lfg2025/archy
1
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases 33 Wiki Activity

fix: dynamic UID in first-boot-containers.sh, remove temp fix-ssh workflow
All checks were successful
Build Archipelago ISO (dev) / build-iso (push) Successful in 14m37s
Details

Browse Source 
Replace hardcoded /run/user/1000 with $(id -u archipelago) so first-boot
works regardless of the archipelago user's UID.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Dorian
2026-04-03 12:33:15 +01:00
parent 178b728892
commit 2daadb7a1d
2 changed files with 6 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
.gitea/workflows/fix-ssh.yml
View File

@@ -1,23 +0,0 @@
name: Fix SSH Permissions
on:
push:
branches: [main]
env:
HOME: /tmp
jobs:
fix-ssh:
runs-on: ubuntu-latest
timeout-minutes: 2
steps:
- name: Fix debian user UID and SSH
working-directory: /tmp
run: |
echo "Fixing SSH..."
sudo chown -R 1000:1000 /home/debian
sudo chmod 700 /home/debian/.ssh
sudo chmod 600 /home/debian/.ssh/authorized_keys
sudo systemctl restart sshd
echo "SSH fixed"

12
scripts/first-boot-containers.sh
View File

@@ -44,9 +44,9 @@ SCRIPT_DIR_FBC="$(cd "$(dirname "$0")" && pwd)"
# Run podman as the archipelago user (rootless) — NOT as root.
# The backend service runs as User=archipelago and connects to the rootless
# podman socket at /run/user/1000/podman/podman.sock. If we create containers
# podman socket at /run/user/$(id -u archipelago)/podman/podman.sock. If we create containers
# as root (rootful podman), the backend can't see them at all.
DOCKER="runuser -u archipelago -- env XDG_RUNTIME_DIR=/run/user/1000 podman"
DOCKER="runuser -u archipelago -- env XDG_RUNTIME_DIR=/run/user/$(id -u archipelago) podman"
TARGET_IP=$(hostname -I 2>/dev/null | awk '{print $1}')
[ -z "$TARGET_IP" ] && TARGET_IP="127.0.0.1"
@@ -250,11 +250,11 @@ grep -q "^archipelago:" /etc/subuid 2>/dev/null || {
chmod 644 /etc/hosts 2>/dev/null
# Ensure XDG_RUNTIME_DIR exists for rootless podman
mkdir -p /run/user/1000
chown archipelago:archipelago /run/user/1000
chmod 700 /run/user/1000
mkdir -p /run/user/$(id -u archipelago)
chown archipelago:archipelago /run/user/$(id -u archipelago)
chmod 700 /run/user/$(id -u archipelago)
# Start rootless podman socket (required before first podman command)
runuser -u archipelago -- env XDG_RUNTIME_DIR=/run/user/1000 \
runuser -u archipelago -- env XDG_RUNTIME_DIR=/run/user/$(id -u archipelago) \
systemctl --user start podman.socket 2>/dev/null || true
# Ensure archy-net exists — critical for inter-container DNS (mempool→bitcoin, etc.)