oskar/homelab-codex-ws
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
homelab-codex-ws/services/control-plane
History
Oskar Kapala 7f17b65278 fix(control-plane): run executor as uid 1000 with docker group access 
Executor was the only control-plane container running as root (uid=0),
writing root-owned files to /opt/homelab via bind-mount and triggering
false sudo on every deploy.

- Dockerfile: add USER homelab after useradd (useradd already present)
- docker-compose.yml: add user: "1000:1000" and group_add: ["999"]
  (GID 999 = docker group on VPS) so executor retains docker.sock access

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-03 18:19:58 +02:00
..
src fix(observer): robust incident lifecycle + orphan auto-resolve 2026-06-03 14:29:12 +02:00
tests fix(observer): robust incident lifecycle + orphan auto-resolve 2026-06-03 14:29:12 +02:00
deploy-local.sh fix(deploy): skip sudo chown/chmod when /opt/homelab ownership is already correct 2026-06-03 15:44:44 +02:00
docker-compose.yml fix(control-plane): run executor as uid 1000 with docker group access 2026-06-03 18:19:58 +02:00
Dockerfile fix(control-plane): run executor as uid 1000 with docker group access 2026-06-03 18:19:58 +02:00
pyproject.toml feat(control-plane): route ha-diag-agent events through supervisor 2026-05-29 15:59:23 +02:00