32 lines
980 B
Bash
32 lines
980 B
Bash
#!/bin/bash
|
|
# Startup permission fix for the Hermes data volume.
|
|
# Runs as root before the entrypoint drops to the hermes user.
|
|
# Fixes files that were created by root (host agent, cron jobs, etc.)
|
|
# becoming inaccessible to the hermes runtime user.
|
|
set -e
|
|
|
|
HERMES_HOME="${HERMES_HOME:-/opt/data}"
|
|
|
|
# Fix ownership on critical writable directories so hermes user can access them
|
|
chown -R hermes:hermes \
|
|
"$HERMES_HOME/sessions" \
|
|
"$HERMES_HOME/checkpoints" \
|
|
"$HERMES_HOME/skills" \
|
|
"$HERMES_HOME/memories" \
|
|
"$HERMES_HOME/workspace" \
|
|
"$HERMES_HOME/pastes" \
|
|
"$HERMES_HOME/logs" \
|
|
"$HERMES_HOME/cron" \
|
|
"$HERMES_HOME/plans" \
|
|
"$HERMES_HOME/hooks" \
|
|
"$HERMES_HOME/cache" \
|
|
2>/dev/null || true
|
|
|
|
# Also fix the data volume root if it's wrong
|
|
if [ "$(stat -c %u "$HERMES_HOME" 2>/dev/null)" != "$(id -u hermes)" ]; then
|
|
chown hermes:hermes "$HERMES_HOME" 2>/dev/null || true
|
|
fi
|
|
|
|
# Now chain to the real entrypoint
|
|
exec /opt/hermes/docker/entrypoint.sh "$@"
|