{ description = "Reusable jailed LLM agents (opencode)"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; jail-nix.url = "sourcehut:~alexdavid/jail.nix"; llm-agents.url = "github:numtide/llm-agents.nix"; flake-utils.url = "github:numtide/flake-utils"; }; outputs = { self, nixpkgs, flake-utils, jail-nix, llm-agents, ... }: flake-utils.lib.eachDefaultSystem ( system: let pkgs = nixpkgs.legacyPackages.${system}; jail = jail-nix.lib.init pkgs; makeJailedAgent = { name, pkg, extraPkgs ? [ ], extraCombinators ? [ ], }: jail name pkg ( with jail.combinators; ( [ network time-zone no-new-session mount-cwd (readwrite (noescape "~/.config/${name}")) (readwrite (noescape "~/.local/share/${name}")) (readwrite (noescape "~/.local/state/${name}")) (add-pkg-deps ( with pkgs; [ bashInteractive curl wget jq git which ripgrep gnugrep gawkInteractive ps findutils gzip unzip gnutar diffutils ] )) (add-pkg-deps extraPkgs) ] ++ extraCombinators ) ); opencodePkg = llm-agents.packages.${system}.opencode; opencode-jailed = makeJailedAgent { name = "opencode"; pkg = opencodePkg; }; in { packages = { inherit opencode-jailed; }; lib = { # Call as: inputs.jailed-agents.lib.makeJailedOpencode system { extraPkgs = [...]; } makeJailedOpencode = system': { extraPkgs ? [ ], extraCombinators ? [ ], }: let pkgs' = nixpkgs.legacyPackages.${system'}; jail' = jail-nix.lib.init pkgs'; pkg' = llm-agents.packages.${system'}.opencode; in jail' "opencode" pkg' ( with jail'.combinators; ( [ network time-zone no-new-session mount-cwd (readwrite (noescape "~/.config/opencode")) (readwrite (noescape "~/.local/share/opencode")) (readwrite (noescape "~/.local/state/opencode")) (add-pkg-deps ( with pkgs'; [ bashInteractive curl wget jq git which ripgrep gnugrep gawkInteractive ps findutils gzip unzip gnutar diffutils ] )) (add-pkg-deps extraPkgs) ] ++ extraCombinators ) ); }; } ); }