claudebox/flake.nix

{
  description = "claudebox - sandboxed Claude Code";

  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
    nix-claude-code = {
      url = "github:ryoppippi/nix-claude-code";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    nix-index-database = {
      url = "github:nix-community/nix-index-database";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };

  outputs = { self, nixpkgs, nix-claude-code, nix-index-database, ... }:
    let
      system = "x86_64-linux";
      pkgs = nixpkgs.legacyPackages.${system};
      claude-code = nix-claude-code.packages.${system}.default;
      comma-with-db = nix-index-database.packages.${system}.comma-with-db;
      runtimeDeps = [
        pkgs.bubblewrap
        pkgs.coreutils
        pkgs.git
        pkgs.curl
        pkgs.jq
        pkgs.ripgrep
        pkgs.fd
        pkgs.nix
        comma-with-db
        pkgs.bash
        pkgs.nodejs
        claude-code
      ];
      sandboxPath = pkgs.lib.makeBinPath runtimeDeps;
    in {
      packages.${system} = {
        claudebox = pkgs.writeShellApplication {
          name = "claudebox";
          runtimeInputs = runtimeDeps;
          text = ''
            SANDBOX_PATH="${sandboxPath}"
          '' + builtins.readFile ./claudebox.sh;
        };
        default = self.packages.${system}.claudebox;
      };
    };
}