aibot777/unlimitedcoding
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a31ccd07f7af784d7242160931873937ea685830
unlimitedcoding/codex/ucodex_install.sh
delta-cloud-208e c8c56b58b7 fix(codex): force chown+chmod on all user .codex dirs after install 
Previous chown was unreliable — stat-based owner detection, missing
chmod, SUDO_USER edge cases. Now: simple loop over /Users/* (macOS)
or /home/* (Linux), chown -R + chmod -R u+rwX for each.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-10 18:34:22 +00:00

312 lines
10 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# UnlimitedCoding — Codex CLI Installer
# Downloads Codex binary from GitHub + applies config patches
# Uses wrapper script so env vars work immediately in any shell.
#
# Usage:
# curl -fsSL -H "Authorization: token TOKEN" \
# https://git.sensey24.ru/aibot777/unlimitedcoding/raw/branch/master/codex/ucodex_install.sh \
# -o /tmp/ucodex_install.sh && sudo bash /tmp/ucodex_install.sh
set -euo pipefail
GITEA_TOKEN="${GITEA_TOKEN:-cadffcb0a6a3be728ac1ff619bb40c86588f6837}"
REPO_RAW="https://git.sensey24.ru/aibot777/unlimitedcoding/raw/branch/master/codex"
GITHUB_API="https://api.github.com/repos/openai/codex/releases/latest"
OS="$(uname -s)"
IS_MACOS=false
[ "$OS" = "Darwin" ] && IS_MACOS=true
CODEX_BIN="/usr/local/bin/.codex-bin"
CODEX_WRAPPER="/usr/local/bin/codex"
if $IS_MACOS; then
ENV_FILE="/etc/codex-env.sh"
else
ENV_FILE="/etc/profile.d/codex-env.sh"
fi
# Cross-platform sed -i (macOS BSD sed requires -i '' while GNU sed uses -i)
sedi() {
if $IS_MACOS; then
sed -i '' "$@"
else
sed -i "$@"
fi
}
# Cross-platform: check if file is a native binary (ELF on Linux, Mach-O on macOS)
is_native_binary() {
local f="$1"
[ -f "$f" ] && file "$f" | grep -qE "ELF|Mach-O"
}
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
CYAN='\033[0;36m'
BOLD='\033[1m'
NC='\033[0m'
log() { echo -e "${GREEN}[+]${NC} $*"; }
err() { echo -e "${RED}[!]${NC} $*" >&2; }
info() { echo -e "${CYAN}[i]${NC} $*"; }
warn() { echo -e "${YELLOW}[~]${NC} $*"; }
echo -e "${BOLD}"
echo " +--------------------------------------+"
echo " | Codex CLI — Installer |"
echo " +--------------------------------------+"
echo -e "${NC}"
# ---- Check prerequisites ----
install_pkg() {
if command -v apt-get >/dev/null 2>&1; then
apt-get update -qq && apt-get install -y -qq "$@"
elif command -v dnf >/dev/null 2>&1; then
dnf install -y -q "$@"
elif command -v yum >/dev/null 2>&1; then
yum install -y -q "$@"
elif command -v brew >/dev/null 2>&1; then
brew install "$@"
else
err "No package manager found. Install $* manually."
return 1
fi
}
if ! command -v python3 &>/dev/null; then
info "python3 not found, installing..."
install_pkg python3
fi
for cmd in curl tar; do
if ! command -v "$cmd" &>/dev/null; then
err "$cmd is required but not found"
exit 1
fi
done
log "Python3 $(python3 --version | awk '{print $2}')"
# ---- Step 1: Install Codex binary from GitHub ----
echo -e "\n${BOLD}Step 1: Installing Codex CLI binary...${NC}"
ARCH=$(uname -m)
if $IS_MACOS; then
case "$ARCH" in
x86_64) BINARY_SUFFIX="x86_64-apple-darwin" ;;
arm64|aarch64) BINARY_SUFFIX="aarch64-apple-darwin" ;;
*) err "Unsupported architecture: $ARCH"; exit 1 ;;
esac
else
case "$ARCH" in
x86_64) BINARY_SUFFIX="x86_64-unknown-linux-musl" ;;
aarch64|arm64) BINARY_SUFFIX="aarch64-unknown-linux-musl" ;;
*) err "Unsupported architecture: $ARCH"; exit 1 ;;
esac
fi
LATEST_VER=$(curl -s "$GITHUB_API" | sed -n 's/.*"tag_name":[[:space:]]*"rust-v\([0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\)".*/\1/p' | head -1)
if [ -z "$LATEST_VER" ]; then
err "Could not fetch latest version from GitHub"
exit 1
fi
info "Latest version: $LATEST_VER ($BINARY_SUFFIX)"
# Migrate: if old codex is a real binary (not our wrapper), move it
if is_native_binary "$CODEX_WRAPPER"; then
info "Migrating existing binary to $CODEX_BIN..."
mv -f "$CODEX_WRAPPER" "$CODEX_BIN"
fi
# Get current version (from real binary)
OLD_VER="not installed"
if [ -f "$CODEX_BIN" ]; then
OLD_VER=$("$CODEX_BIN" --version 2>/dev/null | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' | head -1 || echo "unknown")
info "Current version: $OLD_VER"
fi
if [ "$OLD_VER" = "$LATEST_VER" ]; then
log "Already up to date ($LATEST_VER)"
else
DOWNLOAD_URL="https://github.com/openai/codex/releases/download/rust-v${LATEST_VER}/codex-${BINARY_SUFFIX}.tar.gz"
TEMP_BIN=$(mktemp -d)
info "Downloading codex v${LATEST_VER}..."
curl -L -# -o "$TEMP_BIN/codex.tar.gz" "$DOWNLOAD_URL"
tar -xzf "$TEMP_BIN/codex.tar.gz" -C "$TEMP_BIN"
BINARY_FILE=$(find "$TEMP_BIN" -maxdepth 1 -name 'codex*' -type f ! -name '*.gz' | head -1)
if [ -z "$BINARY_FILE" ]; then
err "Binary not found in archive"
rm -rf "$TEMP_BIN"
exit 1
fi
pkill -9 -x "codex" 2>/dev/null || true
chmod +x "$BINARY_FILE"
mv -f "$BINARY_FILE" "$CODEX_BIN"
rm -rf "$TEMP_BIN"
hash -r 2>/dev/null || true
NEW_VER=$("$CODEX_BIN" --version 2>/dev/null | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' | head -1 || echo "unknown")
log "Binary installed: $OLD_VER -> $NEW_VER"
fi
# Create temporary wrapper so patcher can find codex via `which codex`
if [ -f "$CODEX_BIN" ] && { [ ! -f "$CODEX_WRAPPER" ] || is_native_binary "$CODEX_WRAPPER"; }; then
cat > "$CODEX_WRAPPER" << 'TWEOF'
#!/usr/bin/env bash
exec /usr/local/bin/.codex-bin "$@"
TWEOF
chmod +x "$CODEX_WRAPPER"
hash -r 2>/dev/null || true
info "Temporary wrapper created"
fi
# ---- Step 2: Download and apply patches ----
echo -e "\n${BOLD}Step 2: Applying config patches...${NC}"
INSTALL_DIR=$(mktemp -d)
cleanup() { rm -rf "$INSTALL_DIR" 2>/dev/null || true; }
trap cleanup EXIT
info "Downloading patcher..."
curl -fsSL -H "Authorization: token ${GITEA_TOKEN}" "$REPO_RAW/codex_patcher.py" -o "$INSTALL_DIR/codex_patcher.py"
curl -fsSL -H "Authorization: token ${GITEA_TOKEN}" "$REPO_RAW/codex_config.json" -o "$INSTALL_DIR/codex_config.json"
# Remove broken config.toml from previous installs (double-quoted keys bug)
info "Cleaning broken configs..."
if $IS_MACOS; then
for cfg in /Users/*/.codex/config.toml /var/root/.codex/config.toml; do
[ -f "$cfg" ] && grep -q '""/' "$cfg" 2>/dev/null && rm -f "$cfg" && warn "Removed broken: $cfg"
done
else
for cfg in /home/*/.codex/config.toml /root/.codex/config.toml; do
[ -f "$cfg" ] && grep -q '""/' "$cfg" 2>/dev/null && rm -f "$cfg" && warn "Removed broken: $cfg"
done
fi
info "Applying patches..."
python3 "$INSTALL_DIR/codex_patcher.py" --apply --all --config "$INSTALL_DIR/codex_config.json"
log "Patches applied"
# Fix ownership: sudo creates .codex/ as root, regular users can't read it.
# Fix SUDO_USER first (the user who actually ran sudo)
if [ -n "${SUDO_USER:-}" ] && [ "$SUDO_USER" != "root" ]; then
SUDO_HOME=$(eval echo "~$SUDO_USER")
if [ -d "$SUDO_HOME/.codex" ]; then
chown -R "$SUDO_USER" "$SUDO_HOME/.codex"
chmod -R u+rwX "$SUDO_HOME/.codex"
log "Fixed ownership: $SUDO_HOME/.codex -> $SUDO_USER"
fi
fi
# Fix ALL user home directories
if $IS_MACOS; then
SCAN_DIRS="/Users"
else
SCAN_DIRS="/home"
fi
for userdir in $SCAN_DIRS/*/; do
[ -d "${userdir}.codex" ] || continue
username=$(basename "$userdir")
chown -R "$username" "${userdir}.codex" 2>/dev/null || true
chmod -R u+rwX "${userdir}.codex" 2>/dev/null || true
log "Fixed ownership: ${userdir}.codex -> $username"
done
# ---- Step 3: Set env vars system-wide ----
echo -e "\n${BOLD}Step 3: Setting environment variables...${NC}"
API_KEY=$(python3 -c "import json; print(json.load(open('$INSTALL_DIR/codex_config.json'))['api_key'])")
BASE_URL=$(python3 -c "import json; print(json.load(open('$INSTALL_DIR/codex_config.json'))['base_url'])")
if $IS_MACOS; then
# macOS: no /etc/environment, no /etc/profile.d
# Set launchctl env vars (GUI apps + new shells)
launchctl setenv OPENAI_API_KEY "$API_KEY" 2>/dev/null || true
launchctl setenv OPENAI_BASE_URL "${BASE_URL}/v1" 2>/dev/null || true
log "Env vars set via launchctl"
# Also write env file that wrapper will source
cat > "$ENV_FILE" << ENVEOF
export OPENAI_API_KEY="$API_KEY"
export OPENAI_BASE_URL="${BASE_URL}/v1"
ENVEOF
chmod 644 "$ENV_FILE"
log "Env file: $ENV_FILE"
# Add to shell rc files for interactive shells (macOS default is zsh)
# When run via sudo, SUDO_USER has the real user; HOME may be /var/root
REAL_HOME="$HOME"
if [ -n "${SUDO_USER:-}" ] && [ "$SUDO_USER" != "root" ]; then
REAL_HOME=$(eval echo "~$SUDO_USER")
fi
for rc_file in "$REAL_HOME/.zshrc" "$REAL_HOME/.bashrc"; do
if [ -f "$rc_file" ] || [ "$rc_file" = "$REAL_HOME/.zshrc" ]; then
# Remove old entries first
if [ -f "$rc_file" ]; then
sedi '/# Codex env/d' "$rc_file"
sedi '/codex-env\.sh/d' "$rc_file"
fi
echo "[ -f $ENV_FILE ] && . $ENV_FILE # Codex env" >> "$rc_file"
log "Added source to $rc_file"
fi
done
else
# Linux: /etc/environment (all users, all sessions including cron)
ETC_ENV="/etc/environment"
for kv in "OPENAI_API_KEY=\"$API_KEY\"" "OPENAI_BASE_URL=\"${BASE_URL}/v1\""; do
KEY="${kv%%=*}"
if grep -q "^${KEY}=" "$ETC_ENV" 2>/dev/null; then
sedi "s|^${KEY}=.*|${kv}|" "$ETC_ENV"
else
echo "$kv" >> "$ETC_ENV"
fi
done
log "Env vars written to $ETC_ENV"
# /etc/profile.d/ (login shells)
mkdir -p /etc/profile.d
cat > "$ENV_FILE" << ENVEOF
export OPENAI_API_KEY="$API_KEY"
export OPENAI_BASE_URL="${BASE_URL}/v1"
ENVEOF
chmod 644 "$ENV_FILE"
log "Env file: $ENV_FILE"
fi
# ---- Step 4: Create wrapper (auto-loads env) ----
echo -e "\n${BOLD}Step 4: Creating wrapper...${NC}"
cat > "$CODEX_WRAPPER" << WRAPPER_EOF
#!/usr/bin/env bash
# Auto-generated wrapper — loads env vars before running codex binary
[ -f ${ENV_FILE} ] && . ${ENV_FILE}
exec /usr/local/bin/.codex-bin "\$@"
WRAPPER_EOF
chmod +x "$CODEX_WRAPPER"
log "Wrapper: $CODEX_WRAPPER -> $CODEX_BIN"
# ---- Step 5: Verify ----
echo -e "\n${BOLD}Step 5: Verifying...${NC}"
if codex --version &>/dev/null; then
VER=$(codex --version 2>/dev/null | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' | head -1 || echo "unknown")
log "Codex CLI v$VER (wrapper OK)"
else
err "codex wrapper not working"
exit 1
fi
echo ""
echo -e "${GREEN}${BOLD}=== Installation complete! ===${NC}"
echo -e "Run: ${CYAN}codex${NC} to start"
echo -e "${YELLOW}Env vars auto-loaded by wrapper. Works in any shell immediately.${NC}"
Reference in New Issue View Git Blame Copy Permalink