From 979c1aa080608ca7b92aef9b1430c1ac19f61173 Mon Sep 17 00:00:00 2001
From: Artem Sheremet <dot.doom@gmail.com>
Date: Wed, 1 Apr 2026 11:45:38 +0000
Subject: [PATCH] Add jail to flake.nix

Inspired by
https://dev.to/andersonjoseph/how-i-run-llm-agents-in-a-secure-nix-sandbox-1899
---
 flake.lock | 16 ++++++++++++++++
 flake.nix  |  1 +
 2 files changed, 17 insertions(+)

diff --git a/flake.lock b/flake.lock
index 24a2bf7..67cab70 100644
--- a/flake.lock
+++ b/flake.lock
@@ -217,6 +217,21 @@
         "type": "github"
       }
     },
+    "jail-nix": {
+      "locked": {
+        "lastModified": 1770418571,
+        "narHash": "sha256-EzQUbe1gwW/xpJoMuMeblWcjAEF+F92cz/enz0Mz/qo=",
+        "owner": "~alexdavid",
+        "repo": "jail.nix",
+        "rev": "c141cf8cc68617625b4a28a7d8ce0a35904815d5",
+        "type": "sourcehut"
+      },
+      "original": {
+        "owner": "~alexdavid",
+        "repo": "jail.nix",
+        "type": "sourcehut"
+      }
+    },
     "nix-homebrew": {
       "inputs": {
         "brew-src": "brew-src"
@@ -273,6 +288,7 @@
         "fw_nix": "fw_nix",
         "git-hooks": "git-hooks_2",
         "home-manager": "home-manager",
+        "jail-nix": "jail-nix",
         "nix-homebrew": "nix-homebrew",
         "nixpkgs": "nixpkgs",
         "nixpkgs-screen": "nixpkgs-screen",
diff --git a/flake.nix b/flake.nix
index 9945653..5a921d7 100644
--- a/flake.nix
+++ b/flake.nix
@@ -30,6 +30,7 @@
       url = "github:cachix/git-hooks.nix";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    jail-nix.url = "sourcehut:~alexdavid/jail.nix";
   };
 
   outputs =