coder · DevelopmentCats · Aug 21, 2025 · Aug 20, 2025 · Aug 20, 2025 · Aug 20, 2025
diff --git a/registry/coder-labs/modules/codex/README.md b/registry/coder-labs/modules/codex/README.md
@@ -13,7 +13,7 @@ Run Codex CLI in your workspace to access OpenAI's models through the Codex inte
 ```tf
 module "codex" {
   source         = "registry.coder.com/coder-labs/codex/coder"
-  version        = "1.0.1"
+  version        = "2.0.0"
   agent_id       = coder_agent.example.id
   openai_api_key = var.openai_api_key
   folder         = "/home/coder/project"
@@ -25,29 +25,24 @@ module "codex" {
 - You must add the [Coder Login](https://registry.coder.com/modules/coder/coder-login) module to your template
 - OpenAI API key for Codex access
 
-## Usage Example
+## Examples
 
-- Simple usage Example:
+### Run standalone
 
 ```tf
 module "codex" {
-  count               = data.coder_workspace.me.start_count
-  source              = "registry.coder.com/coder-labs/codex/coder"
-  version             = "1.0.1"
-  agent_id            = coder_agent.example.id
-  openai_api_key      = "..."
-  codex_model         = "o4-mini"
-  install_codex       = true
-  codex_version       = "latest"
-  folder              = "/home/coder/project"
-  codex_system_prompt = "You are a helpful coding assistant. Start every response with `Codex says:`"
+  count          = data.coder_workspace.me.start_count
+  source         = "registry.coder.com/coder-labs/codex/coder"
+  version        = "2.0.0"
+  agent_id       = coder_agent.example.id
+  openai_api_key = "..."
+  folder         = "/home/coder/project"
 }
 ```
 
-- Example usage with Tasks:
+### Tasks integration
 
 ```tf
-# This
 data "coder_parameter" "ai_prompt" {
   type        = "string"
   name        = "AI Prompt"
@@ -64,79 +59,75 @@ module "coder-login" {
 }
 
 module "codex" {
-  source          = "registry.coder.com/coder-labs/codex/coder"
-  agent_id        = coder_agent.example.id
-  openai_api_key  = "..."
-  ai_prompt       = data.coder_parameter.ai_prompt.value
-  folder          = "/home/coder/project"
-  approval_policy = "never" # Full auto mode
+  source         = "registry.coder.com/coder-labs/codex/coder"
+  version        = "2.0.0"
+  agent_id       = coder_agent.example.id
+  openai_api_key = "..."
+  ai_prompt      = data.coder_parameter.ai_prompt.value
+  folder         = "/home/coder/project"
+
+  # Custom configuration for full auto mode
+  base_config_toml = <<-EOT
+    approval_policy = "never"
+    preferred_auth_method = "apikey"
+  EOT
 }
 ```
 
 > [!WARNING]
-> **Security Notice**: This module configures Codex with a `workspace-write` sandbox that allows AI tasks to read/write files in the specified folder. While the sandbox provides security boundaries, Codex can still modify files within the workspace. Use this module in trusted environments and be aware of the security implications.
+> This module configures Codex with a `workspace-write` sandbox that allows AI tasks to read/write files in the specified folder. While the sandbox provides security boundaries, Codex can still modify files within the workspace. Use this module _only_ in trusted environments and be aware of the security implications.
 
 ## How it Works
 
 - **Install**: The module installs Codex CLI and sets up the environment
-- **System Prompt**: If `codex_system_prompt` and `folder` are set, creates the directory (if needed) and writes the prompt to `AGENTS.md`
+- **System Prompt**: If `codex_system_prompt` is set, writes the prompt to `AGENTS.md` in the `~/.codex/` directory
 - **Start**: Launches Codex CLI in the specified directory, wrapped by AgentAPI
 - **Configuration**: Sets `OPENAI_API_KEY` environment variable and passes `--model` flag to Codex CLI (if variables provided)
 
-## Sandbox Configuration
-
-The module automatically configures Codex with a secure sandbox that allows AI tasks to work effectively:
-
-- **Sandbox Mode**: `workspace-write` - Allows Codex to read/write files in the specified `folder`
-- **Approval Policy**: `on-request` - Codex asks for permission before performing potentially risky operations
-- **Network Access**: Enabled within the workspace for package installation and API calls
-
-### Customizing Sandbox Behavior
+## Configuration
 
-You can customize the sandbox behavior using dedicated variables:
+### Default Configuration
 
-#### **Using Dedicated Variables (Recommended)**
+When no custom `base_config_toml` is provided, the module uses these secure defaults:
 
-For most use cases, use the dedicated sandbox variables:
+```toml
+sandbox_mode = "workspace-write"
+approval_policy = "never"
+preferred_auth_method = "apikey"
 
-```tf
-module "codex" {
-  source = "registry.coder.com/coder-labs/codex/coder"
-  # ... other variables ...
-
-  # Containerized environments (fixes Landlock errors)
-  sandbox_mode = "danger-full-access"
-
-  # Or for read-only mode
-  # sandbox_mode = "read-only"
-
-  # Or for full auto mode
-  # approval_policy = "never"
-
-  # Or disable network access
-  # network_access = false
-}
+[sandbox_workspace_write]
+network_access = true
 ```
 
-#### **Using extra_codex_settings_toml (Advanced)**
+### Custom Configuration
 
-For advanced configuration or when you need to override multiple settings:
+For custom Codex configuration, use `base_config_toml` and/or `additional_mcp_servers`:
 
 ```tf
 module "codex" {
-  source = "registry.coder.com/coder-labs/codex/coder"
+  source  = "registry.coder.com/coder-labs/codex/coder"
+  version = "2.0.0"
   # ... other variables ...
 
-  extra_codex_settings_toml = <<-EOT
-    # Any custom Codex configuration
-    model = "gpt-4"
-    disable_response_storage = true
+  # Override default configuration
+  base_config_toml = <<-EOT
+    sandbox_mode = "danger-full-access"
+    approval_policy = "never"
+    preferred_auth_method = "apikey"
+  EOT
+
+  # Add extra MCP servers
+  additional_mcp_servers = <<-EOT
+    [mcp_servers.GitHub]
+    command = "npx"
+    args = ["-y", "@modelcontextprotocol/server-github"]
+    type = "stdio"
   EOT
 }
 ```
 
 > [!NOTE]
-> The dedicated variables (`sandbox_mode`, `approval_policy`, `network_access`) are the recommended way to configure sandbox behavior. Use `extra_codex_settings_toml` only for advanced configuration that isn't covered by the dedicated variables.
+> If no custom configuration is provided, the module uses secure defaults. The Coder MCP server is always included automatically. For containerized workspaces (Docker/Kubernetes), you may need `sandbox_mode = "danger-full-access"` to avoid permission issues. For advanced options, see [Codex config docs](https://github.com/openai/codex/blob/main/codex-rs/config.md).
 
 ## Troubleshooting
 
@@ -150,6 +141,6 @@ module "codex" {
 
 ## References
 
-- [OpenAI API Documentation](https://platform.openai.com/docs)
+- [Codex CLI Documentation](https://github.com/openai/codex)
 - [AgentAPI Documentation](https://github.com/coder/agentapi)
 - [Coder AI Agents Guide](https://coder.com/docs/tutorials/ai-agents)
diff --git a/registry/coder-labs/modules/codex/main.test.ts b/registry/coder-labs/modules/codex/main.test.ts
@@ -108,24 +108,25 @@ describe("codex", async () => {
     await expectAgentAPIStarted(id);
   });
 
-  test("codex-config-toml", async () => {
-    const settings = dedent`
-      [mcp_servers.CustomMCP]
-      command = "/Users/jkmr/Documents/work/coder/coder_darwin_arm64"
-      args = ["exp", "mcp", "server", "app-status-slug=codex"]
-      env = { "CODER_MCP_APP_STATUS_SLUG" = "codex", "CODER_MCP_AI_AGENTAPI_URL"= "http://localhost:3284" }
-      description = "Report ALL tasks and statuses (in progress, done, failed) you are working on."
-      enabled = true
-      type = "stdio"
+  test("base-config-toml", async () => {
+    const baseConfig = dedent`
+      sandbox_mode = "danger-full-access"
+      approval_policy = "never"
+      preferred_auth_method = "apikey"
+
+      [custom_section]
+      new_feature = true
     `.trim();
     const { id } = await setup({
       moduleVariables: {
-        extra_codex_settings_toml: settings,
+        base_config_toml: baseConfig,
       },
     });
     await execModuleScript(id);
     const resp = await readFileContainer(id, "/home/coder/.codex/config.toml");
-    expect(resp).toContain("[mcp_servers.CustomMCP]");
+    expect(resp).toContain("sandbox_mode = \"danger-full-access\"");
+    expect(resp).toContain("preferred_auth_method = \"apikey\"");
+    expect(resp).toContain("[custom_section]");
     expect(resp).toContain("[mcp_servers.Coder]");
   });
 
@@ -142,7 +143,7 @@ describe("codex", async () => {
       id,
       "/home/coder/.codex-module/agentapi-start.log",
     );
-    expect(resp).toContain("openai_api_key provided !");
+    expect(resp).toContain("OpenAI API Key: Provided");
   });
 
   test("pre-post-install-scripts", async () => {
@@ -181,25 +182,106 @@ describe("codex", async () => {
     expect(resp).toContain(folder);
   });
 
-  test("additional-extensions", async () => {
+  test("additional-mcp-servers", async () => {
     const additional = dedent`
-      [mcp_servers.CustomMCP]
-      command = "/Users/jkmr/Documents/work/coder/coder_darwin_arm64"
-      args = ["exp", "mcp", "server", "app-status-slug=codex"]
-      env = { "CODER_MCP_APP_STATUS_SLUG" = "codex", "CODER_MCP_AI_AGENTAPI_URL"= "http://localhost:3284" }
-      description = "Report ALL tasks and statuses (in progress, done, failed) you are working on."
-      enabled = true
+      [mcp_servers.GitHub]
+      command = "npx"
+      args = ["-y", "@modelcontextprotocol/server-github"]
+      type = "stdio"
+      description = "GitHub integration"
+
+      [mcp_servers.FileSystem]
+      command = "npx"
+      args = ["-y", "@modelcontextprotocol/server-filesystem", "/workspace"]
+      type = "stdio"
+      description = "File system access"
+    `.trim();
+    const { id } = await setup({
+      moduleVariables: {
+        additional_mcp_servers: additional,
+      },
+    });
+    await execModuleScript(id);
+    const resp = await readFileContainer(id, "/home/coder/.codex/config.toml");
+    expect(resp).toContain("[mcp_servers.GitHub]");
+    expect(resp).toContain("[mcp_servers.FileSystem]");
+    expect(resp).toContain("[mcp_servers.Coder]");
+    expect(resp).toContain("GitHub integration");
+  });
+
+  test("full-custom-config", async () => {
+    const baseConfig = dedent`
+      sandbox_mode = "read-only"
+      approval_policy = "untrusted"
+      preferred_auth_method = "chatgpt"
+      custom_setting = "test-value"
+
+      [advanced_settings]
+      timeout = 30000
+      debug = true
+      logging_level = "verbose"
+    `.trim();
+
+    const additionalMCP = dedent`
+      [mcp_servers.CustomTool]
+      command = "/usr/local/bin/custom-tool"
+      args = ["--serve", "--port", "8080"]
+      type = "stdio"
+      description = "Custom development tool"
+
+      [mcp_servers.DatabaseMCP]
+      command = "python"
+      args = ["-m", "database_mcp_server"]
       type = "stdio"
+      description = "Database query interface"
     `.trim();
+
     const { id } = await setup({
       moduleVariables: {
-        additional_extensions: additional,
+        base_config_toml: baseConfig,
+        additional_mcp_servers: additionalMCP,
       },
     });
     await execModuleScript(id);
     const resp = await readFileContainer(id, "/home/coder/.codex/config.toml");
-    expect(resp).toContain("[mcp_servers.CustomMCP]");
+
+    // Check base config
+    expect(resp).toContain("sandbox_mode = \"read-only\"");
+    expect(resp).toContain("preferred_auth_method = \"chatgpt\"");
+    expect(resp).toContain("custom_setting = \"test-value\"");
+    expect(resp).toContain("[advanced_settings]");
+    expect(resp).toContain("logging_level = \"verbose\"");
+
+    // Check MCP servers
     expect(resp).toContain("[mcp_servers.Coder]");
+    expect(resp).toContain("[mcp_servers.CustomTool]");
+    expect(resp).toContain("[mcp_servers.DatabaseMCP]");
+    expect(resp).toContain("Custom development tool");
+    expect(resp).toContain("Database query interface");
+  });
+
+  test("minimal-default-config", async () => {
+    const { id } = await setup({
+      moduleVariables: {
+        // No base_config_toml or additional_mcp_servers - should use defaults
+      },
+    });
+    await execModuleScript(id);
+    const resp = await readFileContainer(id, "/home/coder/.codex/config.toml");
+
+    // Check default base config
+    expect(resp).toContain("sandbox_mode = \"workspace-write\"");
+    expect(resp).toContain("approval_policy = \"never\"");
+    expect(resp).toContain("[sandbox_workspace_write]");
+    expect(resp).toContain("network_access = true");
+
+    // Check only Coder MCP server is present
+    expect(resp).toContain("[mcp_servers.Coder]");
+    expect(resp).toContain("Report ALL tasks and statuses");
+
+    // Ensure no additional MCP servers
+    const mcpServerCount = (resp.match(/\[mcp_servers\./g) || []).length;
+    expect(mcpServerCount).toBe(1);
   });
 
   test("codex-system-prompt", async () => {
@@ -210,7 +292,7 @@ describe("codex", async () => {
       },
     });
     await execModuleScript(id);
-    const resp = await readFileContainer(id, "/home/coder/AGENTS.md");
+    const resp = await readFileContainer(id, "/home/coder/.codex/AGENTS.md");
     expect(resp).toContain(prompt);
   });
 
@@ -223,7 +305,8 @@ describe("codex", async () => {
     `.trim();
     const pre_install_script = dedent`
         #!/bin/bash
-        echo -e "${prompt_3}" >> /home/coder/AGENTS.md
+        mkdir -p /home/coder/.codex
+        echo -e "${prompt_3}" >> /home/coder/.codex/AGENTS.md
         `.trim();
 
     const { id } = await setup({
@@ -233,7 +316,7 @@ describe("codex", async () => {
       },
     });
     await execModuleScript(id);
-    const resp = await readFileContainer(id, "/home/coder/AGENTS.md");
+    const resp = await readFileContainer(id, "/home/coder/.codex/AGENTS.md");
     expect(resp).toContain(prompt_1);
     expect(resp).toContain(prompt_2);
 
@@ -245,7 +328,7 @@ describe("codex", async () => {
       },
     });
     await execModuleScript(id_2);
-    const resp_2 = await readFileContainer(id_2, "/home/coder/AGENTS.md");
+    const resp_2 = await readFileContainer(id_2, "/home/coder/.codex/AGENTS.md");
     expect(resp_2).toContain(prompt_1);
     const count = (resp_2.match(new RegExp(prompt_1, "g")) || []).length;
     expect(count).toBe(1);
@@ -268,12 +351,16 @@ describe("codex", async () => {
   });
 
   test("start-without-prompt", async () => {
-    const { id } = await setup();
+    const { id } = await setup({
+      moduleVariables: {
+        codex_system_prompt: "", // Explicitly disable system prompt
+      },
+    });
     await execModuleScript(id);
     const prompt = await execContainer(id, [
       "ls",
       "-l",
-      "/home/coder/AGENTS.md",
+      "/home/coder/.codex/AGENTS.md",
     ]);
     expect(prompt.exitCode).not.toBe(0);
     expect(prompt.stderr).toContain("No such file or directory");