Fix OAuth file permissions automatically on Docker startup

2026-03-07 18:13:07 +00:00 · 2026-03-06 23:32:44 +03:00
parent a7261c2fbe
commit fa75cef03c
3 changed files with 38 additions and 3 deletions
--- a/scripts/docker-entrypoint.sh
+++ b/scripts/docker-entrypoint.sh
@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+fix_auth_dir() {
+  local dir="$1"
+  if [[ ! -d "$dir" ]]; then
+    return 0
+  fi
+
+  # data/ can be bind-mounted with root ownership from host;
+  # fix only OAuth directories to keep startup fast and scoped.
+  sudo chown node:node "$dir" >/dev/null 2>&1 || true
+  sudo chmod 700 "$dir" >/dev/null 2>&1 || true
+}
+
+fix_auth_file() {
+  local file_path="$1"
+  if [[ ! -f "$file_path" ]]; then
+    return 0
+  fi
+
+  sudo chown node:node "$file_path" >/dev/null 2>&1 || true
+  sudo chmod 600 "$file_path" >/dev/null 2>&1 || true
+}
+
+fix_auth_dir "/app/data/.codex"
+fix_auth_dir "/app/data/.gemini"
+
+fix_auth_file "/app/data/.codex/auth.json"
+fix_auth_file "/app/data/.gemini/oauth_creds.json"
+fix_auth_file "/app/data/.gemini/settings.json"
+
+exec npm run start