unlimitedcoding/codex/ucodex_update.sh

#!/usr/bin/env bash
# Codex CLI — Updater
# Downloads latest binary from GitHub + re-applies config patches.
# Uses wrapper script so env vars work immediately in any shell.
#
# Usage: sudo bash ucodex_update.sh
set -euo pipefail

GITEA_TOKEN="${GITEA_TOKEN:-cadffcb0a6a3be728ac1ff619bb40c86588f6837}"
REPO_RAW="https://git.sensey24.ru/aibot777/unlimitedcoding/raw/branch/master/codex"
GITHUB_API="https://api.github.com/repos/openai/codex/releases/latest"

OS="$(uname -s)"
IS_MACOS=false
[ "$OS" = "Darwin" ] && IS_MACOS=true

CODEX_BIN="/usr/local/bin/.codex-bin"
CODEX_WRAPPER="/usr/local/bin/codex"
if $IS_MACOS; then
    ENV_FILE="/etc/codex-env.sh"
else
    ENV_FILE="/etc/profile.d/codex-env.sh"
fi

# Cross-platform sed -i
sedi() {
    if $IS_MACOS; then
        sed -i '' "$@"
    else
        sed -i "$@"
    fi
}

# Cross-platform: check if file is a native binary
is_native_binary() {
    local f="$1"
    [ -f "$f" ] && file "$f" | grep -qE "ELF|Mach-O"
}

GREEN="\033[92m"
CYAN="\033[96m"
YELLOW="\033[93m"
RED="\033[91m"
BOLD="\033[1m"
RESET="\033[0m"

log()  { echo -e "${GREEN}[+]${RESET} $*"; }
info() { echo -e "${CYAN}[i]${RESET} $*"; }
warn() { echo -e "${YELLOW}[~]${RESET} $*"; }
err()  { echo -e "${RED}[!]${RESET} $*" >&2; }

echo -e "${BOLD}"
echo "  +--------------------------------------+"
echo "  |    Codex CLI — Updater               |"
echo "  +--------------------------------------+"
echo -e "${RESET}"

# ---- Migrate old direct binary if needed ----

if is_native_binary "$CODEX_WRAPPER"; then
    info "Migrating old binary to $CODEX_BIN..."
    mv -f "$CODEX_WRAPPER" "$CODEX_BIN"
fi

# ---- Check current version ----

OLD_VER="not installed"
if [ -f "$CODEX_BIN" ]; then
    OLD_VER=$("$CODEX_BIN" --version 2>/dev/null | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' | head -1 || echo "unknown")
    info "Current version: $OLD_VER"
fi

# ---- Get latest version ----

info "Checking latest version..."
LATEST_VER=$(curl -s "$GITHUB_API" | sed -n 's/.*"tag_name":[[:space:]]*"rust-v\([0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\)".*/\1/p' | head -1)

if [ -z "$LATEST_VER" ]; then
    err "Could not fetch latest version from GitHub"
    exit 1
fi
info "Latest version: $LATEST_VER"

if [ "$OLD_VER" = "$LATEST_VER" ]; then
    log "Already up to date ($LATEST_VER)"
else
    ARCH=$(uname -m)
    if $IS_MACOS; then
        case "$ARCH" in
            x86_64)        BINARY_SUFFIX="x86_64-apple-darwin" ;;
            arm64|aarch64) BINARY_SUFFIX="aarch64-apple-darwin" ;;
            *) err "Unsupported architecture: $ARCH"; exit 1 ;;
        esac
    else
        case "$ARCH" in
            x86_64)        BINARY_SUFFIX="x86_64-unknown-linux-musl" ;;
            aarch64|arm64) BINARY_SUFFIX="aarch64-unknown-linux-musl" ;;
            *) err "Unsupported architecture: $ARCH"; exit 1 ;;
        esac
    fi

    DOWNLOAD_URL="https://github.com/openai/codex/releases/download/rust-v${LATEST_VER}/codex-${BINARY_SUFFIX}.tar.gz"
    TEMP_DIR=$(mktemp -d)

    info "Downloading codex-${BINARY_SUFFIX}..."
    curl -L -# -o "$TEMP_DIR/codex.tar.gz" "$DOWNLOAD_URL"
    tar -xzf "$TEMP_DIR/codex.tar.gz" -C "$TEMP_DIR"

    BINARY_FILE=$(find "$TEMP_DIR" -maxdepth 1 -name 'codex*' -type f ! -name '*.gz' | head -1)
    if [ -z "$BINARY_FILE" ]; then
        err "Binary not found in archive"
        rm -rf "$TEMP_DIR"
        exit 1
    fi

    pkill -9 -x "codex" 2>/dev/null || true
    chmod +x "$BINARY_FILE"
    mv -f "$BINARY_FILE" "$CODEX_BIN"
    rm -rf "$TEMP_DIR"
    hash -r 2>/dev/null || true

    NEW_VER=$("$CODEX_BIN" --version 2>/dev/null | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' | head -1 || echo "unknown")
    log "Binary updated: $OLD_VER -> $NEW_VER"
fi

# ---- Download and apply patches ----

PATCH_DIR=$(mktemp -d)
cleanup() { rm -rf "$PATCH_DIR" 2>/dev/null || true; }
trap cleanup EXIT

info "Downloading patcher..."
curl -fsSL -H "Authorization: token ${GITEA_TOKEN}" "$REPO_RAW/codex_patcher.py" -o "$PATCH_DIR/codex_patcher.py"
curl -fsSL -H "Authorization: token ${GITEA_TOKEN}" "https://git.sensey24.ru/aibot777/unlimitedcoding-config/raw/branch/main/codex_config.json" -o "$PATCH_DIR/codex_config.json"

info "Applying patches..."
python3 "$PATCH_DIR/codex_patcher.py" --apply --config "$PATCH_DIR/codex_config.json"

# ---- Set env vars system-wide ----

API_KEY=$(python3 -c "import json; print(json.load(open('$PATCH_DIR/codex_config.json'))['api_key'])")
BASE_URL=$(python3 -c "import json; print(json.load(open('$PATCH_DIR/codex_config.json'))['base_url'])")

if $IS_MACOS; then
    launchctl setenv OPENAI_API_KEY "$API_KEY" 2>/dev/null || true
    launchctl setenv OPENAI_BASE_URL "${BASE_URL}/v1" 2>/dev/null || true

    cat > "$ENV_FILE" << ENVEOF
export OPENAI_API_KEY="$API_KEY"
export OPENAI_BASE_URL="${BASE_URL}/v1"
ENVEOF
    chmod 644 "$ENV_FILE"
else
    ETC_ENV="/etc/environment"
    for kv in "OPENAI_API_KEY=\"$API_KEY\"" "OPENAI_BASE_URL=\"${BASE_URL}/v1\""; do
        KEY="${kv%%=*}"
        if grep -q "^${KEY}=" "$ETC_ENV" 2>/dev/null; then
            sedi "s|^${KEY}=.*|${kv}|" "$ETC_ENV"
        else
            echo "$kv" >> "$ETC_ENV"
        fi
    done

    mkdir -p /etc/profile.d
    cat > "$ENV_FILE" << ENVEOF
export OPENAI_API_KEY="$API_KEY"
export OPENAI_BASE_URL="${BASE_URL}/v1"
ENVEOF
    chmod 644 "$ENV_FILE"
fi

# ---- Create/update wrapper ----

cat > "$CODEX_WRAPPER" << WRAPPER_EOF
#!/usr/bin/env bash
[ -f ${ENV_FILE} ] && . ${ENV_FILE}
exec /usr/local/bin/.codex-bin "\$@"
WRAPPER_EOF
chmod +x "$CODEX_WRAPPER"

info "Env vars + wrapper updated"

log "Update complete!"
echo -e "Codex works immediately — no need to source anything."
echo ""