feat: Add support to the vscode-web module for loading workspaces at startup (#349 )

Actually use the home dir kasmvnc.yaml to retrieve the httpd_directory setting (#342 )
feat: Sourcegraph Amp module (#257 )
2026-06-07 06:58:14 +00:00 · 2025-08-21 13:43:00 +05:00 · 2025-08-20 14:06:10 +05:00 · 2025-08-19 15:25:17 -05:00 · 2025-08-19 14:29:49 -05:00 · 2025-08-19 19:24:45 +05:00
27 changed files with 2285 additions and 47 deletions
@@ -0,0 +1,15 @@
+<svg width="721" height="721" viewBox="0 0 721 721" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g clip-path="url(#clip0_1637_2935)">
+<g clip-path="url(#clip1_1637_2935)">
+<path d="M304.246 295.411V249.828C304.246 245.989 305.687 243.109 309.044 241.191L400.692 188.412C413.167 181.215 428.042 177.858 443.394 177.858C500.971 177.858 537.44 222.482 537.44 269.982C537.44 273.34 537.44 277.179 536.959 281.018L441.954 225.358C436.197 222 430.437 222 424.68 225.358L304.246 295.411ZM518.245 472.945V364.024C518.245 357.304 515.364 352.507 509.608 349.149L389.174 279.096L428.519 256.543C431.877 254.626 434.757 254.626 438.115 256.543L529.762 309.323C556.154 324.679 573.905 357.304 573.905 388.971C573.905 425.436 552.315 459.024 518.245 472.941V472.945ZM275.937 376.982L236.592 353.952C233.235 352.034 231.794 349.154 231.794 345.315V239.756C231.794 188.416 271.139 149.548 324.4 149.548C344.555 149.548 363.264 156.268 379.102 168.262L284.578 222.964C278.822 226.321 275.942 231.119 275.942 237.838V376.986L275.937 376.982ZM360.626 425.922L304.246 394.255V327.083L360.626 295.416L417.002 327.083V394.255L360.626 425.922ZM396.852 571.789C376.698 571.789 357.989 565.07 342.151 553.075L436.674 498.374C442.431 495.017 445.311 490.219 445.311 483.499V344.352L485.138 367.382C488.495 369.299 489.936 372.179 489.936 376.018V481.577C489.936 532.917 450.109 571.785 396.852 571.785V571.789ZM283.134 464.79L191.486 412.01C165.094 396.654 147.343 364.029 147.343 332.362C147.343 295.416 169.415 262.309 203.48 248.393V357.791C203.48 364.51 206.361 369.308 212.117 372.665L332.074 442.237L292.729 464.79C289.372 466.707 286.491 466.707 283.134 464.79ZM277.859 543.48C223.639 543.48 183.813 502.695 183.813 452.314C183.813 448.475 184.294 444.636 184.771 440.797L279.295 495.498C285.051 498.856 290.812 498.856 296.568 495.498L417.002 425.927V471.509C417.002 475.349 415.562 478.229 412.204 480.146L320.557 532.926C308.081 540.122 293.206 543.48 277.854 543.48H277.859ZM396.852 600.576C454.911 600.576 503.37 559.313 514.41 504.612C568.149 490.696 602.696 440.315 602.696 388.976C602.696 355.387 588.303 322.762 562.392 299.25C564.791 289.173 566.231 279.096 566.231 269.024C566.231 200.411 510.571 149.067 446.274 149.067C433.322 149.067 420.846 150.984 408.37 155.305C386.775 134.192 357.026 120.758 324.4 120.758C266.342 120.758 217.883 162.02 206.843 216.721C153.104 230.637 118.557 281.018 118.557 332.357C118.557 365.946 132.95 398.571 158.861 422.083C156.462 432.16 155.022 442.237 155.022 452.309C155.022 520.922 210.682 572.266 274.978 572.266C287.931 572.266 300.407 570.349 312.883 566.028C334.473 587.141 364.222 600.576 396.852 600.576Z" fill="white"/>
+</g>
+</g>
+<defs>
+<clipPath id="clip0_1637_2935">
+<rect width="720" height="720" fill="white" transform="translate(0.606934 0.899902)"/>
+</clipPath>
+<clipPath id="clip1_1637_2935">
+<rect width="484.139" height="479.818" fill="white" transform="translate(118.557 120.758)"/>
+</clipPath>
+</defs>
+</svg>
@@ -0,0 +1,137 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="800"
+   height="800"
+   viewBox="0 0 211.66666 211.66666"
+   version="1.1"
+   id="svg924"
+   inkscape:export-filename="/home/daniela/Documents/proxmox/Proxmox/Marketing/Logo/proxmox-logo/Screen/Full Lockup/stacked/proxmox-logo-color-stacked-bgblack.png"
+   inkscape:export-xdpi="360"
+   inkscape:export-ydpi="360"
+   inkscape:version="1.0.2 (e86c870879, 2021-01-15)"
+   sodipodi:docname="proxmox-logo-stacked-inverted-color-bgtrans.svg">
+  <defs
+     id="defs918" />
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="0.38489655"
+     inkscape:cx="541.41545"
+     inkscape:cy="189.70435"
+     inkscape:document-units="mm"
+     inkscape:current-layer="layer1"
+     inkscape:document-rotation="0"
+     showgrid="false"
+     inkscape:pagecheckerboard="true"
+     fit-margin-top="0"
+     fit-margin-left="0"
+     fit-margin-right="0"
+     fit-margin-bottom="0"
+     inkscape:window-width="1720"
+     inkscape:window-height="1343"
+     inkscape:window-x="1720"
+     inkscape:window-y="27"
+     inkscape:window-maximized="0"
+     units="px" />
+  <metadata
+     id="metadata921">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:label="Layer 1"
+     inkscape:groupmode="layer"
+     id="layer1"
+     transform="translate(-11.346916,-31.368461)">
+    <g
+       id="g209">
+      <g
+         transform="matrix(0.84666672,0,0,0.84666672,544.05161,-814.30036)"
+         id="g1288"
+         style="fill:#ffffff">
+        <g
+           id="g1286"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:25.8336px;line-height:125%;font-family:Helion;-inkscape-font-specification:Helion;text-align:start;letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;text-anchor:start;fill:#ffffff;fill-opacity:1;stroke:none"
+           transform="matrix(1.2435137,0,0,1.2435137,-791.06481,553.75862)">
+          <path
+             inkscape:connector-curvature="0"
+             id="path1272"
+             d="m 168.85142,500.9595 h -11.85747 c -0.46554,0.0129 -0.85842,0.18085 -1.17864,0.50374 -0.32023,0.32294 -0.48707,0.72335 -0.50052,1.20125 v 16.3783 c 1.27229,-0.0318 2.33145,-0.472 3.17749,-1.32073 0.84604,-0.84873 1.2852,-1.91543 1.3175,-3.2001 h 9.04164 c 1.28573,-0.0317 2.35673,-0.47199 3.21302,-1.32072 0.85624,-0.84873 1.30079,-1.91543 1.33364,-3.2001 v -4.49499 c -0.0328,-1.28573 -0.4774,-2.35673 -1.33364,-3.21301 -0.85629,-0.85625 -1.92729,-1.3008 -3.21302,-1.33364 z m -9.04164,9.60997 v -5.06332 h 7.93081 c 0.0463,-0.0231 0.23141,0.0232 0.55542,0.13885 0.32398,0.11573 0.50912,0.43972 0.55541,0.97198 v 2.81583 c 0.0231,0.0474 -0.0231,0.23681 -0.13885,0.56833 -0.11573,0.33154 -0.43972,0.52098 -0.97198,0.56833 z"
+             style="fill:#ffffff;fill-opacity:1" />
+          <path
+             inkscape:connector-curvature="0"
+             id="path1274"
+             d="m 194.05931,508.89031 v -3.38416 c -0.0318,-1.28573 -0.47201,-2.35673 -1.32072,-3.21301 -0.84875,-0.85625 -1.91545,-1.3008 -3.2001,-1.33364 h -11.85747 c -0.47684,0.0129 -0.87295,0.18085 -1.18833,0.50374 -0.31538,0.32294 -0.47899,0.72335 -0.49083,1.20125 v 16.3783 c 1.27336,-0.0318 2.33683,-0.472 3.1904,-1.32073 0.85357,-0.84873 1.29705,-1.91543 1.33042,-3.2001 v -1.13666 h 5.14082 l 2.60916,3.71999 c 0.4187,0.60063 0.94398,1.07208 1.57583,1.41437 0.63182,0.34229 1.33793,0.51667 2.11833,0.52313 0.37618,-5.4e-4 0.74107,-0.0447 1.09468,-0.1324 0.35358,-0.0877 0.68618,-0.21582 0.99781,-0.38427 l -3.64249,-5.19249 c 1.05592,-0.22872 1.92133,-0.74647 2.59625,-1.55322 0.67487,-0.80675 1.02362,-1.77011 1.04624,-2.8901 z m -13.53663,0.5425 v -3.92666 h 7.87915 c 0.0474,-0.0231 0.23679,0.0232 0.56833,0.13885 0.33151,0.11573 0.52096,0.43972 0.56833,0.97198 v 1.705 c 0.0237,0.0463 -0.0237,0.23143 -0.14208,0.55541 -0.11842,0.324 -0.44995,0.50914 -0.99458,0.55542 z"
+             style="fill:#ffffff;fill-opacity:1" />
+          <path
+             inkscape:connector-curvature="0"
+             id="path1276"
+             d="m 210.1751,500.9595 h -9.01581 c -1.28467,0.0328 -2.35137,0.47739 -3.2001,1.33364 -0.84873,0.85628 -1.28897,1.92728 -1.32072,3.21301 v 9.01581 c 0.0317,1.28467 0.47199,2.35137 1.32072,3.2001 0.84873,0.84873 1.91543,1.28897 3.2001,1.32073 h 9.01581 c 1.28465,-0.0318 2.35135,-0.472 3.2001,-1.32073 0.84871,-0.84873 1.28895,-1.91543 1.32072,-3.2001 v -9.01581 c -0.0318,-1.28573 -0.47201,-2.35673 -1.32072,-3.21301 -0.84875,-0.85625 -1.91545,-1.3008 -3.2001,-1.33364 z m 0,12.4258 c 0.0237,0.0474 -0.0237,0.23681 -0.14208,0.56833 -0.11842,0.33153 -0.44995,0.52098 -0.99458,0.56833 h -6.74249 c -0.0474,0.0237 -0.23681,-0.0237 -0.56833,-0.14208 -0.33153,-0.1184 -0.52098,-0.44993 -0.56833,-0.99458 v -6.76832 c -0.0237,-0.0463 0.0237,-0.23141 0.14208,-0.55541 0.1184,-0.32398 0.44993,-0.50912 0.99458,-0.55542 h 6.74249 c 0.0473,-0.0231 0.23679,0.0232 0.56833,0.13885 0.33151,0.11573 0.52096,0.43972 0.56833,0.97198 z"
+             style="fill:#ffffff;fill-opacity:1" />
+          <path
+             inkscape:connector-curvature="0"
+             id="path1278"
+             d="m 237.4767,502.25116 c -0.39183,-0.39179 -0.84822,-0.69964 -1.36917,-0.92354 -0.52099,-0.22387 -1.08071,-0.33797 -1.67916,-0.34229 -0.6367,0.005 -1.22333,0.1308 -1.75989,0.37781 -0.53659,0.24705 -1.00052,0.58611 -1.39177,1.01719 l -3.90082,4.28832 -3.92666,-4.28832 c -0.4015,-0.44238 -0.86434,-0.78467 -1.38854,-1.02688 -0.5242,-0.24217 -1.1033,-0.36487 -1.73729,-0.36812 -0.59847,0.004 -1.15819,0.11842 -1.67916,0.34229 -0.52097,0.2239 -0.97736,0.53175 -1.36916,0.92354 l 7.05248,7.74998 -7.05248,7.74998 c 0.3918,0.40419 0.84819,0.71957 1.36916,0.94615 0.52097,0.22657 1.08069,0.34175 1.67916,0.34552 0.62538,-0.005 1.20878,-0.13079 1.75021,-0.37782 0.54142,-0.24703 1.00857,-0.58609 1.40145,-1.01718 l 3.90083,-4.28832 3.90082,4.28832 c 0.39125,0.43109 0.85518,0.77015 1.39177,1.01718 0.53656,0.24703 1.12319,0.37297 1.75989,0.37782 0.59845,-0.004 1.15817,-0.11895 1.67916,-0.34552 0.52096,-0.22658 0.97734,-0.54196 1.36917,-0.94615 l -7.05249,-7.74998 z"
+             style="fill:#ffffff;fill-opacity:1" />
+          <path
+             inkscape:connector-curvature="0"
+             id="path1280"
+             d="m 260.98042,500.9595 h -2.84166 c -0.92947,0.0129 -1.75721,0.2648 -2.48322,0.75562 -0.72604,0.49085 -1.27607,1.14314 -1.6501,1.95687 l 0.0258,-0.0517 -2.66082,5.83832 -2.635,-5.83832 v 0.0517 c -0.36275,-0.81373 -0.90955,-1.46602 -1.64041,-1.95687 -0.73087,-0.49082 -1.56184,-0.74269 -2.49291,-0.75562 h -2.81583 c -0.48922,0.0129 -0.89286,0.18085 -1.21093,0.50374 -0.31808,0.32294 -0.48276,0.72335 -0.49406,1.20125 v 16.3783 c 1.27336,-0.0318 2.33683,-0.472 3.19041,-1.32073 0.85357,-0.84873 1.29704,-1.91543 1.33041,-3.2001 v -8.65414 c 0.002,-0.11785 0.0371,-0.2115 0.10656,-0.28094 0.0694,-0.0694 0.16307,-0.10493 0.28094,-0.10656 0.0673,0.002 0.13293,0.0237 0.19698,0.0646 0.064,0.0409 0.11032,0.0883 0.13885,0.14208 l 5.01166,11.05664 c 0.0947,0.19752 0.23464,0.3579 0.41979,0.48115 0.18512,0.12325 0.38964,0.18675 0.61354,0.19052 0.22226,-0.003 0.42354,-0.0619 0.60385,-0.1776 0.18028,-0.11571 0.32344,-0.27179 0.42948,-0.46823 L 257.4154,505.687 c 0.0393,-0.0538 0.0899,-0.10116 0.15177,-0.14208 0.0619,-0.0409 0.13184,-0.0624 0.2099,-0.0646 0.10547,0.002 0.19158,0.0371 0.25833,0.10656 0.0667,0.0694 0.10116,0.16309 0.10333,0.28094 v 8.65414 c 0.0333,1.28467 0.47682,2.35137 1.33042,3.2001 0.85355,0.84873 1.91702,1.28897 3.19041,1.32073 v -16.3783 c -0.0119,-0.4779 -0.17548,-0.87831 -0.49084,-1.20125 -0.3154,-0.32289 -0.71151,-0.49081 -1.18833,-0.50374 z"
+             style="fill:#ffffff;fill-opacity:1" />
+          <path
+             inkscape:connector-curvature="0"
+             id="path1282"
+             d="m 278.79561,500.9595 h -9.01581 c -1.28467,0.0328 -2.35137,0.47739 -3.20009,1.33364 -0.84874,0.85628 -1.28898,1.92728 -1.32073,3.21301 v 9.01581 c 0.0317,1.28467 0.47199,2.35137 1.32073,3.2001 0.84872,0.84873 1.91542,1.28897 3.20009,1.32073 h 9.01581 c 1.28466,-0.0318 2.35135,-0.472 3.2001,-1.32073 0.84871,-0.84873 1.28896,-1.91543 1.32073,-3.2001 v -9.01581 c -0.0318,-1.28573 -0.47202,-2.35673 -1.32073,-3.21301 -0.84875,-0.85625 -1.91544,-1.3008 -3.2001,-1.33364 z m 0,12.4258 c 0.0237,0.0474 -0.0237,0.23681 -0.14208,0.56833 -0.11842,0.33153 -0.44994,0.52098 -0.99458,0.56833 h -6.74248 c -0.0474,0.0237 -0.23681,-0.0237 -0.56834,-0.14208 -0.33153,-0.1184 -0.52097,-0.44993 -0.56833,-0.99458 v -6.76832 c -0.0237,-0.0463 0.0237,-0.23141 0.14209,-0.55541 0.11839,-0.32398 0.44992,-0.50912 0.99458,-0.55542 h 6.74248 c 0.0473,-0.0231 0.23679,0.0232 0.56833,0.13885 0.33152,0.11573 0.52096,0.43972 0.56833,0.97198 z"
+             style="fill:#ffffff;fill-opacity:1" />
+          <path
+             inkscape:connector-curvature="0"
+             id="path1284"
+             d="m 306.0972,502.25116 c -0.39182,-0.39179 -0.84821,-0.69964 -1.36916,-0.92354 -0.52099,-0.22387 -1.08071,-0.33797 -1.67916,-0.34229 -0.6367,0.005 -1.22333,0.1308 -1.75989,0.37781 -0.5366,0.24705 -1.00052,0.58611 -1.39177,1.01719 l -3.90083,4.28832 -3.92665,-4.28832 c -0.4015,-0.44238 -0.86435,-0.78467 -1.38854,-1.02688 -0.52421,-0.24217 -1.1033,-0.36487 -1.73729,-0.36812 -0.59847,0.004 -1.15819,0.11842 -1.67916,0.34229 -0.52097,0.2239 -0.97736,0.53175 -1.36917,0.92354 l 7.05249,7.74998 -7.05249,7.74998 c 0.39181,0.40419 0.8482,0.71957 1.36917,0.94615 0.52097,0.22657 1.08069,0.34175 1.67916,0.34552 0.62538,-0.005 1.20878,-0.13079 1.7502,-0.37782 0.54142,-0.24703 1.00857,-0.58609 1.40146,-1.01718 l 3.90082,-4.28832 3.90083,4.28832 c 0.39125,0.43109 0.85517,0.77015 1.39177,1.01718 0.53656,0.24703 1.12319,0.37297 1.75989,0.37782 0.59845,-0.004 1.15817,-0.11895 1.67916,-0.34552 0.52095,-0.22658 0.97734,-0.54196 1.36916,-0.94615 l -7.05248,-7.74998 z"
+             style="fill:#ffffff;fill-opacity:1" />
+        </g>
+      </g>
+      <path
+         inkscape:connector-curvature="0"
+         id="path1290"
+         style="fill:#e57000;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:0.730891"
+         d="m 141.89758,116.88641 25.41237,27.92599 c -2.7927,2.88547 -6.70224,4.65495 -10.98527,4.65495 -4.56076,0 -8.56315,-1.95514 -11.35592,-5.02707 l -14.05575,-15.45172 -10.9846,-12.10215 10.9846,-12.00854 14.05575,-15.452532 c 2.79277,-3.071175 6.79516,-5.027074 11.35592,-5.027074 4.28303,0 8.19257,1.768759 10.98527,4.561525 z"
+         sodipodi:nodetypes="ccscccccscc" />
+      <path
+         inkscape:connector-curvature="0"
+         id="path1292"
+         style="fill:#e57000;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:0.730891"
+         d="m 92.334245,116.8861 -25.41238,27.92603 c 2.7927,2.88547 6.702237,4.65495 10.985287,4.65495 4.560744,0 8.563138,-1.95514 11.355905,-5.02707 L 103.3188,128.98825 114.30338,116.8861 103.3188,104.87756 89.263057,89.425028 c -2.792767,-3.071215 -6.795161,-5.027074 -11.355905,-5.027074 -4.28305,0 -8.192587,1.768759 -10.985287,4.561526 z"
+         sodipodi:nodetypes="ccscccccscc" />
+      <path
+         inkscape:connector-curvature="0"
+         id="path1294"
+         style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:0.66712"
+         d="m 127.12922,130.73289 -10.02585,-11.04587 -10.0263,11.04587 -23.195348,25.48982 c 2.548811,2.54902 6.118169,4.16327 10.025148,4.16327 4.16359,0 7.64778,-1.69975 10.28111,-4.58817 l 12.91539,-14.10405 12.82882,14.10405 c 2.5493,2.80293 6.20218,4.58817 10.36513,4.58817 3.9091,0 7.47768,-1.61425 10.02652,-4.16327 z"
+         sodipodi:nodetypes="ccccscccscc" />
+      <path
+         inkscape:connector-curvature="0"
+         id="path1296"
+         style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:0.66712"
+         d="M 127.1286,103.03813 117.10275,114.084 107.07645,103.03813 83.881116,77.548321 c 2.548838,-2.548932 6.118156,-4.163226 10.025162,-4.163226 4.163603,0 7.647762,1.699732 10.281082,4.588143 l 12.91539,14.104094 12.82882,-14.104094 c 2.54934,-2.802999 6.20221,-4.588143 10.36513,-4.588143 3.90911,0 7.47772,1.614294 10.02653,4.163226 z"
+         sodipodi:nodetypes="ccccscccscc" />
+    </g>
+  </g>
+</svg>
@@ -0,0 +1,5 @@
+<svg width="400" height="400" viewBox="0 0 19 19" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M3.41508 17.2983L7.88484 12.7653L9.51146 18.9412L11.8745 18.2949L9.52018 9.32758L0.69527 6.93747L0.066864 9.35199L6.13926 11.0015L1.68806 15.5279L3.41508 17.2983Z" fill="#F34E3F"/>
+<path d="M16.3044 12.0436L18.6675 11.3973L16.3132 2.43003L7.48824 0.0399246L6.85984 2.45444L14.312 4.47881L16.3044 12.0436Z" fill="#F34E3F"/>
+<path d="M12.9126 15.4902L15.2756 14.8439L12.9213 5.87659L4.09639 3.48648L3.46799 5.901L10.9201 7.92537L12.9126 15.4902Z" fill="#F34E3F"/>
+</svg>
@@ -0,0 +1,155 @@
+---
+display_name: Codex CLI
+icon: ../../../../.icons/openai.svg
+description: Run Codex CLI in your workspace with AgentAPI integration
+verified: true
+tags: [agent, codex, ai, openai, tasks]
+---
+
+# Codex CLI
+
+Run Codex CLI in your workspace to access OpenAI's models through the Codex interface, with custom pre/post install scripts. This module integrates with [AgentAPI](https://github.com/coder/agentapi) for Coder Tasks compatibility.
+
+```tf
+module "codex" {
+  source         = "registry.coder.com/coder-labs/codex/coder"
+  version        = "1.0.1"
+  agent_id       = coder_agent.example.id
+  openai_api_key = var.openai_api_key
+  folder         = "/home/coder/project"
+}
+```
+
+## Prerequisites
+
+- You must add the [Coder Login](https://registry.coder.com/modules/coder/coder-login) module to your template
+- OpenAI API key for Codex access
+
+## Usage Example
+
+- Simple usage Example:
+
+```tf
+module "codex" {
+  count               = data.coder_workspace.me.start_count
+  source              = "registry.coder.com/coder-labs/codex/coder"
+  version             = "1.0.1"
+  agent_id            = coder_agent.example.id
+  openai_api_key      = "..."
+  codex_model         = "o4-mini"
+  install_codex       = true
+  codex_version       = "latest"
+  folder              = "/home/coder/project"
+  codex_system_prompt = "You are a helpful coding assistant. Start every response with `Codex says:`"
+}
+```
+
+- Example usage with Tasks:
+
+```tf
+# This
+data "coder_parameter" "ai_prompt" {
+  type        = "string"
+  name        = "AI Prompt"
+  default     = ""
+  description = "Initial prompt for the Codex CLI"
+  mutable     = true
+}
+
+module "coder-login" {
+  count    = data.coder_workspace.me.start_count
+  source   = "registry.coder.com/coder/coder-login/coder"
+  version  = "1.0.31"
+  agent_id = coder_agent.example.id
+}
+
+module "codex" {
+  source          = "registry.coder.com/coder-labs/codex/coder"
+  agent_id        = coder_agent.example.id
+  openai_api_key  = "..."
+  ai_prompt       = data.coder_parameter.ai_prompt.value
+  folder          = "/home/coder/project"
+  approval_policy = "never" # Full auto mode
+}
+```
+
+> [!WARNING]
+> **Security Notice**: This module configures Codex with a `workspace-write` sandbox that allows AI tasks to read/write files in the specified folder. While the sandbox provides security boundaries, Codex can still modify files within the workspace. Use this module in trusted environments and be aware of the security implications.
+
+## How it Works
+
+- **Install**: The module installs Codex CLI and sets up the environment
+- **System Prompt**: If `codex_system_prompt` and `folder` are set, creates the directory (if needed) and writes the prompt to `AGENTS.md`
+- **Start**: Launches Codex CLI in the specified directory, wrapped by AgentAPI
+- **Configuration**: Sets `OPENAI_API_KEY` environment variable and passes `--model` flag to Codex CLI (if variables provided)
+
+## Sandbox Configuration
+
+The module automatically configures Codex with a secure sandbox that allows AI tasks to work effectively:
+
+- **Sandbox Mode**: `workspace-write` - Allows Codex to read/write files in the specified `folder`
+- **Approval Policy**: `on-request` - Codex asks for permission before performing potentially risky operations
+- **Network Access**: Enabled within the workspace for package installation and API calls
+
+### Customizing Sandbox Behavior
+
+You can customize the sandbox behavior using dedicated variables:
+
+#### **Using Dedicated Variables (Recommended)**
+
+For most use cases, use the dedicated sandbox variables:
+
+```tf
+module "codex" {
+  source = "registry.coder.com/coder-labs/codex/coder"
+  # ... other variables ...
+
+  # Containerized environments (fixes Landlock errors)
+  sandbox_mode = "danger-full-access"
+
+  # Or for read-only mode
+  # sandbox_mode = "read-only"
+
+  # Or for full auto mode
+  # approval_policy = "never"
+
+  # Or disable network access
+  # network_access = false
+}
+```
+
+#### **Using extra_codex_settings_toml (Advanced)**
+
+For advanced configuration or when you need to override multiple settings:
+
+```tf
+module "codex" {
+  source = "registry.coder.com/coder-labs/codex/coder"
+  # ... other variables ...
+
+  extra_codex_settings_toml = <<-EOT
+    # Any custom Codex configuration
+    model = "gpt-4"
+    disable_response_storage = true
+  EOT
+}
+```
+
+> [!NOTE]
+> The dedicated variables (`sandbox_mode`, `approval_policy`, `network_access`) are the recommended way to configure sandbox behavior. Use `extra_codex_settings_toml` only for advanced configuration that isn't covered by the dedicated variables.
+
+## Troubleshooting
+
+- Check installation and startup logs in `~/.codex-module/`
+- Ensure your OpenAI API key has access to the specified model
+
+> [!IMPORTANT]
+> To use tasks with Codex CLI, ensure you have the `openai_api_key` variable set, and **you create a `coder_parameter` named `"AI Prompt"` and pass its value to the codex module's `ai_prompt` variable**. [Tasks Template Example](https://registry.coder.com/templates/coder-labs/tasks-docker).
+> The module automatically configures Codex with your API key and model preferences.
+> folder is a required variable for the module to function correctly.
+
+## References
+
+- [OpenAI API Documentation](https://platform.openai.com/docs)
+- [AgentAPI Documentation](https://github.com/coder/agentapi)
+- [Coder AI Agents Guide](https://coder.com/docs/tutorials/ai-agents)
@@ -0,0 +1,281 @@
+import {
+  test,
+  afterEach,
+  describe,
+  setDefaultTimeout,
+  beforeAll,
+  expect,
+} from "bun:test";
+import { execContainer, readFileContainer, runTerraformInit } from "~test";
+import {
+  loadTestFile,
+  writeExecutable,
+  setup as setupUtil,
+  execModuleScript,
+  expectAgentAPIStarted,
+} from "../../../coder/modules/agentapi/test-util";
+import dedent from "dedent";
+
+let cleanupFunctions: (() => Promise<void>)[] = [];
+const registerCleanup = (cleanup: () => Promise<void>) => {
+  cleanupFunctions.push(cleanup);
+};
+afterEach(async () => {
+  const cleanupFnsCopy = cleanupFunctions.slice().reverse();
+  cleanupFunctions = [];
+  for (const cleanup of cleanupFnsCopy) {
+    try {
+      await cleanup();
+    } catch (error) {
+      console.error("Error during cleanup:", error);
+    }
+  }
+});
+
+interface SetupProps {
+  skipAgentAPIMock?: boolean;
+  skipCodexMock?: boolean;
+  moduleVariables?: Record<string, string>;
+  agentapiMockScript?: string;
+}
+
+const setup = async (props?: SetupProps): Promise<{ id: string }> => {
+  const projectDir = "/home/coder/project";
+  const { id } = await setupUtil({
+    moduleDir: import.meta.dir,
+    moduleVariables: {
+      install_codex: props?.skipCodexMock ? "true" : "false",
+      install_agentapi: props?.skipAgentAPIMock ? "true" : "false",
+      codex_model: "gpt-4-turbo",
+      folder: "/home/coder",
+      ...props?.moduleVariables,
+    },
+    registerCleanup,
+    projectDir,
+    skipAgentAPIMock: props?.skipAgentAPIMock,
+    agentapiMockScript: props?.agentapiMockScript,
+  });
+  if (!props?.skipCodexMock) {
+    await writeExecutable({
+      containerId: id,
+      filePath: "/usr/bin/codex",
+      content: await loadTestFile(import.meta.dir, "codex-mock.sh"),
+    });
+  }
+  return { id };
+};
+
+setDefaultTimeout(60 * 1000);
+
+describe("codex", async () => {
+  beforeAll(async () => {
+    await runTerraformInit(import.meta.dir);
+  });
+
+  test("happy-path", async () => {
+    const { id } = await setup();
+    await execModuleScript(id);
+    await expectAgentAPIStarted(id);
+  });
+
+  test("install-codex-version", async () => {
+    const version_to_install = "0.10.0";
+    const { id } = await setup({
+      skipCodexMock: true,
+      moduleVariables: {
+        install_codex: "true",
+        codex_version: version_to_install,
+      },
+    });
+    await execModuleScript(id);
+    const resp = await execContainer(id, [
+      "bash",
+      "-c",
+      `cat /home/coder/.codex-module/install.log`,
+    ]);
+    expect(resp.stdout).toContain(version_to_install);
+  });
+
+  test("check-latest-codex-version-works", async () => {
+    const { id } = await setup({
+      skipCodexMock: true,
+      skipAgentAPIMock: true,
+      moduleVariables: {
+        install_codex: "true",
+      },
+    });
+    await execModuleScript(id);
+    await expectAgentAPIStarted(id);
+  });
+
+  test("codex-config-toml", async () => {
+    const settings = dedent`
+      [mcp_servers.CustomMCP]
+      command = "/Users/jkmr/Documents/work/coder/coder_darwin_arm64"
+      args = ["exp", "mcp", "server", "app-status-slug=codex"]
+      env = { "CODER_MCP_APP_STATUS_SLUG" = "codex", "CODER_MCP_AI_AGENTAPI_URL"= "http://localhost:3284" }
+      description = "Report ALL tasks and statuses (in progress, done, failed) you are working on."
+      enabled = true
+      type = "stdio"
+    `.trim();
+    const { id } = await setup({
+      moduleVariables: {
+        extra_codex_settings_toml: settings,
+      },
+    });
+    await execModuleScript(id);
+    const resp = await readFileContainer(id, "/home/coder/.codex/config.toml");
+    expect(resp).toContain("[mcp_servers.CustomMCP]");
+    expect(resp).toContain("[mcp_servers.Coder]");
+  });
+
+  test("codex-api-key", async () => {
+    const apiKey = "test-api-key-123";
+    const { id } = await setup({
+      moduleVariables: {
+        openai_api_key: apiKey,
+      },
+    });
+    await execModuleScript(id);
+
+    const resp = await readFileContainer(
+      id,
+      "/home/coder/.codex-module/agentapi-start.log",
+    );
+    expect(resp).toContain("openai_api_key provided !");
+  });
+
+  test("pre-post-install-scripts", async () => {
+    const { id } = await setup({
+      moduleVariables: {
+        pre_install_script: "#!/bin/bash\necho 'pre-install-script'",
+        post_install_script: "#!/bin/bash\necho 'post-install-script'",
+      },
+    });
+    await execModuleScript(id);
+    const preInstallLog = await readFileContainer(
+      id,
+      "/home/coder/.codex-module/pre_install.log",
+    );
+    expect(preInstallLog).toContain("pre-install-script");
+    const postInstallLog = await readFileContainer(
+      id,
+      "/home/coder/.codex-module/post_install.log",
+    );
+    expect(postInstallLog).toContain("post-install-script");
+  });
+
+  test("folder-variable", async () => {
+    const folder = "/tmp/codex-test-folder";
+    const { id } = await setup({
+      skipCodexMock: false,
+      moduleVariables: {
+        folder,
+      },
+    });
+    await execModuleScript(id);
+    const resp = await readFileContainer(
+      id,
+      "/home/coder/.codex-module/install.log",
+    );
+    expect(resp).toContain(folder);
+  });
+
+  test("additional-extensions", async () => {
+    const additional = dedent`
+      [mcp_servers.CustomMCP]
+      command = "/Users/jkmr/Documents/work/coder/coder_darwin_arm64"
+      args = ["exp", "mcp", "server", "app-status-slug=codex"]
+      env = { "CODER_MCP_APP_STATUS_SLUG" = "codex", "CODER_MCP_AI_AGENTAPI_URL"= "http://localhost:3284" }
+      description = "Report ALL tasks and statuses (in progress, done, failed) you are working on."
+      enabled = true
+      type = "stdio"
+    `.trim();
+    const { id } = await setup({
+      moduleVariables: {
+        additional_extensions: additional,
+      },
+    });
+    await execModuleScript(id);
+    const resp = await readFileContainer(id, "/home/coder/.codex/config.toml");
+    expect(resp).toContain("[mcp_servers.CustomMCP]");
+    expect(resp).toContain("[mcp_servers.Coder]");
+  });
+
+  test("codex-system-prompt", async () => {
+    const prompt = "This is a system prompt for Codex.";
+    const { id } = await setup({
+      moduleVariables: {
+        codex_system_prompt: prompt,
+      },
+    });
+    await execModuleScript(id);
+    const resp = await readFileContainer(id, "/home/coder/AGENTS.md");
+    expect(resp).toContain(prompt);
+  });
+
+  test("codex-system-prompt-skip-append-if-exists", async () => {
+    const prompt_1 = "This is a system prompt for Codex.";
+    const prompt_2 = "This is a system prompt for Goose.";
+    const prompt_3 = dedent`
+    This is a system prompt for Codex.
+    This is a system prompt for Gemini.
+    `.trim();
+    const pre_install_script = dedent`
+        #!/bin/bash
+        echo -e "${prompt_3}" >> /home/coder/AGENTS.md
+        `.trim();
+
+    const { id } = await setup({
+      moduleVariables: {
+        pre_install_script,
+        codex_system_prompt: prompt_2,
+      },
+    });
+    await execModuleScript(id);
+    const resp = await readFileContainer(id, "/home/coder/AGENTS.md");
+    expect(resp).toContain(prompt_1);
+    expect(resp).toContain(prompt_2);
+
+    // Re-run with a prompt that already exists, it should not append again
+    const { id: id_2 } = await setup({
+      moduleVariables: {
+        pre_install_script,
+        codex_system_prompt: prompt_1,
+      },
+    });
+    await execModuleScript(id_2);
+    const resp_2 = await readFileContainer(id_2, "/home/coder/AGENTS.md");
+    expect(resp_2).toContain(prompt_1);
+    const count = (resp_2.match(new RegExp(prompt_1, "g")) || []).length;
+    expect(count).toBe(1);
+  });
+
+  test("codex-ai-task-prompt", async () => {
+    const prompt = "This is a system prompt for Codex.";
+    const { id } = await setup({
+      moduleVariables: {
+        ai_prompt: prompt,
+      },
+    });
+    await execModuleScript(id);
+    const resp = await execContainer(id, [
+      "bash",
+      "-c",
+      `cat /home/coder/.codex-module/agentapi-start.log`,
+    ]);
+    expect(resp.stdout).toContain(prompt);
+  });
+
+  test("start-without-prompt", async () => {
+    const { id } = await setup();
+    await execModuleScript(id);
+    const prompt = await execContainer(id, [
+      "ls",
+      "-l",
+      "/home/coder/AGENTS.md",
+    ]);
+    expect(prompt.exitCode).not.toBe(0);
+    expect(prompt.stderr).toContain("No such file or directory");
+  });
+});
@@ -0,0 +1,207 @@
+terraform {
+  required_version = ">= 1.0"
+
+  required_providers {
+    coder = {
+      source  = "coder/coder"
+      version = ">= 2.7"
+    }
+  }
+}
+
+variable "agent_id" {
+  type        = string
+  description = "The ID of a Coder agent."
+}
+
+data "coder_workspace" "me" {}
+
+data "coder_workspace_owner" "me" {}
+
+variable "order" {
+  type        = number
+  description = "The order determines the position of app in the UI presentation. The lowest order is shown first and apps with equal order are sorted by name (ascending order)."
+  default     = null
+}
+
+variable "group" {
+  type        = string
+  description = "The name of a group that this app belongs to."
+  default     = null
+}
+
+variable "icon" {
+  type        = string
+  description = "The icon to use for the app."
+  default     = "/icon/openai.svg"
+}
+
+variable "folder" {
+  type        = string
+  description = "The folder to run Codex in."
+}
+
+variable "install_codex" {
+  type        = bool
+  description = "Whether to install Codex."
+  default     = true
+}
+
+variable "codex_version" {
+  type        = string
+  description = "The version of Codex to install."
+  default     = "" # empty string means the latest available version
+}
+
+variable "extra_codex_settings_toml" {
+  type        = string
+  description = "Settings to append to ~/.codex/config.toml."
+  default     = ""
+}
+
+variable "sandbox_mode" {
+  type        = string
+  description = "The sandbox mode for Codex. Options: workspace-write, read-only, danger-full-access."
+  default     = "workspace-write"
+  validation {
+    condition     = contains(["workspace-write", "read-only", "danger-full-access"], var.sandbox_mode)
+    error_message = "sandbox_mode must be one of: workspace-write, read-only, danger-full-access."
+  }
+}
+
+variable "approval_policy" {
+  type        = string
+  description = "The approval policy for Codex. Options: on-request, never, untrusted."
+  default     = "on-request"
+  validation {
+    condition     = contains(["on-request", "never", "untrusted"], var.approval_policy)
+    error_message = "approval_policy must be one of: on-request, never, untrusted."
+  }
+}
+
+variable "network_access" {
+  type        = bool
+  description = "Whether to allow network access in workspace-write mode."
+  default     = true
+}
+
+variable "openai_api_key" {
+  type        = string
+  description = "Codex API Key"
+  default     = ""
+}
+
+variable "install_agentapi" {
+  type        = bool
+  description = "Whether to install AgentAPI."
+  default     = true
+}
+
+variable "agentapi_version" {
+  type        = string
+  description = "The version of AgentAPI to install."
+  default     = "v0.5.0"
+}
+
+variable "codex_model" {
+  type        = string
+  description = "The model for Codex to use (e.g., o4-mini)."
+  default     = ""
+}
+
+variable "pre_install_script" {
+  type        = string
+  description = "Custom script to run before installing Codex."
+  default     = null
+}
+
+variable "post_install_script" {
+  type        = string
+  description = "Custom script to run after installing Codex."
+  default     = null
+}
+
+variable "ai_prompt" {
+  type        = string
+  description = "Task prompt for the Codex CLI"
+  default     = ""
+}
+
+variable "additional_extensions" {
+  type        = string
+  description = "Additional extensions configuration in json format to append to the config."
+  default     = ""
+}
+
+variable "codex_system_prompt" {
+  type        = string
+  description = "System prompt for Codex. It will be added to AGENTS.md in the specified folder."
+  default     = ""
+}
+
+
+
+resource "coder_env" "openai_api_key" {
+  agent_id = var.agent_id
+  name     = "OPENAI_API_KEY"
+  value    = var.openai_api_key
+}
+
+locals {
+  app_slug        = "codex"
+  install_script  = file("${path.module}/scripts/install.sh")
+  start_script    = file("${path.module}/scripts/start.sh")
+  module_dir_name = ".codex-module"
+}
+
+module "agentapi" {
+  source  = "registry.coder.com/coder/agentapi/coder"
+  version = "1.1.1"
+
+  agent_id             = var.agent_id
+  web_app_slug         = local.app_slug
+  web_app_order        = var.order
+  web_app_group        = var.group
+  web_app_icon         = var.icon
+  web_app_display_name = "Codex"
+  cli_app_slug         = "${local.app_slug}-cli"
+  cli_app_display_name = "Codex CLI"
+  module_dir_name      = local.module_dir_name
+  install_agentapi     = var.install_agentapi
+  agentapi_version     = var.agentapi_version
+  pre_install_script   = var.pre_install_script
+  post_install_script  = var.post_install_script
+  start_script         = <<-EOT
+     #!/bin/bash
+     set -o errexit
+     set -o pipefail
+
+     echo -n '${base64encode(local.start_script)}' | base64 -d > /tmp/start.sh
+     chmod +x /tmp/start.sh
+     ARG_OPENAI_API_KEY='${var.openai_api_key}' \
+     ARG_CODEX_MODEL='${var.codex_model}' \
+     ARG_CODEX_START_DIRECTORY='${var.folder}' \
+     ARG_CODEX_TASK_PROMPT='${base64encode(var.ai_prompt)}' \
+     /tmp/start.sh
+   EOT
+
+  install_script = <<-EOT
+    #!/bin/bash
+    set -o errexit
+    set -o pipefail
+
+    echo -n '${base64encode(local.install_script)}' | base64 -d > /tmp/install.sh
+    chmod +x /tmp/install.sh
+    ARG_INSTALL='${var.install_codex}' \
+    ARG_CODEX_VERSION='${var.codex_version}' \
+    ARG_EXTRA_CODEX_CONFIG='${base64encode(var.extra_codex_settings_toml)}' \
+    ARG_CODER_MCP_APP_STATUS_SLUG='${local.app_slug}' \
+    ARG_ADDITIONAL_EXTENSIONS='${base64encode(var.additional_extensions)}' \
+    ARG_CODEX_START_DIRECTORY='${var.folder}' \
+    ARG_CODEX_INSTRUCTION_PROMPT='${base64encode(var.codex_system_prompt)}' \
+    ARG_SANDBOX_MODE='${var.sandbox_mode}' \
+    ARG_APPROVAL_POLICY='${var.approval_policy}' \
+    ARG_NETWORK_ACCESS='${var.network_access}' \
+    /tmp/install.sh
+  EOT
+}
@@ -0,0 +1,171 @@
+#!/bin/bash
+source "$HOME"/.bashrc
+
+BOLD='\033[0;1m'
+
+# Function to check if a command exists
+command_exists() {
+  command -v "$1" > /dev/null 2>&1
+}
+set -o errexit
+set -o pipefail
+set -o nounset
+
+ARG_EXTRA_CODEX_CONFIG=$(echo -n "$ARG_EXTRA_CODEX_CONFIG" | base64 -d)
+ARG_ADDITIONAL_EXTENSIONS=$(echo -n "$ARG_ADDITIONAL_EXTENSIONS" | base64 -d)
+ARG_CODEX_INSTRUCTION_PROMPT=$(echo -n "$ARG_CODEX_INSTRUCTION_PROMPT" | base64 -d)
+
+echo "--------------------------------"
+printf "install: %s\n" "$ARG_INSTALL"
+printf "codex_version: %s\n" "$ARG_CODEX_VERSION"
+printf "codex_config: %s\n" "$ARG_EXTRA_CODEX_CONFIG"
+printf "app_slug: %s\n" "$ARG_CODER_MCP_APP_STATUS_SLUG"
+printf "additional_extensions: %s\n" "$ARG_ADDITIONAL_EXTENSIONS"
+printf "start_directory: %s\n" "$ARG_CODEX_START_DIRECTORY"
+printf "instruction_prompt: %s\n" "$ARG_CODEX_INSTRUCTION_PROMPT"
+
+echo "--------------------------------"
+
+set +o nounset
+
+function install_node() {
+  # borrowed from claude-code module
+  if ! command_exists npm; then
+    printf "npm not found, checking for Node.js installation...\n"
+    if ! command_exists node; then
+      printf "Node.js not found, installing Node.js via NVM...\n"
+      export NVM_DIR="$HOME/.nvm"
+      if [ ! -d "$NVM_DIR" ]; then
+        mkdir -p "$NVM_DIR"
+        curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
+        [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
+      else
+        [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
+      fi
+
+      nvm install --lts
+      nvm use --lts
+      nvm alias default node
+
+      printf "Node.js installed: %s\n" "$(node --version)"
+      printf "npm installed: %s\n" "$(npm --version)"
+    else
+      printf "Node.js is installed but npm is not available. Please install npm manually.\n"
+      exit 1
+    fi
+  fi
+}
+
+function install_codex() {
+  if [ "${ARG_INSTALL}" = "true" ]; then
+    # we need node to install and run codex-cli
+    install_node
+
+    # If nvm does not exist, we will create a global npm directory (this os to prevent the possibility of EACCESS issues on npm -g)
+    if ! command_exists nvm; then
+      printf "which node: %s\n" "$(which node)"
+      printf "which npm: %s\n" "$(which npm)"
+
+      # Create a directory for global packages
+      mkdir -p "$HOME"/.npm-global
+
+      # Configure npm to use it
+      npm config set prefix "$HOME/.npm-global"
+
+      # Add to PATH for current session
+      export PATH="$HOME/.npm-global/bin:$PATH"
+
+      # Add to shell profile for future sessions
+      if ! grep -q "export PATH=$HOME/.npm-global/bin:\$PATH" ~/.bashrc; then
+        echo "export PATH=$HOME/.npm-global/bin:\$PATH" >> ~/.bashrc
+      fi
+    fi
+
+    printf "%s Installing Codex CLI\n" "${BOLD}"
+
+    if [ -n "$ARG_CODEX_VERSION" ]; then
+      npm install -g "@openai/codex@$ARG_CODEX_VERSION"
+    else
+      npm install -g "@openai/codex"
+    fi
+    printf "%s Successfully installed Codex CLI. Version: %s\n" "${BOLD}" "$(codex --version)"
+  fi
+}
+
+function populate_config_toml() {
+  CONFIG_PATH="$HOME/.codex/config.toml"
+  mkdir -p "$(dirname "$CONFIG_PATH")"
+  printf "Custom codex_config is provided !\n"
+  BASE_SANDBOX_CONFIG=$(
+    cat << EOF
+# Base sandbox configuration for Codex workspace access
+# This ensures Codex can read/write files in the specified folder for AI tasks
+sandbox_mode = "${ARG_SANDBOX_MODE}"
+approval_policy = "${ARG_APPROVAL_POLICY}"
+
+# Allow network access in workspace-write mode for package installation, API calls, etc.
+[sandbox_workspace_write]
+network_access = ${ARG_NETWORK_ACCESS}
+EOF
+  )
+  
+  BASE_EXTENSIONS=$(
+    cat << EOF
+[mcp_servers.Coder]
+command = "coder"
+args = ["exp", "mcp", "server"]
+env = { "CODER_MCP_APP_STATUS_SLUG" = "${ARG_CODER_MCP_APP_STATUS_SLUG}", "CODER_MCP_AI_AGENTAPI_URL"= "http://localhost:3284", "CODER_AGENT_URL" = "${CODER_AGENT_URL}", "CODER_AGENT_TOKEN" = "${CODER_AGENT_TOKEN}" }
+description = "Report ALL tasks and statuses (in progress, done, failed) you are working on."
+type = "stdio"
+EOF
+  )
+  
+  echo "
+${BASE_SANDBOX_CONFIG}
+
+${ARG_EXTRA_CODEX_CONFIG}
+
+${BASE_EXTENSIONS}
+
+${ARG_ADDITIONAL_EXTENSIONS}
+    " > "$HOME/.codex/config.toml"
+
+}
+
+function add_instruction_prompt_if_exists() {
+  if [ -n "${ARG_CODEX_INSTRUCTION_PROMPT:-}" ]; then
+    if [ -d "${ARG_CODEX_START_DIRECTORY}" ]; then
+      printf "Directory '%s' exists. Changing to it.\\n" "${ARG_CODEX_START_DIRECTORY}"
+      cd "${ARG_CODEX_START_DIRECTORY}" || {
+        printf "Error: Could not change to directory '%s'.\\n" "${ARG_CODEX_START_DIRECTORY}"
+        exit 1
+      }
+    else
+      printf "Directory '%s' does not exist. Creating and changing to it.\\n" "${ARG_CODEX_START_DIRECTORY}"
+      mkdir -p "${ARG_CODEX_START_DIRECTORY}" || {
+        printf "Error: Could not create directory '%s'.\\n" "${ARG_CODEX_START_DIRECTORY}"
+        exit 1
+      }
+      cd "${ARG_CODEX_START_DIRECTORY}" || {
+        printf "Error: Could not change to directory '%s'.\\n" "${ARG_CODEX_START_DIRECTORY}"
+        exit 1
+      }
+    fi
+
+    # Check if AGENTS.md contains the instruction prompt already
+    if [ -f AGENTS.md ] && grep -Fxq "${ARG_CODEX_INSTRUCTION_PROMPT}" AGENTS.md; then
+      printf "AGENTS.md already contains the instruction prompt. Skipping append.\n"
+    else
+      printf "Appending instruction prompt to AGENTS.md\n"
+      echo -e "\n${ARG_CODEX_INSTRUCTION_PROMPT}" >> AGENTS.md
+    fi
+  else
+    printf "AGENTS.md is not set.\n"
+  fi
+}
+
+# Install Codex
+install_codex
+codex --version
+populate_config_toml
+add_instruction_prompt_if_exists
@@ -0,0 +1,78 @@
+#!/bin/bash
+
+# Load shell environment
+source "$HOME"/.bashrc
+set -o errexit
+set -o pipefail
+command_exists() {
+  command -v "$1" > /dev/null 2>&1
+}
+
+if [ -f "$HOME/.nvm/nvm.sh" ]; then
+  source "$HOME"/.nvm/nvm.sh
+else
+  export PATH="$HOME/.npm-global/bin:$PATH"
+fi
+
+printf "Version: %s\n" "$(codex --version)"
+set -o nounset
+ARG_CODEX_TASK_PROMPT=$(echo -n "$ARG_CODEX_TASK_PROMPT" | base64 -d)
+
+echo "--------------------------------"
+printf "openai_api_key: %s\n" "$ARG_OPENAI_API_KEY"
+printf "codex_model: %s\n" "$ARG_CODEX_MODEL"
+printf "start_directory: %s\n" "$ARG_CODEX_START_DIRECTORY"
+printf "task_prompt: %s\n" "$ARG_CODEX_TASK_PROMPT"
+echo "--------------------------------"
+set +o nounset
+CODEX_ARGS=()
+
+if command_exists codex; then
+  printf "Codex is installed\n"
+else
+  printf "Error: Codex is not installed. Please enable install_codex or install it manually\n"
+  exit 1
+fi
+
+if [ -d "${ARG_CODEX_START_DIRECTORY}" ]; then
+  printf "Directory '%s' exists. Changing to it.\\n" "${ARG_CODEX_START_DIRECTORY}"
+  cd "${ARG_CODEX_START_DIRECTORY}" || {
+    printf "Error: Could not change to directory '%s'.\\n" "${ARG_CODEX_START_DIRECTORY}"
+    exit 1
+  }
+else
+  printf "Directory '%s' does not exist. Creating and changing to it.\\n" "${ARG_CODEX_START_DIRECTORY}"
+  mkdir -p "${ARG_CODEX_START_DIRECTORY}" || {
+    printf "Error: Could not create directory '%s'.\\n" "${ARG_CODEX_START_DIRECTORY}"
+    exit 1
+  }
+  cd "${ARG_CODEX_START_DIRECTORY}" || {
+    printf "Error: Could not change to directory '%s'.\\n" "${ARG_CODEX_START_DIRECTORY}"
+    exit 1
+  }
+fi
+
+if [ -n "$ARG_CODEX_MODEL" ]; then
+  CODEX_ARGS+=("--model" "$ARG_CODEX_MODEL")
+fi
+
+
+
+if [ -n "$ARG_CODEX_TASK_PROMPT" ]; then
+  printf "Running the task prompt %s\n" "$ARG_CODEX_TASK_PROMPT"
+  PROMPT="Complete the task at hand in one go. Every step of the way, report your progress using coder_report_task tool with proper summary and statuses. Your task at hand: $ARG_CODEX_TASK_PROMPT"
+  CODEX_ARGS+=("$PROMPT")
+else
+  printf "No task prompt given.\n"
+fi
+
+if [ -n "$ARG_OPENAI_API_KEY" ]; then
+  printf "openai_api_key provided !\n"
+else
+  printf "openai_api_key not provided\n"
+fi
+
+# use low width to fit in the tasks UI sidebar
+# we adjust the height to 930 due to a bug in codex, see: https://github.com/openai/codex/issues/1608
+printf "Starting codex with %s\n" "${CODEX_ARGS[@]}"
+agentapi server --term-width 67 --term-height 1190 -- codex "${CODEX_ARGS[@]}"
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+if [[ "$1" == "--version" ]]; then
+  echo "HELLO: $(bash -c env)"
+  echo "codex version v1.0.0"
+  exit 0
+fi
+
+set -e
+
+while true; do
+  echo "$(date) - codex-mock"
+  sleep 15
+done
@@ -1,14 +1,25 @@
 ---
 display_name: Cursor CLI
 icon: ../../../../.icons/cursor.svg
-description: Run Cursor CLI agent in your workspace (no AgentAPI)
+description: Run Cursor Agent CLI in your workspace for AI pair programming
 verified: true
-tags: [agent, cursor, ai, cli]
+tags: [agent, cursor, ai, tasks]
 ---

 # Cursor CLI

-Run the Cursor Coding Agent in your workspace using the Cursor CLI directly.
+Run the Cursor Agent CLI in your workspace for interactive coding assistance and automated task execution.
+
+```tf
+module "cursor_cli" {
+  source   = "registry.coder.com/coder-labs/cursor-cli/coder"
+  version  = "0.1.1"
+  agent_id = coder_agent.example.id
+  folder   = "/home/coder/project"
+}
+```
+
+## Basic setup

 A full example with MCP, rules, and pre/post install scripts:

@@ -31,7 +42,7 @@ module "coder-login" {

 module "cursor_cli" {
  source   = "registry.coder.com/coder-labs/cursor-cli/coder"
-  version  = "0.1.0"
+  version  = "0.1.1"
  agent_id = coder_agent.example.id
  folder   = "/home/coder/project"

@@ -40,6 +51,7 @@ module "cursor_cli" {
  force              = true
  model              = "gpt-5"
  ai_prompt          = data.coder_parameter.ai_prompt.value
+  api_key            = "xxxx-xxxx-xxxx" # Required while using tasks, see note below

  # Minimal MCP server (writes `folder/.cursor/mcp.json`):
  mcp = jsonencode({
@@ -0,0 +1,90 @@
+---
+display_name: Sourcegraph AMP
+icon: ../../../../.icons/sourcegraph-amp.svg
+description: Run Sourcegraph AMP CLI in your workspace with AgentAPI integration
+verified: false
+tags: [agent, sourcegraph, amp, ai, tasks]
+---
+
+# Sourcegraph AMP CLI
+
+Run [Sourcegraph AMP CLI](https://sourcegraph.com/amp) in your workspace to access Sourcegraph's AI-powered code search and analysis tools, with AgentAPI integration for seamless Coder Tasks support.
+
+```tf
+module "sourcegraph_amp" {
+  source                  = "registry.coder.com/coder-labs/sourcegraph_amp/coder"
+  version                 = "1.0.0"
+  agent_id                = coder_agent.example.id
+  sourcegraph_amp_api_key = var.sourcegraph_amp_api_key
+  install_sourcegraph_amp = true
+  agentapi_version        = "latest"
+}
+```
+
+## Prerequisites
+
+- Include the [Coder Login](https://registry.coder.com/modules/coder-login/coder) module in your template
+- Node.js and npm are automatically installed (via NVM) if not already available
+
+## Usage Example
+
+```tf
+data "coder_parameter" "ai_prompt" {
+  name        = "AI Prompt"
+  description = "Write an initial prompt for AMP to work on."
+  type        = "string"
+  default     = ""
+  mutable     = true
+
+}
+
+# Set system prompt for Sourcegraph Amp via environment variables
+resource "coder_agent" "main" {
+  # ...
+  env = {
+    SOURCEGRAPH_AMP_SYSTEM_PROMPT = <<-EOT
+      You are an AMP assistant that helps developers debug and write code efficiently.
+
+      Always log task status to Coder.
+    EOT
+    SOURCEGRAPH_AMP_TASK_PROMPT   = data.coder_parameter.ai_prompt.value
+  }
+}
+
+variable "sourcegraph_amp_api_key" {
+  type        = string
+  description = "Sourcegraph AMP API key"
+  sensitive   = true
+}
+
+module "sourcegraph_amp" {
+  count                   = data.coder_workspace.me.start_count
+  source                  = "registry.coder.com/coder-labs/sourcegraph_amp/coder"
+  version                 = "1.0.0"
+  agent_id                = coder_agent.example.id
+  sourcegraph_amp_api_key = var.sourcegraph_amp_api_key # recommended for authenticated usage
+  install_sourcegraph_amp = true
+}
+```
+
+## How it Works
+
+- **Install**: Installs Sourcegraph AMP CLI using npm (installs Node.js via NVM if required)
+- **Start**: Launches AMP CLI in the specified directory, wrapped with AgentAPI to enable tasks and AI interactions
+- **Environment Variables**: Sets `SOURCEGRAPH_AMP_API_KEY` and `SOURCEGRAPH_AMP_START_DIRECTORY` for the CLI execution
+
+## Troubleshooting
+
+- If `amp` is not found, ensure `install_sourcegraph_amp = true` and your API key is valid
+- Logs are written under `/home/coder/.sourcegraph-amp-module/` (`install.log`, `agentapi-start.log`) for debugging
+- If AgentAPI fails to start, verify that your container has network access and executable permissions for the scripts
+
+> [!IMPORTANT]
+> For using **Coder Tasks** with Sourcegraph AMP, make sure to pass the `AI Prompt` parameter and set `sourcegraph_amp_api_key`.
+> This ensures task reporting and status updates work seamlessly.
+
+## References
+
+- [Sourcegraph AMP Documentation](https://ampcode.com/manual)
+- [AgentAPI Documentation](https://github.com/coder/agentapi)
+- [Coder AI Agents Guide](https://coder.com/docs/tutorials/ai-agents)
@@ -0,0 +1,157 @@
+import {
+  test,
+  afterEach,
+  describe,
+  setDefaultTimeout,
+  beforeAll,
+  expect,
+} from "bun:test";
+import { execContainer, readFileContainer, runTerraformInit } from "~test";
+import {
+  loadTestFile,
+  writeExecutable,
+  setup as setupUtil,
+  execModuleScript,
+  expectAgentAPIStarted,
+} from "../../../coder/modules/agentapi/test-util";
+
+let cleanupFunctions: (() => Promise<void>)[] = [];
+const registerCleanup = (cleanup: () => Promise<void>) => {
+  cleanupFunctions.push(cleanup);
+};
+afterEach(async () => {
+  const cleanupFnsCopy = cleanupFunctions.slice().reverse();
+  cleanupFunctions = [];
+  for (const cleanup of cleanupFnsCopy) {
+    try {
+      await cleanup();
+    } catch (error) {
+      console.error("Error during cleanup:", error);
+    }
+  }
+});
+
+interface SetupProps {
+  skipAgentAPIMock?: boolean;
+  skipAmpMock?: boolean;
+  moduleVariables?: Record<string, string>;
+  agentapiMockScript?: string;
+}
+
+const setup = async (props?: SetupProps): Promise<{ id: string }> => {
+  const projectDir = "/home/coder/project";
+  const { id } = await setupUtil({
+    moduleDir: import.meta.dir,
+    moduleVariables: {
+      install_sourcegraph_amp: props?.skipAmpMock ? "true" : "false",
+      install_agentapi: props?.skipAgentAPIMock ? "true" : "false",
+      sourcegraph_amp_model: "test-model",
+      ...props?.moduleVariables,
+    },
+    registerCleanup,
+    projectDir,
+    skipAgentAPIMock: props?.skipAgentAPIMock,
+    agentapiMockScript: props?.agentapiMockScript,
+  });
+
+  // Place the AMP mock CLI binary inside the container
+  if (!props?.skipAmpMock) {
+    await writeExecutable({
+      containerId: id,
+      filePath: "/usr/bin/amp",
+      content: await loadTestFile(`${import.meta.dir}`, "amp-mock.sh"),
+    });
+  }
+
+  return { id };
+};
+
+setDefaultTimeout(60 * 1000);
+
+describe("sourcegraph-amp", async () => {
+  beforeAll(async () => {
+    await runTerraformInit(import.meta.dir);
+  });
+
+  test("happy-path", async () => {
+    const { id } = await setup();
+    await execModuleScript(id);
+    await expectAgentAPIStarted(id);
+  });
+
+  test("api-key", async () => {
+    const apiKey = "test-api-key-123";
+    const { id } = await setup({
+      moduleVariables: {
+        sourcegraph_amp_api_key: apiKey,
+      },
+    });
+    await execModuleScript(id);
+    const resp = await readFileContainer(
+      id,
+      "/home/coder/.sourcegraph-amp-module/agentapi-start.log",
+    );
+    expect(resp).toContain("sourcegraph_amp_api_key provided !");
+  });
+
+  test("custom-folder", async () => {
+    const folder = "/tmp/sourcegraph-amp-test";
+    const { id } = await setup({
+      moduleVariables: {
+        folder,
+      },
+    });
+    await execModuleScript(id);
+    const resp = await readFileContainer(
+      id,
+      "/home/coder/.sourcegraph-amp-module/install.log",
+    );
+    expect(resp).toContain(folder);
+  });
+
+  test("pre-post-install-scripts", async () => {
+    const { id } = await setup({
+      moduleVariables: {
+        pre_install_script: "#!/bin/bash\necho 'pre-install-script'",
+        post_install_script: "#!/bin/bash\necho 'post-install-script'",
+      },
+    });
+    await execModuleScript(id);
+    const preLog = await readFileContainer(
+      id,
+      "/home/coder/.sourcegraph-amp-module/pre_install.log",
+    );
+    expect(preLog).toContain("pre-install-script");
+    const postLog = await readFileContainer(
+      id,
+      "/home/coder/.sourcegraph-amp-module/post_install.log",
+    );
+    expect(postLog).toContain("post-install-script");
+  });
+
+  test("system-prompt", async () => {
+    const prompt = "this is a system prompt for AMP";
+    const { id } = await setup();
+    await execModuleScript(id, {
+      SOURCEGRAPH_AMP_SYSTEM_PROMPT: prompt,
+    });
+    const resp = await readFileContainer(
+      id,
+      "/home/coder/.sourcegraph-amp-module/SYSTEM_PROMPT.md",
+    );
+    expect(resp).toContain(prompt);
+  });
+
+  test("task-prompt", async () => {
+    const prompt = "this is a task prompt for AMP";
+    const { id } = await setup();
+    await execModuleScript(id, {
+      SOURCEGRAPH_AMP_TASK_PROMPT: prompt,
+    });
+    const resp = await readFileContainer(
+      id,
+      "/home/coder/.sourcegraph-amp-module/agentapi-start.log",
+    );
+    expect(resp).toContain(`sourcegraph amp task prompt provided : ${prompt}`);
+  });
+});
@@ -0,0 +1,195 @@
+terraform {
+  required_version = ">= 1.0"
+
+  required_providers {
+    coder = {
+      source  = "coder/coder"
+      version = ">= 2.7"
+    }
+  }
+}
+
+variable "agent_id" {
+  type        = string
+  description = "The ID of a Coder agent."
+}
+
+data "coder_workspace" "me" {}
+
+data "coder_workspace_owner" "me" {}
+
+variable "order" {
+  type        = number
+  description = "The order determines the position of app in the UI presentation. The lowest order is shown first and apps with equal order are sorted by name (ascending order)."
+  default     = null
+}
+
+variable "group" {
+  type        = string
+  description = "The name of a group that this app belongs to."
+  default     = null
+}
+
+variable "icon" {
+  type        = string
+  description = "The icon to use for the app."
+  default     = "/icon/sourcegraph-amp.svg"
+}
+
+variable "folder" {
+  type        = string
+  description = "The folder to run sourcegraph_amp in."
+  default     = "/home/coder"
+}
+
+variable "install_sourcegraph_amp" {
+  type        = bool
+  description = "Whether to install sourcegraph-amp."
+  default     = true
+}
+
+variable "sourcegraph_amp_api_key" {
+  type        = string
+  description = "sourcegraph-amp API Key"
+  default     = ""
+}
+
+resource "coder_env" "sourcegraph_amp_api_key" {
+  agent_id = var.agent_id
+  name     = "SOURCEGRAPH_AMP_API_KEY"
+  value    = var.sourcegraph_amp_api_key
+}
+
+variable "install_agentapi" {
+  type        = bool
+  description = "Whether to install AgentAPI."
+  default     = true
+}
+
+variable "agentapi_version" {
+  type        = string
+  description = "The version of AgentAPI to install."
+  default     = "v0.3.0"
+}
+
+variable "pre_install_script" {
+  type        = string
+  description = "Custom script to run before installing sourcegraph_amp"
+  default     = null
+}
+
+variable "post_install_script" {
+  type        = string
+  description = "Custom script to run after installing sourcegraph_amp."
+  default     = null
+}
+
+variable "base_amp_config" {
+  type        = string
+  description = <<-EOT
+    Base AMP configuration in JSON format. Can be overridden to customize AMP settings.
+    
+    If empty, defaults enable thinking and todos for autonomous operation. Additional options include:
+    - "amp.permissions": [] (tool permissions)
+    - "amp.tools.stopTimeout": 600 (extend timeout for long operations)
+    - "amp.terminal.commands.nodeSpawn.loadProfile": "daily" (environment loading)
+    - "amp.tools.disable": ["builtin:open"] (disable tools for containers)
+    - "amp.git.commit.ampThread.enabled": true (link commits to threads)
+    - "amp.git.commit.coauthor.enabled": true (add Amp as co-author)
+    
+    Reference: https://ampcode.com/manual
+  EOT
+  default     = ""
+}
+
+variable "additional_mcp_servers" {
+  type        = string
+  description = "Additional MCP servers configuration in JSON format to append to amp.mcpServers."
+  default     = null
+}
+
+locals {
+  app_slug = "amp"
+
+  default_base_config = {
+    "amp.anthropic.thinking.enabled" = true
+    "amp.todos.enabled"              = true
+  }
+
+  # Use provided config or default, then extract base settings (excluding mcpServers)
+  user_config       = var.base_amp_config != "" ? jsondecode(var.base_amp_config) : local.default_base_config
+  base_amp_settings = { for k, v in local.user_config : k => v if k != "amp.mcpServers" }
+
+  coder_mcp = {
+    "coder" = {
+      "command" = "coder"
+      "args"    = ["exp", "mcp", "server"]
+      "env" = {
+        "CODER_MCP_APP_STATUS_SLUG" = local.app_slug
+        "CODER_MCP_AI_AGENTAPI_URL" = "http://localhost:3284"
+      }
+      "type" = "stdio"
+    }
+  }
+
+  additional_mcp = var.additional_mcp_servers != null ? jsondecode(var.additional_mcp_servers) : {}
+
+  merged_mcp_servers = merge(
+    lookup(local.user_config, "amp.mcpServers", {}),
+    local.coder_mcp,
+    local.additional_mcp
+  )
+
+  final_config = merge(local.base_amp_settings, {
+    "amp.mcpServers" = local.merged_mcp_servers
+  })
+
+  install_script  = file("${path.module}/scripts/install.sh")
+  start_script    = file("${path.module}/scripts/start.sh")
+  module_dir_name = ".sourcegraph-amp-module"
+}
+
+module "agentapi" {
+  source  = "registry.coder.com/coder/agentapi/coder"
+  version = "1.0.1"
+
+  agent_id             = var.agent_id
+  web_app_slug         = local.app_slug
+  web_app_order        = var.order
+  web_app_group        = var.group
+  web_app_icon         = var.icon
+  web_app_display_name = "Sourcegraph Amp"
+  cli_app_slug         = "${local.app_slug}-cli"
+  cli_app_display_name = "Sourcegraph Amp CLI"
+  module_dir_name      = local.module_dir_name
+  install_agentapi     = var.install_agentapi
+  agentapi_version     = var.agentapi_version
+  pre_install_script   = var.pre_install_script
+  post_install_script  = var.post_install_script
+  start_script         = <<-EOT
+     #!/bin/bash
+     set -o errexit
+     set -o pipefail
+
+     echo -n '${base64encode(local.start_script)}' | base64 -d > /tmp/start.sh
+     chmod +x /tmp/start.sh
+     SOURCEGRAPH_AMP_API_KEY='${var.sourcegraph_amp_api_key}' \
+     SOURCEGRAPH_AMP_START_DIRECTORY='${var.folder}' \
+     /tmp/start.sh
+   EOT
+
+  install_script = <<-EOT
+    #!/bin/bash
+    set -o errexit
+    set -o pipefail
+
+    echo -n '${base64encode(local.install_script)}' | base64 -d > /tmp/install.sh
+    chmod +x /tmp/install.sh
+    ARG_INSTALL_SOURCEGRAPH_AMP='${var.install_sourcegraph_amp}' \
+    SOURCEGRAPH_AMP_START_DIRECTORY='${var.folder}' \
+    ARG_AMP_CONFIG="$(echo -n '${base64encode(jsonencode(local.final_config))}' | base64 -d)" \
+    /tmp/install.sh
+  EOT
+}
+
+
@@ -0,0 +1,96 @@
+#!/bin/bash
+set -euo pipefail
+
+# ANSI colors
+BOLD='\033[1m'
+
+echo "--------------------------------"
+echo "Install flag: $ARG_INSTALL_SOURCEGRAPH_AMP"
+echo "Workspace: $SOURCEGRAPH_AMP_START_DIRECTORY"
+echo "--------------------------------"
+
+# Helper function to check if a command exists
+command_exists() {
+  command -v "$1" > /dev/null 2>&1
+}
+
+function install_node() {
+  if ! command_exists npm; then
+    printf "npm not found, checking for Node.js installation...\n"
+    if ! command_exists node; then
+      printf "Node.js not found, installing Node.js via NVM...\n"
+      export NVM_DIR="$HOME/.nvm"
+      if [ ! -d "$NVM_DIR" ]; then
+        mkdir -p "$NVM_DIR"
+        curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
+        [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
+      else
+        [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
+      fi
+
+      # Temporarily disable nounset (-u) for nvm to avoid PROVIDED_VERSION error
+      set +u
+      nvm install --lts
+      nvm use --lts
+      nvm alias default node
+      set -u
+
+      printf "Node.js installed: %s\n" "$(node --version)"
+      printf "npm installed: %s\n" "$(npm --version)"
+    else
+      printf "Node.js is installed but npm is not available. Please install npm manually.\n"
+      exit 1
+    fi
+  fi
+}
+
+function install_sourcegraph_amp() {
+  if [ "${ARG_INSTALL_SOURCEGRAPH_AMP}" = "true" ]; then
+    install_node
+
+    # If nvm is not used, set up user npm global directory
+    if ! command_exists nvm; then
+      mkdir -p "$HOME/.npm-global"
+      npm config set prefix "$HOME/.npm-global"
+      export PATH="$HOME/.npm-global/bin:$PATH"
+      if ! grep -q "export PATH=$HOME/.npm-global/bin:\$PATH" ~/.bashrc; then
+        echo "export PATH=$HOME/.npm-global/bin:\$PATH" >> ~/.bashrc
+      fi
+    fi
+
+    printf "%s Installing Sourcegraph AMP CLI...\n" "${BOLD}"
+    npm install -g @sourcegraph/amp@0.0.1754179307-gba1f97
+    printf "%s Successfully installed Sourcegraph AMP CLI. Version: %s\n" "${BOLD}" "$(amp --version)"
+  fi
+}
+
+function setup_system_prompt() {
+  if [ -n "${SOURCEGRAPH_AMP_SYSTEM_PROMPT:-}" ]; then
+    echo "Setting Sourcegraph AMP system prompt..."
+    mkdir -p "$HOME/.sourcegraph-amp-module"
+    echo "$SOURCEGRAPH_AMP_SYSTEM_PROMPT" > "$HOME/.sourcegraph-amp-module/SYSTEM_PROMPT.md"
+    echo "System prompt saved to $HOME/.sourcegraph-amp-module/SYSTEM_PROMPT.md"
+  else
+    echo "No system prompt provided for Sourcegraph AMP."
+  fi
+}
+
+function configure_amp_settings() {
+  echo "Configuring AMP settings..."
+  SETTINGS_PATH="$HOME/.config/amp/settings.json"
+  mkdir -p "$(dirname "$SETTINGS_PATH")"
+
+  if [ -z "${ARG_AMP_CONFIG:-}" ]; then
+    echo "No AMP config provided, skipping configuration"
+    return
+  fi
+
+  echo "Writing AMP configuration to $SETTINGS_PATH"
+  printf '%s\n' "$ARG_AMP_CONFIG" > "$SETTINGS_PATH"
+
+  echo "AMP configuration complete"
+}
+
+install_sourcegraph_amp
+setup_system_prompt
+configure_amp_settings
@@ -0,0 +1,49 @@
+#!/bin/bash
+set -euo pipefail
+
+# Load user environment
+# shellcheck source=/dev/null
+source "$HOME/.bashrc"
+# shellcheck source=/dev/null
+if [ -f "$HOME/.nvm/nvm.sh" ]; then
+  source "$HOME"/.nvm/nvm.sh
+else
+  export PATH="$HOME/.npm-global/bin:$PATH"
+fi
+
+function ensure_command() {
+  command -v "$1" &> /dev/null || {
+    echo "Error: '$1' not found." >&2
+    exit 1
+  }
+}
+
+ensure_command amp
+echo "AMP version: $(amp --version)"
+
+dir="$SOURCEGRAPH_AMP_START_DIRECTORY"
+if [[ -d "$dir" ]]; then
+  echo "Using existing directory: $dir"
+else
+  echo "Creating directory: $dir"
+  mkdir -p "$dir"
+fi
+cd "$dir"
+
+if [ -n "$SOURCEGRAPH_AMP_API_KEY" ]; then
+  printf "sourcegraph_amp_api_key provided !\n"
+  export AMP_API_KEY=$SOURCEGRAPH_AMP_API_KEY
+else
+  printf "sourcegraph_amp_api_key not provided\n"
+fi
+
+if [ -n "${SOURCEGRAPH_AMP_TASK_PROMPT:-}" ]; then
+  printf "sourcegraph amp task prompt provided : $SOURCEGRAPH_AMP_TASK_PROMPT"
+  PROMPT="Every step of the way, report tasks to Coder with proper descriptions and statuses. Your task at hand: $SOURCEGRAPH_AMP_TASK_PROMPT"
+
+  # Pipe the prompt into amp, which will be run inside agentapi
+  agentapi server --term-width=67 --term-height=1190 -- bash -c "echo \"$PROMPT\" | amp"
+else
+  printf "No task prompt given.\n"
+  agentapi server --term-width=67 --term-height=1190 -- amp
+fi
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+# Mock behavior of the AMP CLI
+if [[ "$1" == "--version" ]]; then
+  echo "AMP CLI mock version v1.0.0"
+  exit 0
+fi
+
+# Simulate AMP running in a loop for AgentAPI to connect
+set -e
+while true; do
+  echo "$(date) - AMP mock is running..."
+  sleep 15
+done
@@ -14,7 +14,7 @@ Automatically install [KasmVNC](https://kasmweb.com/kasmvnc) in a workspace, and
 module "kasmvnc" {
  count               = data.coder_workspace.me.start_count
  source              = "registry.coder.com/coder/kasmvnc/coder"
-  version             = "1.2.1"
+  version             = "1.2.2"
  agent_id            = coder_agent.example.id
  desktop_environment = "xfce"
  subdomain           = true
@@ -240,7 +240,7 @@ get_http_dir() {

  # Check the home directory for overriding values
  if [[ -e "$HOME/.vnc/kasmvnc.yaml" ]]; then
-    d=($(grep -E "^\s*httpd_directory:.*$" /etc/kasmvnc/kasmvnc.yaml))
+    d=($(grep -E "^\s*httpd_directory:.*$" "$HOME/.vnc/kasmvnc.yaml"))
    if [[ $${#d[@]} -eq 2 && -d "$${d[1]}" ]]; then
      httpd_directory="$${d[1]}"
    fi
@@ -14,7 +14,7 @@ Automatically install [Visual Studio Code Server](https://code.visualstudio.com/
 module "vscode-web" {
  count          = data.coder_workspace.me.start_count
  source         = "registry.coder.com/coder/vscode-web/coder"
-  version        = "1.3.1"
+  version        = "1.4.0"
  agent_id       = coder_agent.example.id
  accept_license = true
 }
@@ -30,7 +30,7 @@ module "vscode-web" {
 module "vscode-web" {
  count          = data.coder_workspace.me.start_count
  source         = "registry.coder.com/coder/vscode-web/coder"
-  version        = "1.3.1"
+  version        = "1.4.0"
  agent_id       = coder_agent.example.id
  install_prefix = "/home/coder/.vscode-web"
  folder         = "/home/coder"
@@ -44,7 +44,7 @@ module "vscode-web" {
 module "vscode-web" {
  count          = data.coder_workspace.me.start_count
  source         = "registry.coder.com/coder/vscode-web/coder"
-  version        = "1.3.1"
+  version        = "1.4.0"
  agent_id       = coder_agent.example.id
  extensions     = ["github.copilot", "ms-python.python", "ms-toolsai.jupyter"]
  accept_license = true
@@ -59,7 +59,7 @@ Configure VS Code's [settings.json](https://code.visualstudio.com/docs/getstarte
 module "vscode-web" {
  count      = data.coder_workspace.me.start_count
  source     = "registry.coder.com/coder/vscode-web/coder"
-  version    = "1.3.1"
+  version    = "1.4.0"
  agent_id   = coder_agent.example.id
  extensions = ["dracula-theme.theme-dracula"]
  settings = {
@@ -77,9 +77,24 @@ By default, this module installs the latest. To pin a specific version, retrieve
 module "vscode-web" {
  count          = data.coder_workspace.me.start_count
  source         = "registry.coder.com/coder/vscode-web/coder"
-  version        = "1.3.1"
+  version        = "1.4.0"
  agent_id       = coder_agent.example.id
  commit_id      = "e54c774e0add60467559eb0d1e229c6452cf8447"
  accept_license = true
 }
 ```
+
+### Open an existing workspace on startup
+
+To open an existing workspace on startup the `workspace` parameter can be used to represent a path on disk to a `code-workspace` file.
+Note: Either `workspace` or `folder` can be used, but not both simultaneously. The `code-workspace` file must already be present on disk.
+
+```tf
+module "vscode-web" {
+  count     = data.coder_workspace.me.start_count
+  source    = "registry.coder.com/coder/vscode-web/coder"
+  version   = "1.4.0"
+  agent_id  = coder_agent.example.id
+  workspace = "/home/coder/coder.code-workspace"
+}
+```
@@ -158,6 +158,12 @@ variable "platform" {
  }
 }

+variable "workspace" {
+  type        = string
+  description = "Path to a .code-workspace file to open in vscode-web."
+  default     = null
+}
+
 data "coder_workspace_owner" "me" {}
 data "coder_workspace" "me" {}

@@ -178,6 +184,7 @@ resource "coder_script" "vscode-web" {
    DISABLE_TRUST : var.disable_trust,
    EXTENSIONS_DIR : var.extensions_dir,
    FOLDER : var.folder,
+    WORKSPACE : var.workspace,
    AUTO_INSTALL_EXTENSIONS : var.auto_install_extensions,
    SERVER_BASE_PATH : local.server_base_path,
    COMMIT_ID : var.commit_id,
@@ -195,6 +202,11 @@ resource "coder_script" "vscode-web" {
      condition     = !var.offline || !var.use_cached
      error_message = "Offline and Use Cached can not be used together"
    }
+
+    precondition {
+      condition     = (var.workspace == "" || var.folder == "")
+      error_message = "Set only one of `workspace` or `folder`."
+    }
  }
 }

@@ -218,6 +230,12 @@ resource "coder_app" "vscode-web" {

 locals {
  server_base_path = var.subdomain ? "" : format("/@%s/%s/apps/%s/", data.coder_workspace_owner.me.name, data.coder_workspace.me.name, var.slug)
-  url              = var.folder == "" ? "http://localhost:${var.port}${local.server_base_path}" : "http://localhost:${var.port}${local.server_base_path}?folder=${var.folder}"
-  healthcheck_url  = var.subdomain ? "http://localhost:${var.port}/healthz" : "http://localhost:${var.port}${local.server_base_path}/healthz"
+  url = (
+    var.workspace != "" ?
+    "http://localhost:${var.port}${local.server_base_path}?workspace=${urlencode(var.workspace)}" :
+    var.folder != "" ?
+    "http://localhost:${var.port}${local.server_base_path}?folder=${urlencode(var.folder)}" :
+    "http://localhost:${var.port}${local.server_base_path}"
+  )
+  healthcheck_url = var.subdomain ? "http://localhost:${var.port}/healthz" : "http://localhost:${var.port}${local.server_base_path}/healthz"
 }
@@ -109,18 +109,27 @@ if [ "${AUTO_INSTALL_EXTENSIONS}" = true ]; then
  if ! command -v jq > /dev/null; then
    echo "jq is required to install extensions from a workspace file."
  else
-    WORKSPACE_DIR="$HOME"
-    if [ -n "${FOLDER}" ]; then
-      WORKSPACE_DIR="${FOLDER}"
-    fi
-
-    if [ -f "$WORKSPACE_DIR/.vscode/extensions.json" ]; then
-      printf "🧩 Installing extensions from %s/.vscode/extensions.json...\n" "$WORKSPACE_DIR"
-      # Use sed to remove single-line comments before parsing with jq
-      extensions=$(sed 's|//.*||g' "$WORKSPACE_DIR"/.vscode/extensions.json | jq -r '.recommendations[]')
+    # Prefer WORKSPACE if set and points to a file
+    if [ -n "${WORKSPACE}" ] && [ -f "${WORKSPACE}" ]; then
+      printf "🧩 Installing extensions from %s...\n" "${WORKSPACE}"
+      # Strip single-line comments then parse .extensions.recommendations[]
+      extensions=$(sed 's|//.*||g' "${WORKSPACE}" | jq -r '(.extensions.recommendations // [])[]')
      for extension in $extensions; do
        $VSCODE_WEB "$EXTENSION_ARG" --install-extension "$extension" --force
      done
+    else
+      # Fallback to folder-based .vscode/extensions.json (existing behavior)
+      WORKSPACE_DIR="$HOME"
+      if [ -n "${FOLDER}" ]; then
+        WORKSPACE_DIR="${FOLDER}"
+      fi
+      if [ -f "$WORKSPACE_DIR/.vscode/extensions.json" ]; then
+        printf "🧩 Installing extensions from %s/.vscode/extensions.json...\n" "$WORKSPACE_DIR"
+        extensions=$(sed 's|//.*||g' "$WORKSPACE_DIR/.vscode/extensions.json" | jq -r '.recommendations[]')
+        for extension in $extensions; do
+          $VSCODE_WEB "$EXTENSION_ARG" --install-extension "$extension" --force
+        done
+      fi
    fi
  fi
 fi
@@ -0,0 +1,13 @@
+---
+display_name: "Muhammad Uamir Ali"
+bio: "Cloud Engineer | Infrastructure as code, Kubernetes | SRE"
+github: "m4rrypro"
+avatar: "./.images/avatar.jpeg"
+linkedin: "https://www.linkedin.com/in/m4rry"
+support_email: "m.umair.ali200@gmail.com"
+status: "community"
+---
+
+# Muhammad Umair Ali
+
+Cloud Engineer | Infrastructure as code, Kubernetes | SRE
@@ -0,0 +1,161 @@
+---
+display_name: Proxmox VM
+description: Provision VMs on Proxmox VE as Coder workspaces
+icon: ../../../../.icons/proxmox.svg
+verified: false
+tags: [proxmox, vm, cloud-init, qemu]
+---
+
+# Proxmox VM Template for Coder
+
+Provision Linux VMs on Proxmox as [Coder workspaces](https://coder.com/docs/workspaces). The template clones a cloud‑init base image, injects user‑data via Snippets, and runs the Coder agent under the workspace owner's Linux user.
+
+## Prerequisites
+
+- Proxmox VE 8/9
+- Proxmox API token with access to nodes and storages
+- SSH access from Coder provisioner to Proxmox VE
+- Storage with "Snippets" content enabled
+- Ubuntu cloud‑init image/template on Proxmox
+  - Latest images: https://cloud-images.ubuntu.com/ ([source](https://cloud-images.ubuntu.com/))
+
+## Prepare a Proxmox Cloud‑Init Template (once)
+
+Run on the Proxmox node. This uses a RELEASE variable so you always pull a current image.
+
+```bash
+# Choose a release (e.g., jammy or noble)
+RELEASE=jammy
+IMG_URL="https://cloud-images.ubuntu.com/${RELEASE}/current/${RELEASE}-server-cloudimg-amd64.img"
+IMG_PATH="/var/lib/vz/template/iso/${RELEASE}-server-cloudimg-amd64.img"
+
+# Download cloud image
+wget "$IMG_URL" -O "$IMG_PATH"
+
+# Create base VM (example ID 999), enable QGA, correct boot order
+NAME="ubuntu-${RELEASE}-cloudinit"
+qm create 999 --name "$NAME" --memory 4096 --cores 2 \
+  --net0 virtio,bridge=vmbr0 --agent enabled=1
+qm set 999 --scsihw virtio-scsi-pci
+qm importdisk 999 "$IMG_PATH" local-lvm
+qm set 999 --scsi0 local-lvm:vm-999-disk-0
+qm set 999 --ide2 local-lvm:cloudinit
+qm set 999 --serial0 socket --vga serial0
+qm set 999 --boot 'order=scsi0;ide2;net0'
+
+# Enable Snippets on storage 'local' (one‑time)
+pvesm set local --content snippets,vztmpl,backup,iso
+
+# Convert to template
+qm template 999
+```
+
+Verify:
+
+```bash
+qm config 999 | grep -E 'template:|agent:|boot:|ide2:|scsi0:'
+```
+
+### Enable Snippets via GUI
+
+- Datacenter → Storage → select `local` → Edit → Content → check "Snippets" → OK
+- Ensure `/var/lib/vz/snippets/` exists on the node for snippet files
+- Template page → Cloud‑Init → Snippet Storage: `local` → File: your yml → Apply
+
+## Configure this template
+
+Edit `terraform.tfvars` with your environment:
+
+```hcl
+# Proxmox API
+proxmox_api_url          = "https://<PVE_HOST>:8006/api2/json"
+proxmox_api_token_id     = "<USER@REALM>!<TOKEN>"
+proxmox_api_token_secret = "<SECRET>"
+
+# SSH to the node (for snippet upload)
+proxmox_host     = "<PVE_HOST>"
+proxmox_password = "<NODE_ROOT_OR_SUDO_PASSWORD>"
+proxmox_ssh_user = "root"
+
+# Infra defaults
+proxmox_node        = "pve"
+disk_storage        = "local-lvm"
+snippet_storage     = "local"
+bridge              = "vmbr0"
+vlan                = 0
+clone_template_vmid = 999
+```
+
+### Variables (terraform.tfvars)
+
+- These values are standard Terraform variables that the template reads at apply time.
+- Place secrets (e.g., `proxmox_api_token_secret`, `proxmox_password`) in `terraform.tfvars` or inject with environment variables using `TF_VAR_*` (e.g., `TF_VAR_proxmox_api_token_secret`).
+- You can also override with `-var`/`-var-file` if you run Terraform directly. With Coder, the repo's `terraform.tfvars` is bundled when pushing the template.
+
+Variables expected:
+
+- `proxmox_api_url`, `proxmox_api_token_id`, `proxmox_api_token_secret` (sensitive)
+- `proxmox_host`, `proxmox_password` (sensitive), `proxmox_ssh_user`
+- `proxmox_node`, `disk_storage`, `snippet_storage`, `bridge`, `vlan`, `clone_template_vmid`
+- Coder parameters: `cpu_cores`, `memory_mb`, `disk_size_gb`
+
+## Proxmox API Token (GUI/CLI)
+
+Docs: https://pve.proxmox.com/wiki/User_Management#pveum_tokens
+
+GUI:
+
+1. (Optional) Create automation user: Datacenter → Permissions → Users → Add (e.g., `terraform@pve`)
+2. Permissions: Datacenter → Permissions → Add → User Permission
+   - Path: `/` (or narrower covering your nodes/storages)
+   - Role: `PVEVMAdmin` + `PVEStorageAdmin` (or `PVEAdmin` for simplicity)
+3. Token: Datacenter → Permissions → API Tokens → Add → copy Token ID and Secret
+4. Test:
+
+```bash
+curl -k -H "Authorization: PVEAPIToken=<USER@REALM>!<TOKEN>=<SECRET>" \
+  https:// < PVE_HOST > :8006/api2/json/version
+```
+
+CLI:
+
+```bash
+pveum user add terraform@pve --comment 'Terraform automation user'
+pveum aclmod / -user terraform@pve -role PVEAdmin
+pveum user token add terraform@pve terraform --privsep 0
+```
+
+## Use
+
+```bash
+# From this directory
+coder templates push --yes proxmox-cloudinit --directory . | cat
+```
+
+Create a workspace from the template in the Coder UI. First boot usually takes 60–120s while cloud‑init runs.
+
+## How it works
+
+- Uploads rendered cloud‑init user‑data to `<storage>:snippets/<vm>.yml` via the provider's `proxmox_virtual_environment_file`
+- VM config: `virtio-scsi-pci`, boot order `scsi0, ide2, net0`, QGA enabled
+- Linux user equals Coder workspace owner (sanitized). To avoid collisions, reserved names (`admin`, `root`, etc.) get a suffix (e.g., `admin1`). User is created with `primary_group: adm`, `groups: [sudo]`, `no_user_group: true`
+- systemd service runs as that user:
+  - `coder-agent.service`
+
+## Troubleshooting quick hits
+
+- iPXE boot loop: ensure template has bootable root disk and boot order `scsi0,ide2,net0`
+- QGA not responding: install/enable QGA in template; allow 60–120s on first boot
+- Snippet upload errors: storage must include `Snippets`; token needs Datastore permissions; path format `<storage>:snippets/<file>` handled by provider
+- Permissions errors: ensure the token's role covers the target node(s) and storages
+- Verify snippet/QGA: `qm config <vmid> | egrep 'cicustom|ide2|ciuser'`
+
+## References
+
+- Ubuntu Cloud Images (latest): https://cloud-images.ubuntu.com/ ([source](https://cloud-images.ubuntu.com/))
+- Proxmox qm(1) manual: https://pve.proxmox.com/pve-docs/qm.1.html
+- Proxmox Cloud‑Init Support: https://pve.proxmox.com/wiki/Cloud-Init_Support
+- Terraform Proxmox provider (bpg): `bpg/proxmox` on the Terraform Registry
+- Coder – Best practices & templates:
+  - https://coder.com/docs/tutorials/best-practices/speed-up-templates
+  - https://coder.com/docs/tutorials/template-from-scratch
@@ -0,0 +1,53 @@
+#cloud-config
+hostname: ${hostname}
+
+users:
+  - name: ${linux_user}
+    groups: [sudo]
+    shell: /bin/bash
+    sudo: ["ALL=(ALL) NOPASSWD:ALL"]
+
+package_update: false
+package_upgrade: false
+packages:
+  - curl
+  - ca-certificates
+  - git
+  - jq
+
+write_files:
+  - path: /opt/coder/init.sh
+    permissions: "0755"
+    owner: root:root
+    encoding: b64
+    content: |
+      ${coder_init_script_b64}
+
+  - path: /etc/systemd/system/coder-agent.service
+    permissions: "0644"
+    owner: root:root
+    content: |
+      [Unit]
+      Description=Coder Agent
+      Wants=network-online.target
+      After=network-online.target
+
+      [Service]
+      Type=simple
+      User=${linux_user}
+      WorkingDirectory=/home/${linux_user}
+      Environment=HOME=/home/${linux_user}
+      Environment=CODER_AGENT_TOKEN=${coder_token}
+      ExecStart=/opt/coder/init.sh
+      OOMScoreAdjust=-1000
+      Restart=always
+      RestartSec=5
+
+      [Install]
+      WantedBy=multi-user.target
+
+runcmd:
+  - systemctl daemon-reload
+  - systemctl enable --now coder-agent.service
+
+final_message: "Cloud-init complete on ${hostname}" 
@@ -0,0 +1,283 @@
+terraform {
+  required_providers {
+    coder = {
+      source = "coder/coder"
+    }
+    proxmox = {
+      source = "bpg/proxmox"
+    }
+  }
+}
+
+provider "coder" {}
+
+provider "proxmox" {
+  endpoint  = var.proxmox_api_url
+  api_token = "${var.proxmox_api_token_id}=${var.proxmox_api_token_secret}"
+  insecure  = true
+
+  # SSH is needed for file uploads to Proxmox
+  ssh {
+    username = var.proxmox_ssh_user
+    password = var.proxmox_password
+
+    node {
+      name    = var.proxmox_node
+      address = var.proxmox_host
+    }
+  }
+}
+
+variable "proxmox_api_url" {
+  type = string
+}
+
+variable "proxmox_api_token_id" {
+  type      = string
+  sensitive = true
+}
+
+variable "proxmox_api_token_secret" {
+  type      = string
+  sensitive = true
+}
+
+
+variable "proxmox_host" {
+  description = "Proxmox node IP or DNS for SSH"
+  type        = string
+}
+
+variable "proxmox_password" {
+  description = "Proxmox password (used for SSH)"
+  type        = string
+  sensitive   = true
+}
+
+variable "proxmox_ssh_user" {
+  description = "SSH username on Proxmox node"
+  type        = string
+  default     = "root"
+}
+
+variable "proxmox_node" {
+  description = "Target Proxmox node"
+  type        = string
+  default     = "pve"
+}
+variable "disk_storage" {
+  description = "Disk storage (e.g., local-lvm)"
+  type        = string
+  default     = "local-lvm"
+}
+
+variable "snippet_storage" {
+  description = "Storage with Snippets content"
+  type        = string
+  default     = "local"
+}
+
+variable "bridge" {
+  description = "Bridge (e.g., vmbr0)"
+  type        = string
+  default     = "vmbr0"
+}
+
+variable "vlan" {
+  description = "VLAN tag (0 none)"
+  type        = number
+  default     = 0
+}
+
+variable "clone_template_vmid" {
+  description = "VMID of the cloud-init base template to clone"
+  type        = number
+}
+
+data "coder_workspace" "me" {}
+data "coder_workspace_owner" "me" {}
+
+data "coder_parameter" "cpu_cores" {
+  name         = "cpu_cores"
+  display_name = "CPU Cores"
+  type         = "number"
+  default      = 2
+  mutable      = true
+}
+
+data "coder_parameter" "memory_mb" {
+  name         = "memory_mb"
+  display_name = "Memory (MB)"
+  type         = "number"
+  default      = 4096
+  mutable      = true
+}
+
+data "coder_parameter" "disk_size_gb" {
+  name         = "disk_size_gb"
+  display_name = "Disk Size (GB)"
+  type         = "number"
+  default      = 20
+  mutable      = true
+  validation {
+    min       = 10
+    max       = 100
+    monotonic = "increasing"
+  }
+}
+
+resource "coder_agent" "dev" {
+  arch = "amd64"
+  os   = "linux"
+
+  env = {
+    GIT_AUTHOR_NAME  = data.coder_workspace_owner.me.name
+    GIT_AUTHOR_EMAIL = data.coder_workspace_owner.me.email
+  }
+
+  startup_script_behavior = "non-blocking"
+  startup_script          = <<-EOT
+    set -e
+    # Add any startup scripts here
+  EOT
+
+  metadata {
+    display_name = "CPU Usage"
+    key          = "cpu_usage"
+    script       = "coder stat cpu"
+    interval     = 10
+    timeout      = 1
+    order        = 1
+  }
+
+  metadata {
+    display_name = "RAM Usage"
+    key          = "ram_usage"
+    script       = "coder stat mem"
+    interval     = 10
+    timeout      = 1
+    order        = 2
+  }
+
+  metadata {
+    display_name = "Disk Usage"
+    key          = "disk_usage"
+    script       = "coder stat disk"
+    interval     = 600
+    timeout      = 30
+    order        = 3
+  }
+}
+
+locals {
+  hostname         = lower(data.coder_workspace.me.name)
+  vm_name          = "coder-${lower(data.coder_workspace_owner.me.name)}-${local.hostname}"
+  snippet_filename = "${local.vm_name}.yml"
+  base_user        = replace(replace(replace(lower(data.coder_workspace_owner.me.name), " ", "-"), "/", "-"), "@", "-")             # to avoid special characters in the username
+  linux_user       = contains(["root", "admin", "daemon", "bin", "sys"], local.base_user) ? "${local.base_user}1" : local.base_user # to avoid conflict with system users
+
+  rendered_user_data = templatefile("${path.module}/cloud-init/user-data.tftpl", {
+    coder_token           = coder_agent.dev.token
+    coder_init_script_b64 = base64encode(coder_agent.dev.init_script)
+    hostname              = local.vm_name
+    linux_user            = local.linux_user
+  })
+}
+
+resource "proxmox_virtual_environment_file" "cloud_init_user_data" {
+  content_type = "snippets"
+  datastore_id = var.snippet_storage
+  node_name    = var.proxmox_node
+
+  source_raw {
+    data      = local.rendered_user_data
+    file_name = local.snippet_filename
+  }
+}
+
+resource "proxmox_virtual_environment_vm" "workspace" {
+  name      = local.vm_name
+  node_name = var.proxmox_node
+
+  clone {
+    node_name = var.proxmox_node
+    vm_id     = var.clone_template_vmid
+    full      = false
+    retries   = 5
+  }
+
+  agent {
+    enabled = true
+  }
+
+  on_boot = true
+  started = true
+
+  startup {
+    order = 1
+  }
+
+  scsi_hardware = "virtio-scsi-pci"
+  boot_order    = ["scsi0", "ide2"]
+
+  memory {
+    dedicated = data.coder_parameter.memory_mb.value
+  }
+
+  cpu {
+    cores   = data.coder_parameter.cpu_cores.value
+    sockets = 1
+    type    = "host"
+  }
+
+  network_device {
+    bridge  = var.bridge
+    model   = "virtio"
+    vlan_id = var.vlan == 0 ? null : var.vlan
+  }
+
+  vga {
+    type = "serial0"
+  }
+
+  serial_device {
+    device = "socket"
+  }
+
+  disk {
+    interface    = "scsi0"
+    datastore_id = var.disk_storage
+    size         = data.coder_parameter.disk_size_gb.value
+  }
+
+  initialization {
+    type         = "nocloud"
+    datastore_id = var.disk_storage
+
+    user_data_file_id = proxmox_virtual_environment_file.cloud_init_user_data.id
+
+    ip_config {
+      ipv4 {
+        address = "dhcp"
+      }
+    }
+  }
+
+  tags = ["coder", "workspace", local.vm_name]
+
+  depends_on = [proxmox_virtual_environment_file.cloud_init_user_data]
+}
+
+module "code-server" {
+  count    = data.coder_workspace.me.start_count
+  source   = "registry.coder.com/coder/code-server/coder"
+  version  = "1.3.1"
+  agent_id = coder_agent.dev.id
+}
+
+module "cursor" {
+  count    = data.coder_workspace.me.start_count
+  source   = "registry.coder.com/coder/cursor/coder"
+  version  = "1.3.0"
+  agent_id = coder_agent.dev.id
+}
@@ -28,7 +28,6 @@ JSON_OUTPUT='{
 readonly EXIT_SUCCESS=0
 readonly EXIT_ERROR=1
 readonly EXIT_NO_ACTION_NEEDED=2
-readonly EXIT_VALIDATION_FAILED=3

 usage() {
  cat << EOF
@@ -52,7 +51,7 @@ EXAMPLES:
  $0 -m code-server -d    # Target specific module
  $0 -n coder -m code-server -d  # Target module in namespace

-Exit codes: 0=success, 1=error, 2=no action needed, 3=validation failed
+Exit codes: 0=success, 1=error, 2=no action needed
 EOF
  exit 0
 }
@@ -230,29 +229,38 @@ extract_version_from_readme() {
    return 1
  }

-  local version_line
-  version_line=$(grep -E "source[[:space:]]*=[[:space:]]*\"registry\.coder\.com/${namespace}/${module_name}" "$readme_path" | head -1 || echo "")
+  local version
+  version=$(extract_version_from_module_block "$readme_path" "$namespace" "$module_name")

-  if [ -n "$version_line" ]; then
-    local version
-    version=$(echo "$version_line" | sed -n 's/.*version[[:space:]]*=[[:space:]]*"\([^"]*\)".*/\1/p')
-    if [ -n "$version" ]; then
-      log "DEBUG" "Found version '$version' from source line: $version_line"
-      echo "$version"
-      return 0
-    fi
-  fi
-
-  local fallback_version
-  fallback_version=$(grep -E 'version[[:space:]]*=[[:space:]]*"[0-9]+\.[0-9]+\.[0-9]+"' "$readme_path" | head -1 | sed 's/.*version[[:space:]]*=[[:space:]]*"\([^"]*\)".*/\1/' || echo "")
-
-  if [ -n "$fallback_version" ]; then
-    log "DEBUG" "Found fallback version '$fallback_version'"
-    echo "$fallback_version"
+  if [ -n "$version" ]; then
+    log "DEBUG" "Found version '$version' from module block for $namespace/$module_name"
+    echo "$version"
    return 0
  fi

-  log "DEBUG" "No version found in $readme_path"
+  log "DEBUG" "No version found in module block for $namespace/$module_name in $readme_path"
+  return 1
+}
+
+extract_version_from_module_block() {
+  local readme_path="$1"
+  local namespace="$2"
+  local module_name="$3"
+
+  local version
+  version=$(grep -A 10 "source[[:space:]]*=[[:space:]]*\"registry\.coder\.com/${namespace}/${module_name}/coder" "$readme_path" \
+    | sed '/^[[:space:]]*}/q' \
+    | grep -E "version[[:space:]]*=[[:space:]]*\"[^\"]+\"" \
+    | head -1 \
+    | sed 's/.*version[[:space:]]*=[[:space:]]*"\([^"]*\)".*/\1/')
+
+  if [ -n "$version" ]; then
+    log "DEBUG" "Found version '$version' for $namespace/$module_name"
+    echo "$version"
+    return 0
+  fi
+
+  log "DEBUG" "No version found within module block for $namespace/$module_name"
  return 1
 }

@@ -300,7 +308,9 @@ detect_modules_needing_tags() {
  fi

  local all_modules
-  all_modules=$(find registry -mindepth 3 -maxdepth 3 -type d -path "*/modules/*" | sort -u || echo "")
+  # Find all module directories, excluding hidden directories
+  # This works on both macOS and Linux
+  all_modules=$(find registry -mindepth 3 -maxdepth 3 -type d -path "*/modules/*" ! -name ".*" | sort -u || echo "")

  [ -z "$all_modules" ] && {
    log "ERROR" "No modules found to check"
@@ -546,7 +556,7 @@ create_and_push_tags() {
    echo ""
  fi

-  if [ $pushed_tags -gt 0 ]; then
+  if [ "$pushed_tags" -gt 0 ]; then
    if [[ "$OUTPUT_FORMAT" != "json" ]]; then
      log "SUCCESS" "🎉 Successfully created and pushed $pushed_tags release tags!"
      echo ""
@@ -606,7 +616,7 @@ main() {
  detect_exit_code=$?

  case $detect_exit_code in
-    $EXIT_NO_ACTION_NEEDED)
+    "$EXIT_NO_ACTION_NEEDED")
      if [[ "$OUTPUT_FORMAT" == "json" ]]; then
        finalize_json_output "$@"
      else
@@ -614,7 +624,7 @@ main() {
      fi
      exit $EXIT_SUCCESS
      ;;
-    $EXIT_ERROR)
+    "$EXIT_ERROR")
      if [[ "$OUTPUT_FORMAT" == "json" ]]; then
        JSON_OUTPUT=$(echo "$JSON_OUTPUT" | jq '.summary.operation_status = "scan_failed"')
        finalize_json_output "$@"
Author	SHA1	Message	Date
Rowan Smith	a69accbad5	feat: Add support to the vscode-web module for loading workspaces at startup (#349 )	2025-08-21 13:43:00 +05:00
chgl	29e5307121	Actually use the home dir kasmvnc.yaml to retrieve the httpd_directory setting (#342 )	2025-08-20 14:06:10 +05:00
Harsh Singh Panwar	545a245530	feat: Sourcegraph Amp module (#257 ) Closes #238 /claim #238 ## Description Video - https://www.loom.com/share/59e80a7fa3e54973bb0318132bc849a7?sid=4900077a-6fdb-4760-978c-9ad2e2daa9d8 <img width="1365" height="599" alt="Screenshot 2025-08-02 164234" src="https://github.com/user-attachments/assets/56ec7dc3-bc41-4976-9b78-3d6c011d80fe" /> <!-- Briefly describe what this PR does and why --> ## Type of Change - [x] New module - [ ] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> Path: `registry/harsh9485]/modules/sourcegraph_amp` New version: `v1.0.0` Breaking change: [ ] Yes [x] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun run fmt`) - [x] Changes tested locally ## Related Issues <!-- Link related issues or write "None" if not applicable --> --------- Co-authored-by: Atif Ali <atif@coder.com> Co-authored-by: DevCats <christofer@coder.com>	2025-08-19 15:25:17 -05:00
m4rrypro	c554463d4d	Add Proxmox-Vm template (#329 ) Closes #212 /claim #212 ## Description Adds a Proxmox VM template ## Type of Change - [ ] New module - [x] New template - [ ] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Testing & Validation - [x] Code formatted (`bun run fmt`) - [x] Changes tested locally https://github.com/user-attachments/assets/d0fcdb6a-3451-4eaa-855d-912ac0cd4c45 --------- Co-authored-by: Atif Ali <me@matifali.dev>	2025-08-19 14:29:49 -05:00
Atif Ali	4ea87a6e01	chore: use light openai logo (#341 ) Co-authored-by: DevelopmentCats <christofer@coder.com>	2025-08-19 19:24:45 +05:00
Atif Ali	f5a571679a	chore: fix module detection to exclude hidden dirs (#339 ) ## Before ```console 🚀 Coder Registry Tag Release Script Operating on commit: `4238f38353` 🔍 Scanning all modules for missing release tags... ⚠️ anomaly/.coder: No version found in README, skipping ✅ anomaly/tmux: v1.0.0 (already tagged) ⚠️ coder-labs/.coder: No version found in README, skipping ✅ coder-labs/cursor-cli: v0.1.1 (already tagged) ✅ coder-labs/gemini: v1.1.0 (already tagged) ⚠️ coder-labs/jetbrains-fleet: No version found in README, skipping ⚠️ coder/.coder: No version found in README, skipping ✅ coder/agentapi: v1.1.1 (already tagged) ✅ coder/aider: v1.1.2 (already tagged) ✅ coder/amazon-dcv-windows: v1.1.1 (already tagged) ✅ coder/amazon-q: v1.1.2 (already tagged) ✅ coder/aws-region: v1.0.31 (already tagged) ✅ coder/azure-region: v1.0.31 (already tagged) ✅ coder/claude-code: v2.1.0 (already tagged) ✅ coder/code-server: v1.3.1 (already tagged) ✅ coder/coder-login: v1.0.31 (already tagged) ✅ coder/cursor: v1.3.1 (already tagged) ✅ coder/devcontainers-cli: v1.0.32 (already tagged) ✅ coder/dotfiles: v1.2.1 (already tagged) ✅ coder/filebrowser: v1.1.2 (already tagged) ✅ coder/fly-region: v1.0.31 (already tagged) ✅ coder/gcp-region: v1.0.31 (already tagged) ✅ coder/git-clone: v1.1.1 (already tagged) ✅ coder/git-commit-signing: v1.0.31 (already tagged) ✅ coder/git-config: v1.0.31 (already tagged) ✅ coder/github-upload-public-key: v1.0.31 (already tagged) ✅ coder/goose: v2.1.1 (already tagged) ✅ coder/hcp-vault-secrets: v1.0.34 (already tagged) ✅ coder/jetbrains: v1.0.3 (already tagged) ✅ coder/jetbrains-fleet: v1.0.1 (already tagged) ✅ coder/jetbrains-gateway: v1.2.2 (already tagged) ✅ coder/jfrog-oauth: v1.0.31 (already tagged) ✅ coder/jfrog-token: v1.0.31 (already tagged) ✅ coder/jupyter-notebook: v1.2.0 (already tagged) ✅ coder/jupyterlab: v1.1.1 (already tagged) ✅ coder/kasmvnc: v1.2.1 (already tagged) ✅ coder/kiro: v1.0.0 (already tagged) ✅ coder/local-windows-rdp: v1.0.2 (already tagged) ✅ coder/personalize: v1.0.31 (already tagged) ✅ coder/slackme: v1.0.31 (already tagged) ✅ coder/vault-github: v1.0.31 (already tagged) ✅ coder/vault-jwt: v1.1.1 (already tagged) ✅ coder/vault-token: v1.2.1 (already tagged) ✅ coder/vscode-desktop: v1.1.1 (already tagged) ✅ coder/vscode-desktop-core: v1.0.0 (already tagged) ✅ coder/vscode-web: v1.3.1 (already tagged) ✅ coder/windows-rdp: v1.2.3 (already tagged) ✅ coder/windsurf: v1.1.1 (already tagged) ✅ coder/zed: v1.1.0 (already tagged) ✅ nataindata/apache-airflow: v1.0.14 (already tagged) ✅ thezoker/nodejs: v1.0.11 (already tagged) ⚠️ whizus/.coder: No version found in README, skipping ✅ whizus/exoscale-instance-type: v1.0.13 (already tagged) ✅ whizus/exoscale-zone: v1.0.13 (already tagged) 📊 Summary: 0 of 54 modules need tagging ✅ 🎉 All modules are up to date! No tags needed. ``` ## After ```console 🚀 Coder Registry Tag Release Script Operating on commit: `7f9725209f` 🔍 Scanning all modules for missing release tags... ✅ anomaly/tmux: v1.0.0 (already tagged) ✅ coder-labs/cursor-cli: v0.1.1 (already tagged) ✅ coder-labs/gemini: v1.1.0 (already tagged) ✅ coder/agentapi: v1.1.1 (already tagged) ✅ coder/aider: v1.1.2 (already tagged) ✅ coder/amazon-dcv-windows: v1.1.1 (already tagged) ✅ coder/amazon-q: v1.1.2 (already tagged) ✅ coder/aws-region: v1.0.31 (already tagged) ✅ coder/azure-region: v1.0.31 (already tagged) ✅ coder/claude-code: v2.1.0 (already tagged) ✅ coder/code-server: v1.3.1 (already tagged) ✅ coder/coder-login: v1.0.31 (already tagged) ✅ coder/cursor: v1.3.1 (already tagged) ✅ coder/devcontainers-cli: v1.0.32 (already tagged) ✅ coder/dotfiles: v1.2.1 (already tagged) ✅ coder/filebrowser: v1.1.2 (already tagged) ✅ coder/fly-region: v1.0.31 (already tagged) ✅ coder/gcp-region: v1.0.31 (already tagged) ✅ coder/git-clone: v1.1.1 (already tagged) ✅ coder/git-commit-signing: v1.0.31 (already tagged) ✅ coder/git-config: v1.0.31 (already tagged) ✅ coder/github-upload-public-key: v1.0.31 (already tagged) ✅ coder/goose: v2.1.1 (already tagged) ✅ coder/hcp-vault-secrets: v1.0.34 (already tagged) ✅ coder/jetbrains: v1.0.3 (already tagged) ✅ coder/jetbrains-fleet: v1.0.1 (already tagged) ✅ coder/jetbrains-gateway: v1.2.2 (already tagged) ✅ coder/jfrog-oauth: v1.0.31 (already tagged) ✅ coder/jfrog-token: v1.0.31 (already tagged) ✅ coder/jupyter-notebook: v1.2.0 (already tagged) ✅ coder/jupyterlab: v1.1.1 (already tagged) ✅ coder/kasmvnc: v1.2.1 (already tagged) ✅ coder/kiro: v1.0.0 (already tagged) ✅ coder/local-windows-rdp: v1.0.2 (already tagged) ✅ coder/personalize: v1.0.31 (already tagged) ✅ coder/slackme: v1.0.31 (already tagged) ✅ coder/vault-github: v1.0.31 (already tagged) ✅ coder/vault-jwt: v1.1.1 (already tagged) ✅ coder/vault-token: v1.2.1 (already tagged) ✅ coder/vscode-desktop: v1.1.1 (already tagged) ✅ coder/vscode-desktop-core: v1.0.0 (already tagged) ✅ coder/vscode-web: v1.3.1 (already tagged) ✅ coder/windows-rdp: v1.2.3 (already tagged) ✅ coder/windsurf: v1.1.1 (already tagged) ✅ coder/zed: v1.1.0 (already tagged) ✅ nataindata/apache-airflow: v1.0.14 (already tagged) ✅ thezoker/nodejs: v1.0.11 (already tagged) ✅ whizus/exoscale-instance-type: v1.0.13 (already tagged) ✅ whizus/exoscale-zone: v1.0.13 (already tagged) 📊 Summary: 0 of 49 modules need tagging ✅ 🎉 All modules are up to date! No tags needed. ```	2025-08-19 17:34:54 +05:00
35C4n0r	0e1dcd3a80	feat: support codex cli (#281 ) Co-authored-by: Hugo Dutka <dutkahugo@gmail.com> Co-authored-by: DevCats <christofer@coder.com>	2025-08-19 13:59:00 +05:00
35C4n0r	4238f38353	fix: reformat cursor cli readme (#336 ) Closes # ## Description <!-- Briefly describe what this PR does and why --> ## Type of Change - [ ] New module - [ ] Bug fix - [ ] Feature/enhancement - [x] Documentation - [ ] Other ## Module Information <!-- Delete this section if not applicable --> Path: `registry/[namespace]/modules/[module-name]` New version: `v1.0.0` Breaking change: [ ] Yes [ ] No ## Testing & Validation - [x] Tests pass (`bun test`) - [x] Code formatted (`bun run fmt`) - [x] Changes tested locally ## Related Issues <!-- Link related issues or write "None" if not applicable --> --------- Co-authored-by: Atif Ali <me@matifali.dev> Co-authored-by: DevCats <christofer@coder.com>	2025-08-18 14:43:32 -05:00
DevCats	858799ce20	fix: update version extraction to be more robust, ensure compatibility (#337 ) ## Description Update version detection to always detect named module block, and extract version from same module block. Ensure that script is completely compatible for all Unix environments. <!-- Briefly describe what this PR does and why --> ## Type of Change - [ ] New module - [X] Bug fix - [ ] Feature/enhancement - [ ] Documentation - [ ] Other ## Testing & Validation - [ ] Tests pass (`bun test`) - [X] Code formatted (`bun run fmt`) - [X] Changes tested locally	2025-08-18 14:36:29 -05:00