terraform {  required_providers {    coder = {      source ="coder/coder"    }    docker = {      source  ="kreuzwerker/docker"      version = "~>3.0"    }  }}provider"coder" {}provider"docker" {}data"coder_workspace" "me" {}data"coder_provisioner" "me" {}data"coder_workspace_owner" "me" {}resource"docker_image" "custom_code_server_agent_img" {  name ="coder-${data.coder_workspace_owner.me.name}-${lower(data.coder_workspace.me.name)}-agent-img:latest"  build {    context    = path.module    dockerfile ="Dockerfile.coder"  }  keep_locally = true}resource"coder_agent" "main" {  os   ="linux"  arch = data.coder_provisioner.me.arch  dir  ="/home/coder/.coder"    env = {DOTFILES_URI = local.dotfiles_uriGITHUB_PAT   = local.github_patCODER_AGENT_DEVCONTAINERS_ENABLE ="false"CODER_USERNAME = data.coder_workspace_owner.me.nameCODER_USER_EMAIL = data.coder_workspace_owner.me.email  }  startup_script           =file("${path.module}/scripts/startup.sh")  startup_script_behavior ="blocking"    display_apps {    web_terminal = true    vscode       = true  }}resource"docker_volume" "code_server_config_volume_agent" {  name ="coder-${data.coder_workspace.me.id}-code-server-config-agent"}resource"docker_volume" "docker_data_volume" {  name ="coder-${data.coder_workspace.me.id}-docker-data"}resource"docker_container" "workspace" {  image    = docker_image.custom_code_server_agent_img.name   name     ="coder-${data.coder_workspace_owner.me.name}-${lower(data.coder_workspace.me.name)}-test"  must_run = true  rm       = true# Enable privileged mode for Docker support  privileged = true  env = ["PUID=1000","PGID=1000","TZ=Etc/UTC","PASSWORD=${data.coder_parameter.workspace_password.value}","SUDO_PASSWORD=${data.coder_parameter.workspace_password.value}","CODER_AGENT_TOKEN=${coder_agent.main.token}","CODER_AGENT_INIT_COMMAND=${coder_agent.main.init_script}","CODER_AGENT_DEVCONTAINERS_ENABLE=false","START_DOCKER=true","CODER_USERNAME=${data.coder_workspace_owner.me.name}","CODER_USER_EMAIL=${data.coder_workspace_owner.me.email}"  ]  ports {    internal =8443  }  volumes {    container_path = "/config"    volume_name    = docker_volume.code_server_config_volume_agent.name  }# Mount cgroup for Docker to work properly  volumes {    container_path ="/sys/fs/cgroup"    host_path      = "/sys/fs/cgroup"    read_only      =true  }# Mount Docker data volume for persistence  volumes {    container_path ="/var/lib/docker"    volume_name    = docker_volume.docker_data_volume.name  }    log_driver ="json-file"  log_opts   = {"max-size" ="50m","max-file" = "3"  }    depends_on = [    coder_agent.main,    docker_volume.code_server_config_volume_agent,    docker_volume.docker_data_volume  ]}resource"coder_app" "code-server" {  agent_id     = coder_agent.main.id  slug         ="code-server"  display_name = "Code Server"  icon         ="/icon/code.svg"  url          = "http://localhost:8443/?folder=/config/workspace"  subdomain    = true  share        ="owner"    healthcheck {    url       ="http://localhost:8443/healthz"    interval  =10    threshold =3  }  depends_on = [docker_container.workspace]}resource"coder_app" "app" {  agent_id     = coder_agent.main.id  slug         ="app"  display_name ="App on 8000"  url          = "http://localhost:8000"  subdomain    = true# Each app gets subdomain  share        ="owner"}```thanks!PS - Discord Conversation mirrored here: https://discord.com/channels/747933592273027093/1395284267998777434