pi
f09a4f382a
Validate / base-change-warning (push) Successful in 22s
Validate / docs-check (push) Successful in 44s
Validate / validate-base (push) Successful in 3m27s
Validate / validate-omos (push) Successful in 7m3s
Validate / validate-with-pi (push) Failing after 4m33s
Validate / validate-omos-with-pi (push) Failing after 8m29s
Item A — LAN access (base image): - New rootfs/usr/local/lib/opencode-devbox/setup-lan-access.sh, invoked non-fatally from entrypoint-user.sh. On VM-backed hosts (macOS OrbStack / Docker Desktop, detected via host.docker.internal) it generates a writable ~/.ssh-local/config that uses the host as an SSH jump to reach LAN peers; no-op on native Linux. Ships the mechanism (generic 'host' jump alias), not policy (targets stay in the user's bind-mounted ~/.ssh/config). - New env knobs: DEVBOX_LAN_ACCESS (auto|jump|off), HOST_SSH_USER, DEVBOX_HOST_ALIAS. dssh/dscp aliases in .bash_aliases (guarded). Item B — pi-fork (fork) + pi-observational-memory (recall) in pi variants: - Dockerfile.variant clones both elpapi42 repos to /opt and runs npm install there at build time (local-path 'pi install' does not npm-install, so deps must be present to load). New args PI_FORK_REPO/REF, PI_OBSMEM_REPO/REF. - entrypoint-user.sh registers them at runtime via 'pi install /opt/<pkg>' (instant, in-place, idempotent; tools bind on next pi start). - CI resolve-versions resolves each repo's master HEAD to a commit SHA and passes PI_FORK_REF/PI_OBSMEM_REF — same cache-hit guard as PI_VERSION. - smoke-test asserts /opt clones + node_modules + settings.json registration; size thresholds bumped (with-pi 2700->2900, omos-with-pi 3700->3900). Versions unchanged (opencode 1.15.13, pi 0.78.0 — both still latest). Docs: README LAN section + env table, .env.example, AGENTS.md, CHANGELOG. Plan recorded in docs/plan-lan-access-and-pi-extensions.md.
123 lines
6.1 KiB
Bash
123 lines
6.1 KiB
Bash
# opencode-devbox environment configuration
|
|
# Copy this file to .env and fill in your values:
|
|
# cp .env.example .env
|
|
|
|
# ── LLM Provider ─────────────────────────────────────────────────────
|
|
# Which provider to auto-configure (anthropic, openai, amazon-bedrock)
|
|
OPENCODE_PROVIDER=anthropic
|
|
|
|
# Model override (optional, defaults per provider)
|
|
# OPENCODE_MODEL=anthropic/claude-sonnet-4-6
|
|
|
|
# ── API Keys (set the one matching your provider) ────────────────────
|
|
# ANTHROPIC_API_KEY=
|
|
# OPENAI_API_KEY=
|
|
# GEMINI_API_KEY=
|
|
|
|
# ── AWS Bedrock (if using amazon-bedrock provider) ───────────────────
|
|
# AWS_REGION=eu-west-1
|
|
# AWS_PROFILE=default
|
|
# AWS_ACCESS_KEY_ID=
|
|
# AWS_SECRET_ACCESS_KEY=
|
|
|
|
# ── Git Configuration ────────────────────────────────────────────────
|
|
GIT_USER_NAME=
|
|
GIT_USER_EMAIL=
|
|
|
|
# ── Workspace ────────────────────────────────────────────────────────
|
|
# Path on host to mount as /workspace in the container
|
|
WORKSPACE_PATH=~/projects
|
|
|
|
# Path to SSH keys on host
|
|
SSH_KEY_PATH=~/.ssh
|
|
|
|
# ── LAN access from the container (host-OS-agnostic) ─────────────────
|
|
# On VM-backed hosts (macOS OrbStack / Docker Desktop, also Docker Desktop
|
|
# on Windows) the container runs in a Linux VM and CANNOT reach the host's
|
|
# directly-attached LAN peers by default. On native Linux Docker the LAN is
|
|
# reachable directly and nothing is needed. The entrypoint detects this and,
|
|
# on VM-backed hosts, generates ~/.ssh-local/config so the host can be used
|
|
# as an SSH jump (use the `dssh` alias, or add `ProxyJump host` to targets
|
|
# in your bind-mounted ~/.ssh/config).
|
|
#
|
|
# DEVBOX_LAN_ACCESS: auto (default) | jump | off
|
|
# auto = set up the jump only on VM-backed hosts; no-op on native Linux.
|
|
# jump = always set up (e.g. native Linux with extra_hosts host-gateway).
|
|
# off = disable entirely.
|
|
# DEVBOX_LAN_ACCESS=auto
|
|
#
|
|
# HOST_SSH_USER: your username on the host. REQUIRED for the jump to
|
|
# authenticate. On first start the entrypoint prints the public key to
|
|
# authorize on the host (append to the host's ~/.ssh/authorized_keys) and
|
|
# reminds you to enable the host's SSH server (e.g. macOS Remote Login).
|
|
# HOST_SSH_USER=
|
|
#
|
|
# DEVBOX_HOST_ALIAS: host hostname to reach (default host.docker.internal).
|
|
# DEVBOX_HOST_ALIAS=host.docker.internal
|
|
|
|
# ── Skillset (agent skills and instructions) ─────────────────────────
|
|
# If you have a skillset repo, the entrypoint auto-deploys skills and
|
|
# instructions on container start using relative symlinks (portable
|
|
# across host/container).
|
|
#
|
|
# Detection is automatic if the skillset lives directly at the workspace
|
|
# root (i.e. WORKSPACE_PATH/skillset → /workspace/skillset in container).
|
|
#
|
|
# If the skillset lives in a subdirectory of your workspace, set
|
|
# SKILLSET_CONTAINER_PATH to its location *inside the container*. This
|
|
# is determined by the workspace mount: whatever is at
|
|
# WORKSPACE_PATH/<subpath> on the host becomes /workspace/<subpath>
|
|
# in the container.
|
|
#
|
|
# Examples:
|
|
# Host skillset at ~/projects/skillset → already at /workspace/skillset (auto-detected, no config needed)
|
|
# Host skillset at ~/projects/tools/skillset → SKILLSET_CONTAINER_PATH=/workspace/tools/skillset
|
|
# Host skillset at ~/projects/local/skillset → SKILLSET_CONTAINER_PATH=/workspace/local/skillset
|
|
#
|
|
# Alternatively, mount the skillset repo at a dedicated path using the
|
|
# SKILLSET_PATH volume in docker-compose.yml (see comments there). In
|
|
# that case the entrypoint finds it at ~/skillset automatically.
|
|
#
|
|
# SKILLSET_CONTAINER_PATH=
|
|
|
|
# ── Locale (defaults to en_US.UTF-8) ─────────────────────────────────
|
|
# LANG=sv_SE.UTF-8
|
|
# LANGUAGE=sv_SE:sv
|
|
# LC_ALL=sv_SE.UTF-8
|
|
|
|
# ── oh-my-opencode-slim (multi-agent orchestration) ──────────────────
|
|
# Requires image built with INSTALL_OMOS=true
|
|
# ENABLE_OMOS=false
|
|
# OMOS_TMUX=false # Enable tmux multiplexer integration
|
|
# OMOS_SKILLS=true # Install recommended skills (simplify, agent-browser, cartography)
|
|
# OMOS_RESET=false # Force regenerate oh-my-opencode-slim config on next start
|
|
|
|
# ── pi coding-agent (alternative/complementary harness) ─────────────────
|
|
# Requires image built with INSTALL_PI=true.
|
|
# When the image is built with both INSTALL_OPENCODE=true (default) and
|
|
# INSTALL_PI=true, both harnesses share the same mempalace install and
|
|
# palace path — wing data is mutually visible to either harness.
|
|
#
|
|
# Pi version is baked at build time via PI_VERSION (default: latest at
|
|
# build). The baked `pi` binary is at /usr/bin/pi (system npm prefix);
|
|
# rebuild the image to upgrade it. NPM_CONFIG_PREFIX is set to
|
|
# /home/developer/.pi/npm-global, so anything installed via
|
|
# `pi install npm:...` or `npm install -g` as the developer user
|
|
# (themes, skills, extensions, including a user-installed pi itself)
|
|
# lands on the named volume and survives container recreate AND image
|
|
# rebuilds. A user-installed pi wins via PATH order over the baked one.
|
|
#
|
|
# Pi config (settings.json, extensions toggle state, sessions, auth) persists in the
|
|
# devbox-pi-config named volume mounted at ~/.pi/.
|
|
#
|
|
# To launch pi from a `compose run` invocation:
|
|
# docker compose run --rm devbox pi
|
|
# To attach to a running container:
|
|
# docker compose exec -u developer devbox pi
|
|
# Default `compose run` (no args) drops to bash; pick the harness yourself.
|
|
#
|
|
# Build args (set in docker-compose.yml or via --build-arg on docker build):
|
|
# INSTALL_PI=true # default false; opt-in
|
|
# PI_VERSION=latest # pin a specific version, e.g. 0.73.0
|
|
# INSTALL_OPENCODE=false # build a pi-only image (still has Bun in -omos)
|