{ pkgs, lib, mainUser, ... }: let clodTools = with pkgs; [ bash procps ripgrep socat bubblewrap ]; mkClod = { confDir ? null, suffix ? null, }: let version = "2.1.62"; runtimeDeps = lib.makeBinPath clodTools; patchScript = pkgs.writeScript "patch-claude-src" '' #!${pkgs.python3}/bin/python3 import re, sys W = rb"[\w$]+" data = open(sys.argv[1], "rb").read() pat = (rb"let (" + W + rb")=(" + W + rb")\((" + W + rb'),"CLAUDE\.md"\);' rb"(" + W + rb")\.push\(\.\.\.(" + W + rb')\(\1,"Project",([^)]+)\)\)') def agents(m): v, pj, d, a, lf, rest = [m.group(i) for i in range(1, 7)] return (b'for(let _f of["CLAUDE.md","AGENTS.md"]){let ' + v + b"=" + pj + b"(" + d + b",_f);" + a + b".push(..." + lf + b"(" + v + b',"Project",' + rest + b"))}") data, n = re.subn(pat, agents, data) sys.stderr.write(f"AGENTS.md: {n} site(s)\n") data = data.replace( b'case"macos":return"/Library/Application Support/ClaudeCode"', b'case"macos":return"/etc/claude-code"', ) # Enable hard-disabled slash commands: /btw, /files, /tag for anchor, label in [ (b'name:"btw",description:"Ask a quick side question', b"/btw"), (b'name:"files",description:"List all files currently in context"', b"/files"), (b'name:"tag",userFacingName', b"/tag"), ]: pos = data.find(anchor) if pos < 0: sys.stderr.write(f"{label.decode()}: NOT FOUND\n"); continue window = data[pos:pos+500] patched = window.replace(b"isEnabled:()=>!1", b"isEnabled:()=>!0", 1) data = data[:pos] + patched + data[pos+500:] sys.stderr.write(f"{label.decode()}: enabled\n") # Bypass e2() for thinkback (e2 returns false when DISABLE_TELEMETRY is set) data = data.replace( b'e2("tengu_thinkback")', b'!0||"tengu_thinkback"', ) sys.stderr.write("thinkback: force-enabled\n") # Enable custom keybindings (qA default is false, flip to true) data = data.replace( b'qA("tengu_keybinding_customization_release",!1)', b'qA("tengu_keybinding_customization_release",!0)', ) sys.stderr.write("keybindings: force-enabled\n") # Force-enable remote control / bridge feature gate data = data.replace( b'function ek(){return qA("tengu_ccr_bridge",!1)}', b'function ek(){return!0} ', ) sys.stderr.write("remote-control: force-enabled\n") # Fix Deno-compile bridge spawn: Deno compiled binaries intercept --flags # as V8 flags. Rewrite spawn to go through env(1) which breaks the Deno # runtime's flag parsing. data = data.replace( b'let O=iHz(A.execPath,$,', b'let O=iHz("env",["--",A.execPath,...$],', ) sys.stderr.write("bridge-spawn: patched via env(1)\n") # Kill claude-developer-platform bundled skill (~400 tokens/turn dead weight) data = data.replace( b'name:"claude-developer-platform",description:`', b'name:"claude-developer-platform",isEnabled:()=>!1,description:`', ) sys.stderr.write("claude-developer-platform: killed\n") pat = (rb"context_window:\{total_input_tokens:(" + W + rb"\(\))," rb"total_output_tokens:(" + W + rb"\(\))," rb"context_window_size:(" + W + rb")," rb"current_usage:(" + W + rb")," rb"used_percentage:(" + W + rb")\.used," rb"remaining_percentage:\5\.remaining\}") rl = re.search(rb"(" + W + rb')=\{status:"allowed",unifiedRateLimitFallbackAvailable:!1,isUsingOverage:!1\}', data) m = re.search(pat, data) if m and rl: ci, co, sz, u, p, r = *[m.group(i) for i in range(1, 6)], rl.group(1) data = data.replace(m[0], b"context_window:{...(" + u + b"||{})," b"context_window_size:" + sz + b",current_usage:" + u + b"," b"used_percentage:" + p + b".used,remaining_percentage:" + p + b".remaining," b"rate_limit:" + r + b",s_in:" + ci + b",s_out:" + co + b"}") open(sys.argv[1], "wb").write(data) ''; in pkgs.writeShellScriptBin "claude${lib.optionalString (suffix != null) "-${suffix}"}" '' set -euo pipefail export DISABLE_AUTOUPDATER=1 export DISABLE_INSTALLATION_CHECKS=1 export USE_BUILTIN_RIPGREP=0 export PATH="${runtimeDeps}:${pkgs.deno}/bin:$PATH" CACHE="''${XDG_CACHE_HOME:-$HOME/.cache}/claude-code" BIN="$CACHE/claude-${version}" ${lib.optionalString (confDir != null) "export CLAUDE_CONFIG_DIR=\"$HOME/${confDir}\""} if [ ! -x "$BIN" ]; then mkdir -p "$CACHE" DENO_DIR="$CACHE/.deno" export DENO_DIR deno cache "npm:@anthropic-ai/claude-code@${version}" ${patchScript} "$DENO_DIR/npm/registry.npmjs.org/@anthropic-ai/claude-code/${version}/cli.js" deno compile --allow-all --output "$BIN" "npm:@anthropic-ai/claude-code@${version}" 2>&1 rm -rf "$DENO_DIR" fi exec "$BIN" "$@" ''; claude-code = mkClod { }; claude-koss = mkClod { suffix = "koss"; confDir = ".clod-koss"; }; in (scope "apps" { "slop" = claude-code; "temp-slop" = claude-koss; }) // { # required for loader programs.nix-ld = { enable = true; libraries = [ pkgs.stdenv.cc.cc.lib ]; }; # experiment with our own sandboxing # security.yoke.wrappers = # let # basePaths = [ # "wrx=/home/${mainUser}/.claude.json:/home/${mainUser}/.claude-code:/home/${mainUser}/.cache/claude-code:$PWD/.claude" # "rx=/" # ]; # base = { # package = claude-code; # executable = "claude"; # retainEnv = true; # unrestrictTcp = true; # extraPackages = clodTools; # }; # in # { # clod-cuck = base // { # pathRules = basePaths + [ "rx=$PWD" ]; # }; # clod = base // { # pathRules = basePaths ++ [ # "wrx=/home/${mainUser}" # ]; # addPwd = true; # unrestrictSockets = true; # unrestrictSignals = true; # }; # }; }