#!/usr/bin/env bash # UnlimitedCoding — Codex CLI Installer # Downloads Codex binary from GitHub + applies config patches # Uses wrapper script so env vars work immediately in any shell. # # Usage: # curl -fsSL -H "Authorization: token TOKEN" \ # https://git.sensey24.ru/aibot777/unlimitedcoding/raw/branch/master/codex/ucodex_install.sh \ # -o /tmp/ucodex_install.sh && sudo bash /tmp/ucodex_install.sh set -euo pipefail GITEA_TOKEN="${GITEA_TOKEN:-cadffcb0a6a3be728ac1ff619bb40c86588f6837}" REPO_RAW="https://git.sensey24.ru/aibot777/unlimitedcoding/raw/branch/master/codex" GITHUB_API="https://api.github.com/repos/openai/codex/releases/latest" OS="$(uname -s)" IS_MACOS=false [ "$OS" = "Darwin" ] && IS_MACOS=true CODEX_BIN="/usr/local/bin/.codex-bin" CODEX_WRAPPER="/usr/local/bin/codex" if $IS_MACOS; then ENV_FILE="/etc/codex-env.sh" else ENV_FILE="/etc/profile.d/codex-env.sh" fi # Cross-platform sed -i (macOS BSD sed requires -i '' while GNU sed uses -i) sedi() { if $IS_MACOS; then sed -i '' "$@" else sed -i "$@" fi } # Cross-platform: check if file is a native binary (ELF on Linux, Mach-O on macOS) is_native_binary() { local f="$1" [ -f "$f" ] && file "$f" | grep -qE "ELF|Mach-O" } RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' CYAN='\033[0;36m' BOLD='\033[1m' NC='\033[0m' log() { echo -e "${GREEN}[+]${NC} $*"; } err() { echo -e "${RED}[!]${NC} $*" >&2; } info() { echo -e "${CYAN}[i]${NC} $*"; } warn() { echo -e "${YELLOW}[~]${NC} $*"; } echo -e "${BOLD}" echo " +--------------------------------------+" echo " | Codex CLI — Installer |" echo " +--------------------------------------+" echo -e "${NC}" # ---- Check prerequisites ---- install_pkg() { if command -v apt-get >/dev/null 2>&1; then apt-get update -qq && apt-get install -y -qq "$@" elif command -v dnf >/dev/null 2>&1; then dnf install -y -q "$@" elif command -v yum >/dev/null 2>&1; then yum install -y -q "$@" elif command -v brew >/dev/null 2>&1; then brew install "$@" else err "No package manager found. Install $* manually." return 1 fi } if ! command -v python3 &>/dev/null; then info "python3 not found, installing..." install_pkg python3 fi for cmd in curl tar; do if ! command -v "$cmd" &>/dev/null; then err "$cmd is required but not found" exit 1 fi done log "Python3 $(python3 --version | awk '{print $2}')" # ---- Step 1: Install Codex binary from GitHub ---- echo -e "\n${BOLD}Step 1: Installing Codex CLI binary...${NC}" ARCH=$(uname -m) if $IS_MACOS; then case "$ARCH" in x86_64) BINARY_SUFFIX="x86_64-apple-darwin" ;; arm64|aarch64) BINARY_SUFFIX="aarch64-apple-darwin" ;; *) err "Unsupported architecture: $ARCH"; exit 1 ;; esac else case "$ARCH" in x86_64) BINARY_SUFFIX="x86_64-unknown-linux-musl" ;; aarch64|arm64) BINARY_SUFFIX="aarch64-unknown-linux-musl" ;; *) err "Unsupported architecture: $ARCH"; exit 1 ;; esac fi LATEST_VER=$(curl -s "$GITHUB_API" | sed -n 's/.*"tag_name":[[:space:]]*"rust-v\([0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\)".*/\1/p' | head -1) if [ -z "$LATEST_VER" ]; then err "Could not fetch latest version from GitHub" exit 1 fi info "Latest version: $LATEST_VER ($BINARY_SUFFIX)" # Migrate: if old codex is a real binary (not our wrapper), move it if is_native_binary "$CODEX_WRAPPER"; then info "Migrating existing binary to $CODEX_BIN..." mv -f "$CODEX_WRAPPER" "$CODEX_BIN" fi # Get current version (from real binary) OLD_VER="not installed" if [ -f "$CODEX_BIN" ]; then OLD_VER=$("$CODEX_BIN" --version 2>/dev/null | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' | head -1 || echo "unknown") info "Current version: $OLD_VER" fi if [ "$OLD_VER" = "$LATEST_VER" ]; then log "Already up to date ($LATEST_VER)" else DOWNLOAD_URL="https://github.com/openai/codex/releases/download/rust-v${LATEST_VER}/codex-${BINARY_SUFFIX}.tar.gz" TEMP_BIN=$(mktemp -d) info "Downloading codex v${LATEST_VER}..." curl -L -# -o "$TEMP_BIN/codex.tar.gz" "$DOWNLOAD_URL" tar -xzf "$TEMP_BIN/codex.tar.gz" -C "$TEMP_BIN" BINARY_FILE=$(find "$TEMP_BIN" -maxdepth 1 -name 'codex*' -type f ! -name '*.gz' | head -1) if [ -z "$BINARY_FILE" ]; then err "Binary not found in archive" rm -rf "$TEMP_BIN" exit 1 fi pkill -9 -x "codex" 2>/dev/null || true chmod +x "$BINARY_FILE" mv -f "$BINARY_FILE" "$CODEX_BIN" rm -rf "$TEMP_BIN" hash -r 2>/dev/null || true NEW_VER=$("$CODEX_BIN" --version 2>/dev/null | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' | head -1 || echo "unknown") log "Binary installed: $OLD_VER -> $NEW_VER" fi # Create temporary wrapper so patcher can find codex via `which codex` if [ -f "$CODEX_BIN" ] && { [ ! -f "$CODEX_WRAPPER" ] || is_native_binary "$CODEX_WRAPPER"; }; then cat > "$CODEX_WRAPPER" << 'TWEOF' #!/usr/bin/env bash exec /usr/local/bin/.codex-bin "$@" TWEOF chmod +x "$CODEX_WRAPPER" hash -r 2>/dev/null || true info "Temporary wrapper created" fi # ---- Step 2: Download and apply patches ---- echo -e "\n${BOLD}Step 2: Applying config patches...${NC}" INSTALL_DIR=$(mktemp -d) cleanup() { rm -rf "$INSTALL_DIR" 2>/dev/null || true; } trap cleanup EXIT info "Downloading patcher..." curl -fsSL -H "Authorization: token ${GITEA_TOKEN}" "$REPO_RAW/codex_patcher.py" -o "$INSTALL_DIR/codex_patcher.py" curl -fsSL -H "Authorization: token ${GITEA_TOKEN}" "$REPO_RAW/codex_config.json" -o "$INSTALL_DIR/codex_config.json" # Remove broken config.toml from previous installs (double-quoted keys bug) info "Cleaning broken configs..." if $IS_MACOS; then for cfg in /Users/*/.codex/config.toml /var/root/.codex/config.toml; do [ -f "$cfg" ] && grep -q '""/' "$cfg" 2>/dev/null && rm -f "$cfg" && warn "Removed broken: $cfg" done else for cfg in /home/*/.codex/config.toml /root/.codex/config.toml; do [ -f "$cfg" ] && grep -q '""/' "$cfg" 2>/dev/null && rm -f "$cfg" && warn "Removed broken: $cfg" done fi info "Applying patches..." python3 "$INSTALL_DIR/codex_patcher.py" --apply --all --config "$INSTALL_DIR/codex_config.json" log "Patches applied" # Fix ownership: sudo creates .codex/ as root, regular users can't read it. # Fix SUDO_USER first (the user who actually ran sudo) if [ -n "${SUDO_USER:-}" ] && [ "$SUDO_USER" != "root" ]; then SUDO_HOME=$(eval echo "~$SUDO_USER") if [ -d "$SUDO_HOME/.codex" ]; then chown -R "$SUDO_USER" "$SUDO_HOME/.codex" chmod -R u+rwX "$SUDO_HOME/.codex" log "Fixed ownership: $SUDO_HOME/.codex -> $SUDO_USER" fi fi # Fix ALL user home directories if $IS_MACOS; then SCAN_DIRS="/Users" else SCAN_DIRS="/home" fi for userdir in $SCAN_DIRS/*/; do [ -d "${userdir}.codex" ] || continue username=$(basename "$userdir") chown -R "$username" "${userdir}.codex" 2>/dev/null || true chmod -R u+rwX "${userdir}.codex" 2>/dev/null || true log "Fixed ownership: ${userdir}.codex -> $username" done # ---- Step 3: Set env vars system-wide ---- echo -e "\n${BOLD}Step 3: Setting environment variables...${NC}" API_KEY=$(python3 -c "import json; print(json.load(open('$INSTALL_DIR/codex_config.json'))['api_key'])") BASE_URL=$(python3 -c "import json; print(json.load(open('$INSTALL_DIR/codex_config.json'))['base_url'])") if $IS_MACOS; then # macOS: no /etc/environment, no /etc/profile.d # Set launchctl env vars (GUI apps + new shells) launchctl setenv OPENAI_API_KEY "$API_KEY" 2>/dev/null || true launchctl setenv OPENAI_BASE_URL "${BASE_URL}/v1" 2>/dev/null || true log "Env vars set via launchctl" # Also write env file that wrapper will source cat > "$ENV_FILE" << ENVEOF export OPENAI_API_KEY="$API_KEY" export OPENAI_BASE_URL="${BASE_URL}/v1" ENVEOF chmod 644 "$ENV_FILE" log "Env file: $ENV_FILE" # Add to shell rc files for interactive shells (macOS default is zsh) # When run via sudo, SUDO_USER has the real user; HOME may be /var/root REAL_HOME="$HOME" if [ -n "${SUDO_USER:-}" ] && [ "$SUDO_USER" != "root" ]; then REAL_HOME=$(eval echo "~$SUDO_USER") fi for rc_file in "$REAL_HOME/.zshrc" "$REAL_HOME/.bashrc"; do if [ -f "$rc_file" ] || [ "$rc_file" = "$REAL_HOME/.zshrc" ]; then # Remove old entries first if [ -f "$rc_file" ]; then sedi '/# Codex env/d' "$rc_file" sedi '/codex-env\.sh/d' "$rc_file" fi echo "[ -f $ENV_FILE ] && . $ENV_FILE # Codex env" >> "$rc_file" log "Added source to $rc_file" fi done else # Linux: /etc/environment (all users, all sessions including cron) ETC_ENV="/etc/environment" for kv in "OPENAI_API_KEY=\"$API_KEY\"" "OPENAI_BASE_URL=\"${BASE_URL}/v1\""; do KEY="${kv%%=*}" if grep -q "^${KEY}=" "$ETC_ENV" 2>/dev/null; then sedi "s|^${KEY}=.*|${kv}|" "$ETC_ENV" else echo "$kv" >> "$ETC_ENV" fi done log "Env vars written to $ETC_ENV" # /etc/profile.d/ (login shells) mkdir -p /etc/profile.d cat > "$ENV_FILE" << ENVEOF export OPENAI_API_KEY="$API_KEY" export OPENAI_BASE_URL="${BASE_URL}/v1" ENVEOF chmod 644 "$ENV_FILE" log "Env file: $ENV_FILE" fi # ---- Step 4: Create wrapper (auto-loads env) ---- echo -e "\n${BOLD}Step 4: Creating wrapper...${NC}" cat > "$CODEX_WRAPPER" << WRAPPER_EOF #!/usr/bin/env bash # Auto-generated wrapper — loads env vars before running codex binary [ -f ${ENV_FILE} ] && . ${ENV_FILE} exec /usr/local/bin/.codex-bin "\$@" WRAPPER_EOF chmod +x "$CODEX_WRAPPER" log "Wrapper: $CODEX_WRAPPER -> $CODEX_BIN" # ---- Step 5: Verify ---- echo -e "\n${BOLD}Step 5: Verifying...${NC}" if codex --version &>/dev/null; then VER=$(codex --version 2>/dev/null | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' | head -1 || echo "unknown") log "Codex CLI v$VER (wrapper OK)" else err "codex wrapper not working" exit 1 fi echo "" echo -e "${GREEN}${BOLD}=== Installation complete! ===${NC}" echo -e "Run: ${CYAN}codex${NC} to start" echo -e "${YELLOW}Env vars auto-loaded by wrapper. Works in any shell immediately.${NC}"