-  version = "1.0.1"
+  version = "1.0.2"

  agent_id = var.agent_id

-  web_app_icon         = "/icon/code.svg"
-  web_app_slug         = "vscode"
-  web_app_display_name = "VS Code Desktop"
-  web_app_order        = var.order
-  web_app_group        = var.group
+  coder_app_icon         = "/icon/code.svg"
+  coder_app_slug         = "vscode"
+  coder_app_display_name = "VS Code Desktop"
+  coder_app_order        = var.order
+  coder_app_group        = var.group

  folder      = var.folder
  open_recent = var.open_recent
@@ -11,9 +11,9 @@ const appName = "vscode-desktop";
 const defaultVariables = {
  agent_id: "foo",

-  web_app_icon: "/icon/code.svg",
-  web_app_slug: "vscode",
-  web_app_display_name: "VS Code Desktop",
+  coder_app_icon: "/icon/code.svg",
+  coder_app_slug: "vscode",
+  coder_app_display_name: "VS Code Desktop",

  protocol: "vscode",
 };
@@ -99,16 +99,16 @@ describe("vscode-desktop-core", async () => {
      );

      expect(coder_app?.instances[0].attributes.slug).toBe(
-        defaultVariables.web_app_slug,
+        defaultVariables.coder_app_slug,
      );
      expect(coder_app?.instances[0].attributes.display_name).toBe(
-        defaultVariables.web_app_display_name,
+        defaultVariables.coder_app_display_name,
      );
    });

    it("sets order", async () => {
      const state = await runTerraformApply(import.meta.dir, {
-        web_app_order: "5",
+        coder_app_order: "5",

        ...defaultVariables,
      });
@@ -122,7 +122,7 @@ describe("vscode-desktop-core", async () => {

    it("sets group", async () => {
      const state = await runTerraformApply(import.meta.dir, {
-        web_app_group: "web-app-group",
+        coder_app_group: "web-app-group",

        ...defaultVariables,
      });
@@ -31,28 +31,28 @@ variable "protocol" {
  description = "The URI protocol the IDE."
 }

-variable "web_app_icon" {
+variable "coder_app_icon" {
  type        = string
  description = "The icon of the coder_app."
 }

-variable "web_app_slug" {
+variable "coder_app_slug" {
  type        = string
  description = "The slug of the coder_app."
 }

-variable "web_app_display_name" {
+variable "coder_app_display_name" {
  type        = string
  description = "The display name of the coder_app."
 }

-variable "web_app_order" {
+variable "coder_app_order" {
  type        = number
  description = "The order of the coder_app."
  default     = null
 }

-variable "web_app_group" {
+variable "coder_app_group" {
  type        = string
  description = "The group of the coder_app."
  default     = null
@@ -65,12 +65,12 @@ resource "coder_app" "vscode-desktop" {
  agent_id = var.agent_id
  external = true

-  icon         = var.web_app_icon
-  slug         = var.web_app_slug
-  display_name = var.web_app_display_name
+  icon         = var.coder_app_icon
+  slug         = var.coder_app_slug
+  display_name = var.coder_app_display_name

-  order = var.web_app_order
-  group = var.web_app_group
+  order = var.coder_app_order
+  group = var.coder_app_group

  url = join("", [
    var.protocol,
@@ -16,7 +16,7 @@ Uses the [Coder Remote VS Code Extension](https://github.com/coder/vscode-coder)
 module "vscode" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/vscode-desktop/coder"
-  version  = "1.2.0"
+  version  = "1.2.1"
  agent_id = coder_agent.main.id
 }
 ```
@@ -29,7 +29,7 @@ module "vscode" {
 module "vscode" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/vscode-desktop/coder"
-  version  = "1.2.0"
+  version  = "1.2.1"
  agent_id = coder_agent.main.id
  folder   = "/home/coder/project"
 }
@@ -40,7 +40,7 @@ variable "group" {

 module "vscode-desktop-core" {
  source  = "registry.coder.com/coder/vscode-desktop-core/coder"
-  version = "1.0.0"
+  version = "1.0.2"

  agent_id = var.agent_id

@@ -16,7 +16,7 @@ Uses the [Coder Remote VS Code Extension](https://github.com/coder/vscode-coder)
 module "windsurf" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/windsurf/coder"
-  version  = "1.3.0"
+  version  = "1.3.1"
  agent_id = coder_agent.main.id
 }
 ```
@@ -29,7 +29,7 @@ module "windsurf" {
 module "windsurf" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/windsurf/coder"
-  version  = "1.3.0"
+  version  = "1.3.1"
  agent_id = coder_agent.main.id
  folder   = "/home/coder/project"
 }
@@ -45,7 +45,7 @@ The following example configures Windsurf to use the GitHub MCP server with auth
 module "windsurf" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/coder/windsurf/coder"
-  version  = "1.3.0"
+  version  = "1.3.1"
  agent_id = coder_agent.main.id
  folder   = "/home/coder/project"
  mcp = jsonencode({
@@ -65,7 +65,7 @@ locals {

 module "vscode-desktop-core" {
  source  = "registry.coder.com/coder/vscode-desktop-core/coder"
-  version = "1.0.0"
+  version = "1.0.2"

  agent_id = var.agent_id

@@ -1,76 +0,0 @@
---
-display_name: Docker (Envbuilder)
-description: Provision envbuilder containers as Coder workspaces
-icon: ../../../../.icons/docker.svg
-verified: true
-tags: [container, docker, devcontainer, envbuilder]
---
-
-# Remote Development on Docker Containers (with Envbuilder)
-
-Provision Envbuilder containers based on `devcontainer.json` as [Coder workspaces](https://coder.com/docs/workspaces) in Docker with this example template.
-
-## Prerequisites
-
-### Infrastructure
-
-Coder must have access to a running Docker socket, and the `coder` user must be a member of the `docker` group:
-
-```shell
-# Add coder user to Docker group
-sudo usermod -aG docker coder
-
-# Restart Coder server
-sudo systemctl restart coder
-
-# Test Docker
-sudo -u coder docker ps
-```
-
-## Architecture
-
-Coder supports Envbuilder containers based on `devcontainer.json` via [envbuilder](https://github.com/coder/envbuilder), an open source project. Read more about this in [Coder's documentation](https://coder.com/docs/templates/dev-containers).
-
-This template provisions the following resources:
-
- Envbuilder cached image (conditional, persistent) using [`terraform-provider-envbuilder`](https://github.com/coder/terraform-provider-envbuilder)
- Docker image (persistent) using [`envbuilder`](https://github.com/coder/envbuilder)
- Docker container (ephemeral)
- Docker volume (persistent on `/workspaces`)
-
-The Git repository is cloned inside the `/workspaces` volume if not present.
-Any local changes to the Devcontainer files inside the volume will be applied when you restart the workspace.
-Keep in mind that any tools or files outside of `/workspaces` or not added as part of the Devcontainer specification are not persisted.
-Edit the `devcontainer.json` instead!
-
-> **Note**
-> This template is designed to be a starting point! Edit the Terraform to extend the template to support your use case.
-
-## Docker-in-Docker
-
-See the [Envbuilder documentation](https://github.com/coder/envbuilder/blob/main/docs/docker.md) for information on running Docker containers inside an Envbuilder container.
-
-## Caching
-
-To speed up your builds, you can use a container registry as a cache.
-When creating the template, set the parameter `cache_repo` to a valid Docker repository.
-
-For example, you can run a local registry:
-
-```shell
-docker run --detach \
-  --volume registry-cache:/var/lib/registry \
-  --publish 5000:5000 \
-  --name registry-cache \
-  --net=host \
-  registry:2
-```
-
-Then, when creating the template, enter `localhost:5000/envbuilder-cache` for the parameter `cache_repo`.
-
-See the [Envbuilder Terraform Provider Examples](https://github.com/coder/terraform-provider-envbuilder/blob/main/examples/resources/envbuilder_cached_image/envbuilder_cached_image_resource.tf/) for a more complete example of how the provider works.
-
-> [!NOTE]
-> We recommend using a registry cache with authentication enabled.
-> To allow Envbuilder to authenticate with the registry cache, specify the variable `cache_repo_docker_config_path`
-> with the path to a Docker config `.json` on disk containing valid credentials for the registry.
@@ -1,362 +0,0 @@
-terraform {
-  required_providers {
-    coder = {
-      source  = "coder/coder"
-      version = "~> 2.0"
-    }
-    docker = {
-      source = "kreuzwerker/docker"
-    }
-    envbuilder = {
-      source = "coder/envbuilder"
-    }
-  }
-}
-
-variable "docker_socket" {
-  default     = ""
-  description = "(Optional) Docker socket URI"
-  type        = string
-}
-
-provider "coder" {}
-provider "docker" {
-  # Defaulting to null if the variable is an empty string lets us have an optional variable without having to set our own default
-  host = var.docker_socket != "" ? var.docker_socket : null
-}
-provider "envbuilder" {}
-
-data "coder_provisioner" "me" {}
-data "coder_workspace" "me" {}
-data "coder_workspace_owner" "me" {}
-
-data "coder_parameter" "repo" {
-  description  = "Select a repository to automatically clone and start working with a devcontainer."
-  display_name = "Repository (auto)"
-  mutable      = true
-  name         = "repo"
-  option {
-    name        = "vercel/next.js"
-    description = "The React Framework"
-    value       = "https://github.com/vercel/next.js"
-  }
-  option {
-    name        = "home-assistant/core"
-    description = "🏡 Open source home automation that puts local control and privacy first."
-    value       = "https://github.com/home-assistant/core"
-  }
-  option {
-    name        = "discourse/discourse"
-    description = "A platform for community discussion. Free, open, simple."
-    value       = "https://github.com/discourse/discourse"
-  }
-  option {
-    name        = "denoland/deno"
-    description = "A modern runtime for JavaScript and TypeScript."
-    value       = "https://github.com/denoland/deno"
-  }
-  option {
-    name        = "microsoft/vscode"
-    icon        = "/icon/code.svg"
-    description = "Code editing. Redefined."
-    value       = "https://github.com/microsoft/vscode"
-  }
-  option {
-    name        = "Custom"
-    icon        = "/emojis/1f5c3.png"
-    description = "Specify a custom repo URL below"
-    value       = "custom"
-  }
-  order = 1
-}
-
-data "coder_parameter" "custom_repo_url" {
-  default      = ""
-  description  = "Optionally enter a custom repository URL, see [awesome-devcontainers](https://github.com/manekinekko/awesome-devcontainers)."
-  display_name = "Repository URL (custom)"
-  name         = "custom_repo_url"
-  mutable      = true
-  order        = 2
-}
-
-data "coder_parameter" "fallback_image" {
-  default      = "codercom/enterprise-base:ubuntu"
-  description  = "This image runs if the devcontainer fails to build."
-  display_name = "Fallback Image"
-  mutable      = true
-  name         = "fallback_image"
-  order        = 3
-}
-
-data "coder_parameter" "devcontainer_builder" {
-  description  = <<-EOF
-Image that will build the devcontainer.
-We highly recommend using a specific release as the `:latest` tag will change.
-Find the latest version of Envbuilder here: https://github.com/coder/envbuilder/pkgs/container/envbuilder
-EOF
-  display_name = "Devcontainer Builder"
-  mutable      = true
-  name         = "devcontainer_builder"
-  default      = "ghcr.io/coder/envbuilder:latest"
-  order        = 4
-}
-
-variable "cache_repo" {
-  default     = ""
-  description = "(Optional) Use a container registry as a cache to speed up builds."
-  type        = string
-}
-
-variable "insecure_cache_repo" {
-  default     = false
-  description = "Enable this option if your cache registry does not serve HTTPS."
-  type        = bool
-}
-
-variable "cache_repo_docker_config_path" {
-  default     = ""
-  description = "(Optional) Path to a docker config.json containing credentials to the provided cache repo, if required."
-  sensitive   = true
-  type        = string
-}
-
-locals {
-  container_name             = "coder-${data.coder_workspace_owner.me.name}-${lower(data.coder_workspace.me.name)}"
-  devcontainer_builder_image = data.coder_parameter.devcontainer_builder.value
-  git_author_name            = coalesce(data.coder_workspace_owner.me.full_name, data.coder_workspace_owner.me.name)
-  git_author_email           = data.coder_workspace_owner.me.email
-  repo_url                   = data.coder_parameter.repo.value == "custom" ? data.coder_parameter.custom_repo_url.value : data.coder_parameter.repo.value
-  # The envbuilder provider requires a key-value map of environment variables.
-  envbuilder_env = {
-    # ENVBUILDER_GIT_URL and ENVBUILDER_CACHE_REPO will be overridden by the provider
-    # if the cache repo is enabled.
-    "ENVBUILDER_GIT_URL" : local.repo_url,
-    "ENVBUILDER_CACHE_REPO" : var.cache_repo,
-    "CODER_AGENT_TOKEN" : coder_agent.main.token,
-    # Use the docker gateway if the access URL is 127.0.0.1
-    "CODER_AGENT_URL" : replace(data.coder_workspace.me.access_url, "/localhost|127\\.0\\.0\\.1/", "host.docker.internal"),
-    # Use the docker gateway if the access URL is 127.0.0.1
-    "ENVBUILDER_INIT_SCRIPT" : replace(coder_agent.main.init_script, "/localhost|127\\.0\\.0\\.1/", "host.docker.internal"),
-    "ENVBUILDER_FALLBACK_IMAGE" : data.coder_parameter.fallback_image.value,
-    "ENVBUILDER_DOCKER_CONFIG_BASE64" : try(data.local_sensitive_file.cache_repo_dockerconfigjson[0].content_base64, ""),
-    "ENVBUILDER_PUSH_IMAGE" : var.cache_repo == "" ? "" : "true",
-    "ENVBUILDER_INSECURE" : "${var.insecure_cache_repo}",
-  }
-  # Convert the above map to the format expected by the docker provider.
-  docker_env = [
-    for k, v in local.envbuilder_env : "${k}=${v}"
-  ]
-}
-
-data "local_sensitive_file" "cache_repo_dockerconfigjson" {
-  count    = var.cache_repo_docker_config_path == "" ? 0 : 1
-  filename = var.cache_repo_docker_config_path
-}
-
-resource "docker_image" "devcontainer_builder_image" {
-  name         = local.devcontainer_builder_image
-  keep_locally = true
-}
-
-resource "docker_volume" "workspaces" {
-  name = "coder-${data.coder_workspace.me.id}"
-  # Protect the volume from being deleted due to changes in attributes.
-  lifecycle {
-    ignore_changes = all
-  }
-  # Add labels in Docker to keep track of orphan resources.
-  labels {
-    label = "coder.owner"
-    value = data.coder_workspace_owner.me.name
-  }
-  labels {
-    label = "coder.owner_id"
-    value = data.coder_workspace_owner.me.id
-  }
-  labels {
-    label = "coder.workspace_id"
-    value = data.coder_workspace.me.id
-  }
-  # This field becomes outdated if the workspace is renamed but can
-  # be useful for debugging or cleaning out dangling volumes.
-  labels {
-    label = "coder.workspace_name_at_creation"
-    value = data.coder_workspace.me.name
-  }
-}
-
-# Check for the presence of a prebuilt image in the cache repo
-# that we can use instead.
-resource "envbuilder_cached_image" "cached" {
-  count         = var.cache_repo == "" ? 0 : data.coder_workspace.me.start_count
-  builder_image = local.devcontainer_builder_image
-  git_url       = local.repo_url
-  cache_repo    = var.cache_repo
-  extra_env     = local.envbuilder_env
-  insecure      = var.insecure_cache_repo
-}
-
-resource "docker_container" "workspace" {
-  count = data.coder_workspace.me.start_count
-  image = var.cache_repo == "" ? local.devcontainer_builder_image : envbuilder_cached_image.cached.0.image
-  # Uses lower() to avoid Docker restriction on container names.
-  name = "coder-${data.coder_workspace_owner.me.name}-${lower(data.coder_workspace.me.name)}"
-  # Hostname makes the shell more user friendly: coder@my-workspace:~$
-  hostname = data.coder_workspace.me.name
-  # Use the environment specified by the envbuilder provider, if available.
-  env = var.cache_repo == "" ? local.docker_env : envbuilder_cached_image.cached.0.env
-  # network_mode = "host" # Uncomment if testing with a registry running on `localhost`.
-  host {
-    host = "host.docker.internal"
-    ip   = "host-gateway"
-  }
-  volumes {
-    container_path = "/workspaces"
-    volume_name    = docker_volume.workspaces.name
-    read_only      = false
-  }
-  # Add labels in Docker to keep track of orphan resources.
-  labels {
-    label = "coder.owner"
-    value = data.coder_workspace_owner.me.name
-  }
-  labels {
-    label = "coder.owner_id"
-    value = data.coder_workspace_owner.me.id
-  }
-  labels {
-    label = "coder.workspace_id"
-    value = data.coder_workspace.me.id
-  }
-  labels {
-    label = "coder.workspace_name"
-    value = data.coder_workspace.me.name
-  }
-}
-
-resource "coder_agent" "main" {
-  arch           = data.coder_provisioner.me.arch
-  os             = "linux"
-  startup_script = <<-EOT
-    set -e
-
-    # Add any commands that should be executed at workspace startup (e.g install requirements, start a program, etc) here
-  EOT
-  dir            = "/workspaces"
-
-  # These environment variables allow you to make Git commits right away after creating a
-  # workspace. Note that they take precedence over configuration defined in ~/.gitconfig!
-  # You can remove this block if you'd prefer to configure Git manually or using
-  # dotfiles. (see docs/dotfiles.md)
-  env = {
-    GIT_AUTHOR_NAME     = local.git_author_name
-    GIT_AUTHOR_EMAIL    = local.git_author_email
-    GIT_COMMITTER_NAME  = local.git_author_name
-    GIT_COMMITTER_EMAIL = local.git_author_email
-  }
-
-  # The following metadata blocks are optional. They are used to display
-  # information about your workspace in the dashboard. You can remove them
-  # if you don't want to display any information.
-  # For basic resources, you can use the `coder stat` command.
-  # If you need more control, you can write your own script.
-  metadata {
-    display_name = "CPU Usage"
-    key          = "0_cpu_usage"
-    script       = "coder stat cpu"
-    interval     = 10
-    timeout      = 1
-  }
-
-  metadata {
-    display_name = "RAM Usage"
-    key          = "1_ram_usage"
-    script       = "coder stat mem"
-    interval     = 10
-    timeout      = 1
-  }
-
-  metadata {
-    display_name = "Home Disk"
-    key          = "3_home_disk"
-    script       = "coder stat disk --path $HOME"
-    interval     = 60
-    timeout      = 1
-  }
-
-  metadata {
-    display_name = "CPU Usage (Host)"
-    key          = "4_cpu_usage_host"
-    script       = "coder stat cpu --host"
-    interval     = 10
-    timeout      = 1
-  }
-
-  metadata {
-    display_name = "Memory Usage (Host)"
-    key          = "5_mem_usage_host"
-    script       = "coder stat mem --host"
-    interval     = 10
-    timeout      = 1
-  }
-
-  metadata {
-    display_name = "Load Average (Host)"
-    key          = "6_load_host"
-    # get load avg scaled by number of cores
-    script   = <<EOT
-      echo "`cat /proc/loadavg | awk '{ print $1 }'` `nproc`" | awk '{ printf "%0.2f", $1/$2 }'
-    EOT
-    interval = 60
-    timeout  = 1
-  }
-
-  metadata {
-    display_name = "Swap Usage (Host)"
-    key          = "7_swap_host"
-    script       = <<EOT
-      free -b | awk '/^Swap/ { printf("%.1f/%.1f", $3/1024.0/1024.0/1024.0, $2/1024.0/1024.0/1024.0) }'
-    EOT
-    interval     = 10
-    timeout      = 1
-  }
-}
-
-# See https://registry.coder.com/modules/coder/code-server
-module "code-server" {
-  count  = data.coder_workspace.me.start_count
-  source = "registry.coder.com/coder/code-server/coder"
-
-  # This ensures that the latest non-breaking version of the module gets downloaded, you can also pin the module version to prevent breaking changes in production.
-  version = "~> 1.0"
-
-  agent_id = coder_agent.main.id
-  order    = 1
-}
-
-# See https://registry.coder.com/modules/coder/jetbrains
-module "jetbrains" {
-  count      = data.coder_workspace.me.start_count
-  source     = "registry.coder.com/coder/jetbrains/coder"
-  version    = "~> 1.0"
-  agent_id   = coder_agent.main.id
-  agent_name = "main"
-  folder     = "/workspaces"
-}
-
-resource "coder_metadata" "container_info" {
-  count       = data.coder_workspace.me.start_count
-  resource_id = coder_agent.main.id
-  item {
-    key   = "workspace image"
-    value = var.cache_repo == "" ? local.devcontainer_builder_image : envbuilder_cached_image.cached.0.image
-  }
-  item {
-    key   = "git url"
-    value = local.repo_url
-  }
-  item {
-    key   = "cache repo"
-    value = var.cache_repo == "" ? "not enabled" : var.cache_repo
-  }
-}
@@ -1,86 +0,0 @@
---
-display_name: Tasks on Docker
-description: Run Coder Tasks on Docker with an example application
-icon: ../../../../.icons/tasks.svg
-verified: false
-tags: [docker, container, ai, tasks]
---
-
-# Run Coder Tasks on Docker
-
-This is an example template for running [Coder Tasks](https://coder.com/docs/ai-coder/tasks), Claude Code, along with a [real world application](https://realworld-docs.netlify.app/).
-
-![Tasks](../../.images/tasks-screenshot.png)
-
-This is a fantastic starting point for working with AI agents with Coder Tasks. Try prompts such as:
-
- "Make the background color blue"
- "Add a dark mode"
- "Rewrite the entire backend in Go"
-
-## Included in this template
-
-This template is designed to be an example and a reference for building other templates with Coder Tasks. You can always run Coder Tasks on different infrastructure (e.g. as on Kubernetes, VMs) and with your own GitHub repositories, MCP servers, images, etc.
-
-Additionally, this template uses our [Claude Code](https://registry.coder.com/modules/coder/claude-code) module, but [other agents](https://registry.coder.com/modules?search=tag%3Aagent) or even [custom agents](https://coder.com/docs/ai-coder/custom-agents) can be used in its place.
-
-This template uses a [Workspace Preset](https://coder.com/docs/admin/templates/extending-templates/parameters#workspace-presets) that pre-defines:
-
- Universal Container Image (e.g. contains Node.js, Java, Python, Ruby, etc)
- MCP servers (desktop-commander for long-running logs, playwright for previewing changes)
- System prompt and [repository](https://github.com/coder-contrib/realworld-django-rest-framework-angular) for the AI agent
- Startup script to initialize the repository and start the development server
-
-## Add this template to your Coder deployment
-
-You can also add this template to your Coder deployment and begin tinkering right away!
-
-### Prerequisites
-
- Coder installed (see [our docs](https://coder.com/docs/install)), ideally a Linux VM with Docker
- Anthropic API Key (or access to Anthropic models via Bedrock or Vertex, see [Claude Code docs](https://docs.anthropic.com/en/docs/claude-code/third-party-integrations))
- Access to a Docker socket
-  - If on the local VM, ensure the `coder` user is added to the Docker group (docs)
-
-    ```sh
-    # Add coder user to Docker group
-    sudo adduser coder docker
-    
-    # Restart Coder server
-    sudo systemctl restart coder
-    
-    # Test Docker
-    sudo -u coder docker ps
-    ```
-
-  - If on a remote VM, see the [Docker Terraform provider documentation](https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs#remote-hosts) to configure a remote host
-
-To import this template into Coder, first create a template from "Scratch" in the template editor.
-
-Visit this URL for your Coder deployment:
-
-```sh
-https://coder.example.com/templates/new?exampleId=scratch
-```
-
-After creating the template, paste the contents from [main.tf](https://github.com/coder/registry/blob/main/registry/coder/templates/tasks-docker/main.tf) into the template editor and save.
-
-Alternatively, you can use the Coder CLI to [push the template](https://coder.com/docs/reference/cli/templates_push)
-
-```sh
-# Download the CLI
-curl -L https://coder.com/install.sh | sh
-
-# Log in to your deployment
-coder login https://coder.example.com
-
-# Clone the registry
-git clone https://github.com/coder/registry
-cd registry
-
-# Navigate to this template
-cd registry/coder/templates/tasks-docker
-
-# Push the template
-coder templates push
-```
@@ -1,380 +0,0 @@
-terraform {
-  required_providers {
-    coder = {
-      source  = "coder/coder"
-      version = ">= 2.13"
-    }
-    docker = {
-      source = "kreuzwerker/docker"
-    }
-  }
-}
-
-# This template requires a valid Docker socket
-# However, you can reference our Kubernetes/VM
-# example templates and adapt the Claude Code module
-#
-# See: https://registry.coder.com/templates
-provider "docker" {}
-
-# A `coder_ai_task` resource enables Tasks and associates
-# the task with the coder_app that will act as an AI agent.
-resource "coder_ai_task" "task" {
-  count  = data.coder_workspace.me.start_count
-  app_id = module.claude-code[count.index].task_app_id
-}
-
-# You can read the task prompt from the `coder_task` data source.
-data "coder_task" "me" {}
-
-# The Claude Code module does the automatic task reporting
-# Other agent modules: https://registry.coder.com/modules?search=agent
-# Or use a custom agent:
-module "claude-code" {
-  count               = data.coder_workspace.me.start_count
-  source              = "registry.coder.com/coder/claude-code/coder"
-  version             = "4.7.5"
-  agent_id            = coder_agent.main.id
-  workdir             = "/home/coder/projects"
-  order               = 999
-  claude_api_key      = ""
-  ai_prompt           = data.coder_task.me.prompt
-  system_prompt       = data.coder_parameter.system_prompt.value
-  model               = "sonnet"
-  permission_mode     = "plan"
-  post_install_script = data.coder_parameter.setup_script.value
-}
-
-# We are using presets to set the prompts, image, and set up instructions
-# See https://coder.com/docs/admin/templates/extending-templates/parameters#workspace-presets
-data "coder_workspace_preset" "default" {
-  name    = "Real World App: Angular + Django"
-  default = true
-  parameters = {
-    "system_prompt" = <<-EOT
-      -- Framing --
-      You are a helpful assistant that can help with code. You are running inside a Coder Workspace and provide status updates to the user via Coder MCP. Stay on track, feel free to debug, but when the original plan fails, do not choose a different route/architecture without checking the user first.
-
-      -- Tool Selection --
-      - playwright: previewing your changes after you made them
-        to confirm it worked as expected
-	    -	desktop-commander - use only for commands that keep running
-        (servers, dev watchers, GUI apps).
-      -	Built-in tools - use for everything else:
-       (file operations, git commands, builds & installs, one-off shell commands)
-
-      Remember this decision rule:
-      - Stays running? → desktop-commander
-      - Finishes immediately? → built-in tools
-
-      -- Context --
-      There is an existing app and tmux dev server running on port 8000. Be sure to read it's CLAUDE.md (./realworld-django-rest-framework-angular/CLAUDE.md) to learn more about it.
-
-      Since this app is for demo purposes and the user is previewing the homepage and subsequent pages, aim to make the first visual change/prototype very quickly so the user can preview it, then focus on backend or logic which can be a more involved, long-running architecture plan.
-
-    EOT
-
-    "setup_script"    = <<-EOT
-    # Set up projects dir
-    mkdir -p /home/coder/projects
-    cd $HOME/projects
-
-    # Packages: Install additional packages
-    sudo apt-get update && sudo apt-get install -y tmux
-    if ! command -v google-chrome >/dev/null 2>&1; then
-      yes | npx playwright install chrome
-    fi
-
-    # MCP: Install and configure MCP Servers
-    npm install -g @wonderwhy-er/desktop-commander
-    claude mcp add playwright npx -- @playwright/mcp@latest --headless --isolated --no-sandbox
-    claude mcp add desktop-commander desktop-commander
-
-    # Repo: Clone and pull changes from the git repository
-    if [ ! -d "realworld-django-rest-framework-angular" ]; then
-      git clone https://github.com/coder-contrib/realworld-django-rest-framework-angular.git
-    else
-      cd realworld-django-rest-framework-angular
-      git fetch
-      # Check for uncommitted changes
-      if git diff-index --quiet HEAD -- && \
-        [ -z "$(git status --porcelain --untracked-files=no)" ] && \
-        [ -z "$(git log --branches --not --remotes)" ]; then
-        echo "Repo is clean. Pulling latest changes..."
-        git pull
-      else
-        echo "Repo has uncommitted or unpushed changes. Skipping pull."
-      fi
-
-      cd ..
-    fi
-
-    # Initialize: Start the development server
-    cd realworld-django-rest-framework-angular && ./start-dev.sh
-    EOT
-    "preview_port"    = "4200"
-    "container_image" = "codercom/example-universal:ubuntu"
-  }
-
-  # Pre-builds is a Coder Premium
-  # feature to speed up workspace creation
-  #
-  # see https://coder.com/docs/admin/templates/extending-templates/prebuilt-workspaces
-  # prebuilds {
-  #   instances = 1
-  #   expiration_policy {
-  #      ttl = 86400  # Time (in seconds) after which unclaimed prebuilds are expired (1 day)
-  #  }
-  # }
-}
-
-# Advanced parameters (these are all set via preset)
-data "coder_parameter" "system_prompt" {
-  name         = "system_prompt"
-  display_name = "System Prompt"
-  type         = "string"
-  form_type    = "textarea"
-  description  = "System prompt for the agent with generalized instructions"
-  mutable      = false
-}
-data "coder_parameter" "setup_script" {
-  name         = "setup_script"
-  display_name = "Setup Script"
-  type         = "string"
-  form_type    = "textarea"
-  description  = "Script to run before running the agent"
-  mutable      = false
-}
-data "coder_parameter" "container_image" {
-  name         = "container_image"
-  display_name = "Container Image"
-  type         = "string"
-  default      = "codercom/example-universal:ubuntu"
-  mutable      = false
-}
-data "coder_parameter" "preview_port" {
-  name         = "preview_port"
-  display_name = "Preview Port"
-  description  = "The port the web app is running to preview in Tasks"
-  type         = "number"
-  default      = "3000"
-  mutable      = false
-}
-
-data "coder_provisioner" "me" {}
-data "coder_workspace" "me" {}
-data "coder_workspace_owner" "me" {}
-
-resource "coder_agent" "main" {
-  arch           = data.coder_provisioner.me.arch
-  os             = "linux"
-  startup_script = <<-EOT
-    set -e
-    # Prepare user home with default files on first start.
-    if [ ! -f ~/.init_done ]; then
-      cp -rT /etc/skel ~
-      touch ~/.init_done
-    fi
-  EOT
-
-  # These environment variables allow you to make Git commits right away after creating a
-  # workspace. Note that they take precedence over configuration defined in ~/.gitconfig!
-  # You can remove this block if you'd prefer to configure Git manually or using
-  # dotfiles. (see docs/dotfiles.md)
-  env = {
-    GIT_AUTHOR_NAME     = coalesce(data.coder_workspace_owner.me.full_name, data.coder_workspace_owner.me.name)
-    GIT_AUTHOR_EMAIL    = "${data.coder_workspace_owner.me.email}"
-    GIT_COMMITTER_NAME  = coalesce(data.coder_workspace_owner.me.full_name, data.coder_workspace_owner.me.name)
-    GIT_COMMITTER_EMAIL = "${data.coder_workspace_owner.me.email}"
-  }
-
-  # The following metadata blocks are optional. They are used to display
-  # information about your workspace in the dashboard. You can remove them
-  # if you don't want to display any information.
-  # For basic resources, you can use the `coder stat` command.
-  # If you need more control, you can write your own script.
-  metadata {
-    display_name = "CPU Usage"
-    key          = "0_cpu_usage"
-    script       = "coder stat cpu"
-    interval     = 10
-    timeout      = 1
-  }
-
-  metadata {
-    display_name = "RAM Usage"
-    key          = "1_ram_usage"
-    script       = "coder stat mem"
-    interval     = 10
-    timeout      = 1
-  }
-
-  metadata {
-    display_name = "Home Disk"
-    key          = "3_home_disk"
-    script       = "coder stat disk --path $${HOME}"
-    interval     = 60
-    timeout      = 1
-  }
-
-  metadata {
-    display_name = "CPU Usage (Host)"
-    key          = "4_cpu_usage_host"
-    script       = "coder stat cpu --host"
-    interval     = 10
-    timeout      = 1
-  }
-
-  metadata {
-    display_name = "Memory Usage (Host)"
-    key          = "5_mem_usage_host"
-    script       = "coder stat mem --host"
-    interval     = 10
-    timeout      = 1
-  }
-
-  metadata {
-    display_name = "Load Average (Host)"
-    key          = "6_load_host"
-    # get load avg scaled by number of cores
-    script   = <<EOT
-      echo "`cat /proc/loadavg | awk '{ print $1 }'` `nproc`" | awk '{ printf "%0.2f", $1/$2 }'
-    EOT
-    interval = 60
-    timeout  = 1
-  }
-
-  metadata {
-    display_name = "Swap Usage (Host)"
-    key          = "7_swap_host"
-    script       = <<EOT
-      free -b | awk '/^Swap/ { printf("%.1f/%.1f", $3/1024.0/1024.0/1024.0, $2/1024.0/1024.0/1024.0) }'
-    EOT
-    interval     = 10
-    timeout      = 1
-  }
-}
-
-# See https://registry.coder.com/modules/coder/code-server
-module "code-server" {
-  count  = data.coder_workspace.me.start_count
-  folder = "/home/coder/projects"
-  source = "registry.coder.com/coder/code-server/coder"
-
-  settings = {
-    "workbench.colorTheme" : "Default Dark Modern"
-  }
-
-  # This ensures that the latest non-breaking version of the module gets downloaded, you can also pin the module version to prevent breaking changes in production.
-  version = "~> 1.0"
-
-  agent_id = coder_agent.main.id
-  order    = 1
-}
-
-module "windsurf" {
-  count    = data.coder_workspace.me.start_count
-  source   = "registry.coder.com/coder/windsurf/coder"
-  version  = "1.3.0"
-  agent_id = coder_agent.main.id
-}
-
-module "cursor" {
-  count    = data.coder_workspace.me.start_count
-  source   = "registry.coder.com/coder/cursor/coder"
-  version  = "1.4.0"
-  agent_id = coder_agent.main.id
-}
-
-module "jetbrains" {
-  count      = data.coder_workspace.me.start_count
-  source     = "registry.coder.com/coder/jetbrains/coder"
-  version    = "~> 1.0"
-  agent_id   = coder_agent.main.id
-  agent_name = "main"
-  folder     = "/home/coder/projects"
-}
-
-resource "docker_volume" "home_volume" {
-  name = "coder-${data.coder_workspace.me.id}-home"
-  # Protect the volume from being deleted due to changes in attributes.
-  lifecycle {
-    ignore_changes = all
-  }
-  # Add labels in Docker to keep track of orphan resources.
-  labels {
-    label = "coder.owner"
-    value = data.coder_workspace_owner.me.name
-  }
-  labels {
-    label = "coder.owner_id"
-    value = data.coder_workspace_owner.me.id
-  }
-  labels {
-    label = "coder.workspace_id"
-    value = data.coder_workspace.me.id
-  }
-  # This field becomes outdated if the workspace is renamed but can
-  # be useful for debugging or cleaning out dangling volumes.
-  labels {
-    label = "coder.workspace_name_at_creation"
-    value = data.coder_workspace.me.name
-  }
-}
-
-resource "coder_app" "preview" {
-  agent_id     = coder_agent.main.id
-  slug         = "preview"
-  display_name = "Preview your app"
-  icon         = "${data.coder_workspace.me.access_url}/emojis/1f50e.png"
-  url          = "http://localhost:${data.coder_parameter.preview_port.value}"
-  share        = "authenticated"
-  subdomain    = true
-  open_in      = "tab"
-  order        = 0
-  healthcheck {
-    url       = "http://localhost:${data.coder_parameter.preview_port.value}/"
-    interval  = 5
-    threshold = 15
-  }
-}
-
-resource "docker_container" "workspace" {
-  count = data.coder_workspace.me.start_count
-  image = data.coder_parameter.container_image.value
-  # Uses lower() to avoid Docker restriction on container names.
-  name = "coder-${data.coder_workspace_owner.me.name}-${lower(data.coder_workspace.me.name)}"
-  # Hostname makes the shell more user friendly: coder@my-workspace:~$
-  hostname = data.coder_workspace.me.name
-  user     = "coder"
-  # Use the docker gateway if the access URL is 127.0.0.1
-  entrypoint = ["sh", "-c", replace(coder_agent.main.init_script, "/localhost|127\\.0\\.0\\.1/", "host.docker.internal")]
-  env        = ["CODER_AGENT_TOKEN=${coder_agent.main.token}"]
-  host {
-    host = "host.docker.internal"
-    ip   = "host-gateway"
-  }
-  volumes {
-    container_path = "/home/coder"
-    volume_name    = docker_volume.home_volume.name
-    read_only      = false
-  }
-
-  # Add labels in Docker to keep track of orphan resources.
-  labels {
-    label = "coder.owner"
-    value = data.coder_workspace_owner.me.name
-  }
-  labels {
-    label = "coder.owner_id"
-    value = data.coder_workspace_owner.me.id
-  }
-  labels {
-    label = "coder.workspace_id"
-    value = data.coder_workspace.me.id
-  }
-  labels {
-    label = "coder.workspace_name"
-    value = data.coder_workspace.me.name
-  }
-}
@@ -16,7 +16,7 @@ Uses the [Coder Remote VS Code Extension](https://github.com/coder/vscode-coder)
 module "positron" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/cytoshahar/positron/coder"
-  version  = "1.0.1"
+  version  = "1.0.2"
  agent_id = coder_agent.main.id
 }
 ```
@@ -29,7 +29,7 @@ module "positron" {
 module "positron" {
  count    = data.coder_workspace.me.start_count
  source   = "registry.coder.com/cytoshahar/positron/coder"
-  version  = "1.0.1"
+  version  = "1.0.2"
  agent_id = coder_agent.main.id
  folder   = "/home/coder/project"
 }
@@ -41,13 +41,13 @@ variable "group" {
 variable "slug" {
  type        = string
  description = "The slug of the app."
-  default     = "cursor"
+  default     = "positron"
 }

 variable "display_name" {
  type        = string
  description = "The display name of the app."
-  default     = "Cursor Desktop"
+  default     = "Positron Desktop"
 }

 data "coder_workspace" "me" {}
@@ -55,7 +55,7 @@ data "coder_workspace_owner" "me" {}

 module "vscode-desktop-core" {
  source  = "registry.coder.com/coder/vscode-desktop-core/coder"
-  version = "1.0.0"
+  version = "1.0.2"

  agent_id = var.agent_id

@@ -11,6 +11,34 @@ set -euo pipefail
 #
 # This script only validates changed modules. Documentation and template changes are ignored.

+# Validates that Terraform variable names use underscores (snake_case) instead
+# of hyphens. Hyphens are technically valid but deprecated and non-idiomatic.
+# See: https://developer.hashicorp.com/terraform/language/values/variables
+validate_variable_names() {
+  local dir="$1"
+  local found_issues=0
+
+  while IFS= read -r tf_file; do
+    while IFS= read -r match; do
+      local line_num
+      line_num=$(echo "$match" | cut -d: -f1)
+      local line_content
+      line_content=$(echo "$match" | cut -d: -f2-)
+      local var_name
+      var_name=$(echo "$line_content" | sed -n 's/.*variable "\([^"]*\)".*/\1/p')
+
+      if [[ -n "$var_name" ]]; then
+        echo "  ERROR: $tf_file:$line_num"
+        echo "    Variable \"$var_name\" contains a hyphen."
+        echo "    Rename to \"${var_name//-/_}\" (use underscores instead of hyphens)."
+        found_issues=$((found_issues + 1))
+      fi
+    done < <(grep -n 'variable "[^"]*-[^"]*"' "$tf_file" 2> /dev/null || true)
+  done < <(find "$dir" -name '*.tf' -type f | sort)
+
+  return "$found_issues"
+}
+
 validate_terraform_directory() {
  local dir="$1"
  echo "Running \`terraform validate\` in $dir"
@@ -91,6 +119,16 @@ main() {
    fi
  done

+  echo ""
+  echo "==> Validating Terraform variable names use snake_case..."
+  for dir in $subdirs; do
+    if test -f "$dir/main.tf"; then
+      if ! validate_variable_names "$dir"; then
+        status=1
+      fi
+    fi
+  done
+
  exit $status
 }
Author	SHA1	Message	Date
Mathias Fredriksson	2169fb00ee	feat(coder/modules/agentapi): add state persistence support (#736 ) AgentAPI can now save and restore conversation state across workspace restarts. The module exports env vars (AGENTAPI_STATE_FILE, AGENTAPI_SAVE_STATE, AGENTAPI_LOAD_STATE, AGENTAPI_PID_FILE) that the binary reads directly. No consumer module changes needed. New variables: enable_state_persistence (default false), state_file_path, pid_file_path. State and PID files default to $HOME/<module_dir_name>/. Requires agentapi >= v0.12.0. A shared version_at_least function in lib.sh gates the env var exports and SIGUSR1 in the shutdown script. Old binaries get a warning and graceful skip. Shutdown script now does SIGUSR1 (state save), log snapshot capture (existing, now fault-tolerant via subshell), then SIGTERM with wait. Closes coder/internal#1257 Refs coder/internal#1256 Refs #696	2026-03-03 13:27:23 +02:00
35C4n0r	e3abbb9aa0	maintenance(coder-labs/modules/codex): skip migration notice and add agentapi type flag (#781 ) This PR introduces: 1. Adding --type flag to agentapi command 2. Introduce `[notice.model_migrations]` to skip migration notice, improves tasks UX 3. Set profile = "aibridge" rather than passing it using --profile flag ## Description <!-- Briefly describe what this PR does and why --> ## Type of Change - [ ] New module - [ ] New template - [x] Bug fix - [x] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information Path: `registry/coder-labs/modules/codex` New version: `v4.1.2` Breaking change: [ ] Yes [x] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [x] Changes tested locally ## Related Issues Closes: #740	2026-03-03 10:35:45 +05:30
Atif Ali	71a4cf2031	chore(coder/modules/mux): update Mux logo (#775 ) Update Mux logo	2026-03-02 10:07:58 +05:00
blinkagent[bot]	a0a3783a51	docs(dotfiles): add hint about using SSH URLs when HTTPS cloning is restricted (#757 ) Some Git providers (e.g. on-prem GitLab) disable HTTPS cloning by default, which causes the dotfiles clone to silently fail during workspace startup. Users see "Startup scripts are still running" but the dotfiles folder is never populated. This PR adds two small documentation touches: 1. `main.tf` default description — appends a one-liner suggesting SSH URLs when HTTPS is restricted. This is what users see in the Coder UI parameter prompt. 2. `README.md` — new "SSH vs HTTPS URLs" section with an example and a brief explanation of why SSH URLs are more reliable during startup. No logic changes, no new variables — just documentation. --------- Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com> Co-authored-by: DevCats <christofer@coder.com>	2026-02-27 14:48:55 -06:00
blinkagent[bot]	eb38bc3092	ci: add variable naming lint to terraform validate (#766 ) ## Summary Terraform variable names should use underscores (`snake_case`), not hyphens. Hyphens are technically valid in HCL but are [deprecated and non-idiomatic](https://developer.hashicorp.com/terraform/language/values/variables). This PR adds a variable name check into the existing `terraform_validate.sh` script so it runs as part of the existing "Run Terraform Validate" CI step — no new scripts or workflow changes needed. ## Changes ### `scripts/terraform_validate.sh` — added `validate_variable_names()` - Scans `.tf` files in changed modules for `variable` declarations with hyphens - Fails with actionable fix suggestions (shows the snake_case alternative) - Runs after `terraform validate` in the same CI step ### Fix: `code-server` module — rename `machine-settings` → `machine_settings` - Renames the hyphenated variable and its reference in main.tf - Bumps version `1.4.2` → `1.4.3` - Updates all README examples --- Created on behalf of @matifali --------- Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com> Co-authored-by: DevCats <christofer@coder.com>	2026-02-27 11:15:47 -06:00
Michael Suchacz	93e6094b1b	fix: rename add-project to add_project in mux module (#765 ) Terraform variable names should use underscores, not hyphens. Renames the `add-project` variable to `add_project` in the mux module. Changes: - `main.tf`: Renamed variable declaration and references - `README.md`: Updated example usage Bumped version: 1.3.0 → 1.3.1 --- Generated with [Mux](https://mux.coder.com) using Claude	2026-02-27 10:44:39 -06:00
blinkagent[bot]	6ec506e9b6	fix(dotfiles): allow tilde (~) in git repository URLs (#763 ) ## Description The URL validation regex in the dotfiles module was rejecting URLs containing tilde (`~`) characters, which are commonly used in Bitbucket Server for user repositories (e.g. `ssh://git@bitbucket.example.org:7999/~username/repo.git`). This adds `~` to the allowed character set in all three validation regexes (for `default_dotfiles_uri`, `dotfiles_uri`, and the `coder_parameter` validation). ## Type of Change - [ ] New module - [ ] New template - [x] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information Path: `registry/coder/modules/dotfiles` New version: `v1.3.1` Breaking change: [ ] Yes [x] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun fmt`) - [ ] Changes tested locally ## Related Issues Fixes #762 Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>	2026-02-26 13:30:20 -06:00
Michael Suchacz	b794b1edd9	feat(mux): add package_manager and registry_url variables (#761 ) ## Summary Add two new customization variables to the Mux module so users can control how Mux is installed: ### `package_manager` (default: `"auto"`) Choose which Node package manager installs Mux: - `auto` (default) — auto-detects `npm` → `pnpm` → `bun` in order, falling back to a direct tarball download when none is available - `npm`, `pnpm`, `bun` — force a specific package manager (fails if not found on PATH) ### `registry_url` (default: `"https://registry.npmjs.org"`) Override the npm registry URL for private registries or mirrors. All previously hardcoded `registry.npmjs.org` references have been replaced with this variable. The `--registry` flag is passed to whichever package manager is used, and the tarball fallback path also uses it. ## Changes \| File \| What changed \| \|---\|---\| \| `main.tf` \| Added `package_manager` and `registry_url` variables with validation; pass both to template \| \| `run.sh` \| Rewrote install logic: PM auto-detection loop, `case`/`esac` dispatch with PM-specific flags, replaced all hardcoded registry URLs with `${REGISTRY_URL}` \| \| `mux.tftest.hcl` \| Added 6 new test cases: PM selection (npm/pnpm/bun), invalid PM validation, custom registry URL, trailing-slash stripping \| \| `main.test.ts` \| Updated expected log messages to match new generic wording \| \| `README.md` \| Updated description, added Custom Package Manager and Custom Registry examples, updated Notes section \| ## Version Bumped 1.2.0 → 1.3.0 (minor: new backward-compatible features). ## Validation - ✅ `terraform validate` — clean - ✅ `terraform test` — 15 passed, 0 failed - ✅ `terraform fmt` — clean --- Generated with [Mux](https://mux.coder.com) using Claude	2026-02-26 16:40:40 +01:00
Michael Suchacz	94e41d3780	Add arbitrary mux server command argument parsing (#738 ) ## Summary - add a new `additional_arguments` module variable to pass extra arguments to `mux server` - parse `additional_arguments` in `run.sh` with quoted-group support so values like paths with spaces are preserved - keep existing `add-project` behavior while allowing additional arbitrary flags - add Terraform and Bun tests covering `additional_arguments` behavior - document the new option in the module README and bump example version references to `1.2.0` ## Why The module previously only supported the `add-project` flag. This change lets users pass additional `mux server` arguments without waiting for new module variables. ## Validation - `shellcheck --severity=warning --format=gcc registry/coder/modules/mux/run.sh` - `terraform -chdir=registry/coder/modules/mux test -verbose` - `bun test registry/coder/modules/mux/main.test.ts` ## Breaking changes None. --- Generated with Mux (exec agent) using GPT-5.	2026-02-25 18:15:33 +00:00
Phorcys	480bf4b48c	chore: update vscode-desktop-core module dependencies (#751 ) ## Description #750 follow-up ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [x] Feature/enhancement - [ ] Documentation - [ ] Other	2026-02-24 05:20:27 +00:00
Phorcys	d8851492c0	fix: fix positron module slug and display name (#752 ) ## Description In https://github.com/coder/registry/pull/279, I had accidentally made the slug of the Positron Desktop app "cursor", and display name to be "Cursor Desktop". This PR fixes that. ## Type of Change - [ ] New module - [ ] New template - [x] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other	2026-02-24 09:43:49 +05:00
Phorcys	186a779659	chore(registry/coder/modules): rename vscode-desktop-core input params (#750 ) ## Description Rename `web_app_` suffix to `coder_app_` ## Type of Change - [ ] New module - [ ] New template - [ ] Bug fix - [x] Feature/enhancement - [ ] Documentation - [ ] Other	2026-02-24 01:57:35 +01:00
Zach	8defcb2410	fix(agentapi): fix misleading attempt counter in wait-for-start script (#734 ) The log message showed ($i/15) where $i ranged from 1-150, making it look like the counter overshot its maximum. This change extracts the iteration count into a max_attempts variable and uses it consistently.	2026-02-18 16:13:22 +00:00