Fix volume collision in shared-machine compose: scope project name by SIGNUM
The Docker daemon is system-wide — named volumes are prefixed by the
compose project name, which defaults to the basename of the directory
holding docker-compose.yml. Two users whose compose file lives under
a directory with the same name (e.g. ~/alice/opencode-devbox and
~/bob/opencode-devbox) would silently share volumes, corrupting each
other's opencode data, bash history, and TUI settings.
Add an explicit top-level 'name: devbox-${SIGNUM}' so the project
name (and therefore all volume prefixes) is unique per user. The old
comment claiming directory-name prefixing was sufficient was wrong —
it only works if directory basenames differ, which isn't guaranteed
on multi-user hosts or when users follow the same setup instructions.
This commit is contained in:
@@ -12,9 +12,13 @@
|
|||||||
# 5. mkdir -p ~/<signum>/.config/opencode
|
# 5. mkdir -p ~/<signum>/.config/opencode
|
||||||
# 6. docker compose up -d
|
# 6. docker compose up -d
|
||||||
#
|
#
|
||||||
# Named volumes are automatically isolated per user because Docker Compose
|
# Volume isolation: the top-level 'name:' field uses SIGNUM to derive a
|
||||||
# prefixes them with the project directory name (e.g. opencode-devbox_devbox-data).
|
# unique project name (devbox-<signum>), which Docker Compose uses as the
|
||||||
# Since each user runs from ~/<signum>/opencode-devbox/, volumes don't collide.
|
# prefix for all named volumes. Without this, two users whose compose file
|
||||||
|
# lives in a directory with the same basename would share volumes — the
|
||||||
|
# Docker daemon is system-wide and doesn't scope by OS user.
|
||||||
|
|
||||||
|
name: devbox-${SIGNUM:?Set SIGNUM in .env}
|
||||||
|
|
||||||
services:
|
services:
|
||||||
devbox:
|
devbox:
|
||||||
|
|||||||
Reference in New Issue
Block a user