API (chi router · 12 middleware)
Core Services (coderd.go)
Data Layer
Governance (rbac + aigovernance)
Tailnet Mesh
Observability
REST
100+ endpoints
DRPC
Protobuf
WebSocket
PubSub
CSRF+CORS
Rate 512/m
Auth MW
Token extract
OTel + RequestID
Tracing
Temporal v1.30
gRPC :7233
Identity
OAuth2/OIDC/SAML
Policy Engine
Rego → SQL
Budget
Hard/soft
Agent Lifecycle
CRUD + Signal
Crypto Keys
Rotate/Sign
AgentWorkflow
Continue-As-New
CoordWorkflow
Room mgmt
Provisioner
Terraform
PubSub
DB events
PostgreSQL
50+ tbl SQLC
Temporal DB
Workflow state
Audit Ledger
SHA-256
424 Migrations
Schema
RBAC 744KB
44K tests
ABAC
Attributes
Rego
427 lines
→ SQL
DB enforce
PII Filter
Prompts
Model Lock
Restrict
Tool Gate
Whitelist
WireGuard
P2P
DERP Relay
TCP/WS
Coordinator
Discovery
Prometheus
Metrics
OpenTelemetry
Tracing
Audit Chain
SHA-256