-
Notifications
You must be signed in to change notification settings - Fork 2.8k
Expand file tree
/
Copy pathdocker-entrypoint.sh
More file actions
27 lines (24 loc) · 1 KB
/
docker-entrypoint.sh
File metadata and controls
27 lines (24 loc) · 1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#!/bin/bash
set -e
# Determine if we need to use gosu for privilege dropping
if [ "$(id -u)" = "0" ]; then
# Running as root: fix volume permissions, then drop to appuser
if ! chown -Rh appuser:appuser /.archon 2>/dev/null; then
echo "ERROR: Failed to fix ownership of /.archon — volume may be read-only or mounted with incompatible options" >&2
exit 1
fi
RUNNER="gosu appuser"
else
# Already running as non-root (e.g., --user flag or Kubernetes)
RUNNER=""
fi
# Configure git to use GH_TOKEN for HTTPS clones via credential helper
# Uses a helper function so the token stays in the environment, not in ~/.gitconfig
if [ -n "$GH_TOKEN" ]; then
$RUNNER git config --global credential."https://github.com".helper \
'!f() { echo "username=x-access-token"; echo "password=${GH_TOKEN}"; }; f'
fi
# Run setup-auth (exits after configuring Codex credentials), then exec the server
# exec ensures bun is PID 1 and receives SIGTERM for graceful shutdown
$RUNNER bun run setup-auth
exec $RUNNER bun run start