joakimp/opencode-devbox
Public Access
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
72298ae77ed2c1b38107efbfe8d57bcef6ea8e75
opencode-devbox/entrypoint-user.sh
T
pi 72298ae77e
Validate / base-change-warning (push) Successful in 14s
Details
Validate / docs-check (push) Successful in 13s
Details
Publish Docker Image / resolve-versions (push) Successful in 8s
Details
Publish Docker Image / base-decide (push) Successful in 13s
Details
Validate / validate-omos (push) Successful in 12m42s
Details
Validate / validate-base (push) Successful in 13m39s
Details
Publish Docker Image / build-base (push) Successful in 44m17s
Details
Publish Docker Image / smoke-base (push) Successful in 3m46s
Details
Publish Docker Image / smoke-omos (push) Successful in 5m54s
Details
Publish Docker Image / build-variant-base (push) Successful in 18m11s
Details
Publish Docker Image / build-variant-omos (push) Successful in 19m34s
Details
Publish Docker Image / promote-base-latest (push) Successful in 9s
Details
Publish Docker Image / update-description (push) Successful in 15s
Details
v2.0.0: remove pi, relocate npm-global prefix, bump opencode 1.17.2->1.17.4 
PR-5 (per docs/CLEANUP-v2.0.0.md). Major release with two breaking changes:

1. pi fully removed (deprecated in v1.17.2). Gone: INSTALL_PI + all PI_*
   build args; with-pi/omos-with-pi/pi-only variants; base-pi-only publish
   job; all ~/.pi entrypoint wiring; the 3 pi smoke/validate/build-variant
   CI jobs. Only base + omos variants remain (4 tags/release).

2. NPM_CONFIG_PREFIX relocated ~/.pi/npm-global -> ~/.config/opencode/npm-global
   (persistent in both compose files). entrypoint-user.sh gains a one-time
   migration shim that copies old global npm packages forward.

Also: opencode 1.17.2->1.17.4; DOCKER_HUB.md gains {{OPENCODE_VERSION}}
placeholder filled by CI at publish time (mirrors pi-devbox); full docs
drift sweep across README/AGENTS/.gitea-README/.env.example/manual-host-publish;
DOCKER_HUB.md regenerated + --check passes; both workflows YAML-valid;
all shell scripts pass bash -n.
2026-06-13 17:10:45 +02:00

175 lines
8.0 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
set -euo pipefail
# ── SSH ControlMaster socket dir ────────────────────────────────
# Companion to /etc/ssh/ssh_config.d/00-devbox-controlmaster.conf in the
# base image — that file declares ControlPath=/tmp/sshcm/%r@%h:%p; this
# creates the directory with the right permissions on every container
# start. /tmp is per-container so the dir doesn't survive recreation;
# baking it into a Dockerfile layer would be wrong.
# Mode 700 is required — OpenSSH refuses to use a ControlPath dir that
# others can write to.
mkdir -p /tmp/sshcm
chmod 700 /tmp/sshcm
# ── LAN access: generic host-OS-agnostic reachability helper ────────
# On VM-backed hosts (macOS OrbStack / Docker Desktop) the container can't
# reach the host's directly-attached LAN peers by default; this generates a
# writable ~/.ssh-local/config that uses the host as an SSH jump. On native
# Linux (LAN reachable directly) it is a no-op. Controlled by DEVBOX_LAN_ACCESS
# (auto|jump|off) + HOST_SSH_USER. Always non-fatal. See the script header.
if [ -r /usr/local/lib/opencode-devbox/setup-lan-access.sh ]; then
bash /usr/local/lib/opencode-devbox/setup-lan-access.sh || true
fi
# ── Shell defaults: copy baked files from /etc/skel-devbox/ if absent
# Respects host bind-mounts and user customizations — existing files
# are never overwritten. To restore defaults: rm ~/.bash_aliases (or
# .inputrc) and recreate the container, or cp from /etc/skel-devbox/
# directly.
SKEL_DIR="/etc/skel-devbox"
if [ -d "$SKEL_DIR" ]; then
for f in .bash_aliases .inputrc; do
if [ -f "$SKEL_DIR/$f" ] && [ ! -e "$HOME/$f" ]; then
cp "$SKEL_DIR/$f" "$HOME/$f"
fi
done
fi
# ── v2.0.0 migration: relocate npm global prefix off the legacy ~/.pi path ──
# Pre-v2.0.0 images set NPM_CONFIG_PREFIX=~/.pi/npm-global (a pi-specific
# path). v2.0.0 removed pi and moved the prefix to
# ~/.config/opencode/npm-global, which is a persistent named volume in every
# compose layout (the old ~/.pi volume was only in docker-compose.yml). If a
# user upgraded with the old ~/.pi volume still mounted, copy their
# previously globally-installed npm packages to the new prefix once so they
# remain on PATH. The marker keeps this idempotent and a no-op for fresh
# installs; the whole block is harmless when the old path is absent.
NEW_NPM_PREFIX="$HOME/.config/opencode/npm-global"
OLD_NPM_PREFIX="$HOME/.pi/npm-global"
MIGRATION_MARKER="$NEW_NPM_PREFIX/.migrated-from-dot-pi"
if [ -d "$OLD_NPM_PREFIX" ] && [ ! -f "$MIGRATION_MARKER" ]; then
echo "Migrating npm global prefix: ~/.pi/npm-global -> ~/.config/opencode/npm-global"
mkdir -p "$NEW_NPM_PREFIX"
# cp -n: never overwrite a file already in the new prefix (a freshly
# installed package wins over the legacy copy).
for sub in lib bin share; do
if [ -d "$OLD_NPM_PREFIX/$sub" ]; then
mkdir -p "$NEW_NPM_PREFIX/$sub"
cp -an "$OLD_NPM_PREFIX/$sub/." "$NEW_NPM_PREFIX/$sub/" 2>/dev/null || true
fi
done
touch "$MIGRATION_MARKER" 2>/dev/null || true
fi
# ── MemPalace: initialize palace for the workspace if mempalace is installed
# Creates the palace directory structure on first run. Idempotent — skips
# if palace already exists, so upgrades from older versions preserve
# existing data. `--yes` auto-accepts detected entities so the init is
# non-interactive — the container entrypoint has no usable stdin for
# prompts anyway.
if command -v mempalace &>/dev/null && [ -d /workspace ]; then
PALACE_DIR="${HOME}/.mempalace"
if [ ! -d "$PALACE_DIR/palace" ]; then
echo "Initializing MemPalace for workspace (non-interactive)..."
# </dev/null: mempalace init has an interactive "Mine this directory
# now? [Y/n]" prompt that --yes does not auto-answer in all paths.
# Without redirected stdin, the process blocks here forever when run
# from `docker run -it` (the TTY keeps stdin open). EOF on stdin
# makes the prompt fall through to its default (skip).
mempalace init --yes /workspace </dev/null >/dev/null 2>&1 || true
fi
fi
# ── Git config defaults ──────────────────────────────────────────────
if [ -n "${GIT_USER_NAME:-}" ] && ! git config --global user.name &>/dev/null; then
git config --global user.name "$GIT_USER_NAME"
fi
if [ -n "${GIT_USER_EMAIL:-}" ] && ! git config --global user.email &>/dev/null; then
git config --global user.email "$GIT_USER_EMAIL"
fi
# ── Generate opencode config from env vars if no config mounted ──────
# Delegated to a standalone Python script for clarity and testability.
# The script is idempotent: it never overwrites an existing opencode.json
# (bind-mounted from host, persisted in named volume, or previously
# generated) and no-ops if OPENCODE_PROVIDER is unset.
python3 /usr/local/lib/opencode-devbox/generate-config.py
# ── Skillset: deploy skills/instructions from mounted skillset repo ──
# When the skillset repo is mounted (at $HOME/skillset or /workspace/skillset),
# run the deploy script to create relative symlinks for skills and instructions.
# This ensures skills resolve correctly inside the container regardless of
# where the repo lives on the host. Idempotent — second run is a no-op.
#
# Detection order:
# 1. SKILLSET_CONTAINER_PATH env var (explicit, for non-standard layouts)
# 2. $HOME/skillset (dedicated volume mount via SKILLSET_PATH in compose)
# 3. /workspace/skillset (skillset is directly inside workspace root)
SKILLSET_DEPLOY=""
if [ -n "${SKILLSET_CONTAINER_PATH:-}" ] && [ -x "${SKILLSET_CONTAINER_PATH}/deploy-skills.sh" ]; then
SKILLSET_DEPLOY="${SKILLSET_CONTAINER_PATH}/deploy-skills.sh"
elif [ -x "$HOME/skillset/deploy-skills.sh" ]; then
SKILLSET_DEPLOY="$HOME/skillset/deploy-skills.sh"
elif [ -x /workspace/skillset/deploy-skills.sh ]; then
SKILLSET_DEPLOY="/workspace/skillset/deploy-skills.sh"
fi
if [ -n "$SKILLSET_DEPLOY" ]; then
"$SKILLSET_DEPLOY" --bootstrap --prune-stale >/dev/null 2>&1 || true
fi
CONFIG_DIR="$HOME/.config/opencode"
OMOS_CONFIG="$CONFIG_DIR/oh-my-opencode-slim.json"
# ── oh-my-opencode-slim setup (multi-agent orchestration) ────────────
# Activated by ENABLE_OMOS=true. Requires the image to be built with
# INSTALL_OMOS=true (which installs bun + the oh-my-opencode-slim package).
OMOS_CONFIG="$CONFIG_DIR/oh-my-opencode-slim.json"
if [ "${ENABLE_OMOS:-false}" = "true" ]; then
if ! command -v bun &>/dev/null; then
echo "WARNING: ENABLE_OMOS=true but bun is not installed."
echo "Rebuild with: docker compose build --build-arg INSTALL_OMOS=true"
elif [ ! -f "$OMOS_CONFIG" ]; then
echo "Setting up oh-my-opencode-slim agents..."
# Determine installer flags
OMOS_TMUX_FLAG="no"
if [ "${OMOS_TMUX:-false}" = "true" ]; then
OMOS_TMUX_FLAG="yes"
fi
OMOS_SKILLS_FLAG="yes"
if [ "${OMOS_SKILLS:-true}" = "false" ]; then
OMOS_SKILLS_FLAG="no"
fi
bun x oh-my-opencode-slim@latest install \
--no-tui \
--tmux="${OMOS_TMUX_FLAG}" \
--skills="${OMOS_SKILLS_FLAG}"
echo "oh-my-opencode-slim configured successfully."
else
echo "oh-my-opencode-slim config found at $OMOS_CONFIG (use OMOS_RESET=true to overwrite)."
# Allow reset via env var (creates backup automatically)
if [ "${OMOS_RESET:-false}" = "true" ]; then
echo "OMOS_RESET=true — regenerating oh-my-opencode-slim config..."
OMOS_TMUX_FLAG="no"
[ "${OMOS_TMUX:-false}" = "true" ] && OMOS_TMUX_FLAG="yes"
OMOS_SKILLS_FLAG="yes"
[ "${OMOS_SKILLS:-true}" = "false" ] && OMOS_SKILLS_FLAG="no"
bun x oh-my-opencode-slim@latest install \
--no-tui \
--tmux="${OMOS_TMUX_FLAG}" \
--skills="${OMOS_SKILLS_FLAG}" \
--reset
fi
fi
fi
# ── Execute command ──────────────────────────────────────────────────
exec "$@"
Reference in New Issue View Git Blame Copy Permalink