From d9dc85d825ee99f496bcb0095a1e294aa93da491 Mon Sep 17 00:00:00 2001 From: pi Date: Thu, 4 Jun 2026 14:59:46 +0200 Subject: [PATCH] entrypoint: chown devbox-ssh-local volume so jump key generates The named-volume persistence change for ~/.ssh-local did not update the entrypoint's volume-ownership loop. Docker creates named volumes as root:root, so setup-lan-access.sh (running as developer) silently failed to mkdir/ssh-keygen, leaving no jump key and breaking LAN access on the first --force-recreate. Add ~/.ssh-local to the chown list. --- CHANGELOG.md | 11 +++++++++++ entrypoint.sh | 1 + 2 files changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index bbf16b6..426ee51 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,17 @@ it generates a **new** key (not just when `HOST_SSH_USER` is unset), e.g. `echo 'ssh-ed25519 …' >> ~/.ssh/authorized_keys` — no helper file to locate, no workspace path to guess. It stays silent once the key is persisted. +### Fixed: chown the `devbox-ssh-local` volume so the jump key can be generated + +The previous change persisted `~/.ssh-local` via a named volume, but the +entrypoint's volume-ownership loop was never updated to include it. Docker +creates named volumes as `root:root`, so on a fresh volume `~/.ssh-local` +stayed root-owned while `setup-lan-access.sh` runs as `developer` — both its +`mkdir cm` and `ssh-keygen` failed silently (`|| true` / `|| exit 0`), leaving +**no jump key and no config**, breaking LAN access on the first recreate after +the persistence change. `entrypoint.sh` now chowns `~/.ssh-local` to the +developer user alongside the other named-volume mount points. + _(no other changes since v1.15.13d)_ ## v1.15.13d — 2026-06-04 diff --git a/entrypoint.sh b/entrypoint.sh index 66bbcc1..cc25c8a 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -88,6 +88,7 @@ for dir in \ /home/"$USER_NAME"/.config/opencode \ /home/"$USER_NAME"/.config/nvim \ /home/"$USER_NAME"/.pi \ + /home/"$USER_NAME"/.ssh-local \ /home/"$USER_NAME"/.agents/skills; do [ -d "$dir" ] || continue