joakimp/opencode-devbox
Public Access
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update multi-user docs to reflect own-account vs shared-account modes

Browse Source 
The shared-machine section in README.md still claimed named volumes
were isolated by directory-name prefixing alone, which was the bug
we just fixed. Rewrite to document both modes (own-account with
automatic $USER fallback, shared-account with explicit SIGNUM) and
explicitly note that the Docker daemon is system-wide — directory
name prefixing is NOT sufficient for volume isolation.
This commit is contained in:
Joakim Persson
2026-04-22 21:24:59 +02:00
parent 60208b2203
commit 425d53cb57
1 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+13 -7
View File
@@ -273,11 +273,17 @@ volumes:
- devbox-vscode:/home/developer/.vscode-server - devbox-vscode:/home/developer/.vscode-server
``` ```
### Shared machine setup (multiple users, single OS account) ### Multi-user setup
For machines where multiple users share one OS account (e.g. a common `garage` user), a separate compose file isolates each user's config and data using a `SIGNUM` variable. The shared-machine compose file (`docker-compose.shared.yml`) supports two modes:
Each user creates their own directory and setup: **Own-account mode** (each user has their own OS login — the common case):
Leave `SIGNUM` unset in `.env`. The project name defaults to `devbox-$USER`, so each OS user automatically gets isolated container names and named volumes with zero configuration.
**Shared-account mode** (everyone logs in as the same OS user, e.g. `garage`):
Each user sets `SIGNUM=<unique-id>` in `.env` to get isolation.
Setup per user:
```bash ```bash
# Replace <signum> with your username/identifier # Replace <signum> with your username/identifier
@@ -291,17 +297,17 @@ cp /path/to/opencode-devbox/.env.shared.example .env
# Create per-user config directory # Create per-user config directory
mkdir -p ~/<signum>/.config/opencode mkdir -p ~/<signum>/.config/opencode
# Edit .env with your signum, provider, keys, etc. # Edit .env — set SIGNUM only if you're in shared-account mode
vim .env vim .env
# Start # Start
docker compose up -d docker compose up -d
docker compose exec -u developer devbox-<signum> opencode docker compose exec -u developer devbox opencode
``` ```
Each user's container, config, and named volumes are fully isolated: Each user's container, config, and named volumes are fully isolated:
- Container name: `devbox-<signum>` (no collisions) - Container name: `devbox-<signum>` (or `devbox-$USER` in own-account mode)
- Named volumes: prefixed with the project directory name (automatic per-user isolation) - Named volumes: prefixed with the project name (`devbox-<signum>_devbox-data`, etc.) — the Docker daemon is system-wide, so directory-name prefixing alone is NOT sufficient for isolation
- Opencode config: `~/<signum>/.config/opencode/` (per-user settings, OMOS config, etc.) - Opencode config: `~/<signum>/.config/opencode/` (per-user settings, OMOS config, etc.)
See `docker-compose.shared.yml` and `.env.shared.example` for the full configuration. See `docker-compose.shared.yml` and `.env.shared.example` for the full configuration.