#!/usr/bin/env bash set -euo pipefail # ── SSH key permissions ────────────────────────────────────────────── # If SSH keys are mounted, fix permissions (bind mounts may have wrong perms) if [ -d "$HOME/.ssh" ] && [ "$(ls -A "$HOME/.ssh" 2>/dev/null)" ]; then chmod 700 "$HOME/.ssh" find "$HOME/.ssh" -type f -name "id_*" ! -name "*.pub" -exec chmod 600 {} \; 2>/dev/null || true find "$HOME/.ssh" -type f -name "*.pub" -exec chmod 644 {} \; 2>/dev/null || true [ -f "$HOME/.ssh/known_hosts" ] && chmod 644 "$HOME/.ssh/known_hosts" [ -f "$HOME/.ssh/config" ] && chmod 600 "$HOME/.ssh/config" fi # ── Git config defaults ────────────────────────────────────────────── # Set git config from env vars if not already configured via mounted .gitconfig if [ -n "${GIT_USER_NAME:-}" ] && ! git config --global user.name &>/dev/null; then git config --global user.name "$GIT_USER_NAME" fi if [ -n "${GIT_USER_EMAIL:-}" ] && ! git config --global user.email &>/dev/null; then git config --global user.email "$GIT_USER_EMAIL" fi # ── Generate opencode config from env vars if no config mounted ────── CONFIG_DIR="$HOME/.config/opencode" CONFIG_FILE="$CONFIG_DIR/opencode.json" if [ ! -f "$CONFIG_FILE" ] && [ -n "${OPENCODE_PROVIDER:-}" ]; then echo "Generating opencode config for provider: $OPENCODE_PROVIDER" mkdir -p "$CONFIG_DIR" # Build provider-specific config case "$OPENCODE_PROVIDER" in anthropic) cat > "$CONFIG_FILE" < "$CONFIG_FILE" < "$CONFIG_FILE" < "$CONFIG_FILE" <