opencode-cloud-core 25.1.3

Core library for opencode-cloud - config management, singleton enforcement, and shared utilities
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233

//! Docker operations module
//!
//! This module provides Docker container management functionality including:
//! - Docker client wrapper with connection handling
//! - Docker-specific error types
//! - Embedded Dockerfile for building the opencode image
//! - Progress reporting for build and pull operations
//! - Image build and pull operations
//! - Volume management for persistent storage
//! - Container lifecycle (create, start, stop, remove)
//! - Container exec for running commands inside containers
//! - User management operations (create, delete, lock/unlock users)
//! - Image update and rollback operations

mod assets;
mod client;
pub mod container;
mod dockerfile;
mod error;
pub mod exec;
mod health;
pub mod image;
pub mod mount;
pub mod profile;
pub mod progress;
mod registry;
pub mod state;
pub mod update;
pub mod users;
mod version;
pub mod volume;

// Core types
pub use client::{DockerClient, DockerEndpoint};
pub use error::DockerError;
pub use progress::ProgressReporter;

// Health check operations
pub use health::{
    ExtendedHealthResponse, HealthError, HealthResponse, check_health, check_health_extended,
};

// Dockerfile constants
pub use assets::{ENTRYPOINT_SH, HEALTHCHECK_SH, OPENCODE_CLOUD_BOOTSTRAP_SH};
pub use dockerfile::{DOCKERFILE, IMAGE_NAME_DOCKERHUB, IMAGE_NAME_GHCR, IMAGE_TAG_DEFAULT};

// Image operations
pub use image::{build_image, image_exists, pull_image, remove_images_by_name};
pub use profile::{
    DockerResourceNames, INSTANCE_LABEL_KEY, SANDBOX_INSTANCE_ENV, active_resource_names,
    env_instance_id, remap_container_name, remap_image_tag, resource_names_for_instance,
};

// Update operations
pub use update::{UpdateResult, has_previous_image, rollback_image, update_image};

// Version detection
pub use version::{
    VERSION_LABEL, get_cli_version, get_image_version, get_registry_latest_version,
    versions_compatible,
};

// Container exec operations
pub use exec::{
    exec_command, exec_command_exit_code, exec_command_with_status, exec_command_with_stdin,
};

// User management operations
pub use users::{
    UserInfo, create_user, delete_user, list_users, lock_user, persist_user, remove_persisted_user,
    restore_persisted_users, set_user_password, unlock_user, user_exists,
};

// Volume management
pub use volume::{
    MOUNT_CACHE, MOUNT_CONFIG, MOUNT_PROJECTS, MOUNT_SESSION, MOUNT_SSH, MOUNT_STATE, MOUNT_USERS,
    VOLUME_CACHE, VOLUME_CONFIG, VOLUME_NAMES, VOLUME_PROJECTS, VOLUME_SESSION, VOLUME_SSH,
    VOLUME_STATE, VOLUME_USERS, ensure_volumes_exist, remove_all_volumes, remove_volume,
    volume_exists,
};

/// Determine whether the Docker host supports systemd-in-container.
///
/// Returns true only for Linux hosts that are not Docker Desktop and not rootless.
pub async fn docker_supports_systemd(client: &DockerClient) -> Result<bool, DockerError> {
    let info = client.inner().info().await.map_err(DockerError::from)?;

    let os_type = info.os_type.unwrap_or_default();
    if os_type.to_lowercase() != "linux" {
        return Ok(false);
    }

    let operating_system = match info.operating_system {
        Some(value) => value,
        None => return Ok(false),
    };
    if operating_system.to_lowercase().contains("docker desktop") {
        return Ok(false);
    }

    let security_options = match info.security_options {
        Some(options) => options,
        None => return Ok(false),
    };
    let is_rootless = security_options
        .iter()
        .any(|opt| opt.to_lowercase().contains("name=rootless"));
    if is_rootless {
        return Ok(false);
    }

    Ok(true)
}

// Bind mount parsing and validation
pub use mount::{MountError, ParsedMount, check_container_path_warning, validate_mount_path};

// Container lifecycle
pub use container::{
    CONTAINER_NAME, ContainerBindMount, ContainerPorts, OPENCODE_WEB_PORT, container_exists,
    container_is_running, container_state, create_container, get_container_bind_mounts,
    get_container_ports, remove_container, start_container, stop_container,
};

// Image state tracking
pub use state::{ImageState, clear_state, get_state_path, load_state, save_state};

/// Full setup: ensure volumes exist, create container if needed, start it
///
/// This is the primary entry point for starting the opencode service.
/// Returns the container ID on success.
///
/// # Arguments
/// * `client` - Docker client
/// * `opencode_web_port` - Port to bind on host for opencode web UI (defaults to OPENCODE_WEB_PORT)
/// * `env_vars` - Additional environment variables (optional)
/// * `bind_address` - IP address to bind on host (defaults to "127.0.0.1")
/// * `cockpit_port` - Port to bind on host for Cockpit (defaults to 9090)
/// * `cockpit_enabled` - Whether to enable Cockpit port mapping (defaults to false)
/// * `systemd_enabled` - Whether to use systemd as init (defaults to false)
/// * `bind_mounts` - User-defined bind mounts from config and CLI flags (optional)
#[allow(clippy::too_many_arguments)]
pub async fn setup_and_start(
    client: &DockerClient,
    opencode_web_port: Option<u16>,
    env_vars: Option<Vec<String>>,
    bind_address: Option<&str>,
    cockpit_port: Option<u16>,
    cockpit_enabled: Option<bool>,
    systemd_enabled: Option<bool>,
    bind_mounts: Option<Vec<mount::ParsedMount>>,
) -> Result<String, DockerError> {
    let names = active_resource_names();

    // Ensure volumes exist first
    volume::ensure_volumes_exist(client).await?;

    // Check if container already exists
    let container_id = if container::container_exists(client, &names.container_name).await? {
        // Get existing container ID
        let info = client
            .inner()
            .inspect_container(&names.container_name, None)
            .await
            .map_err(|e| {
                DockerError::Container(format!("Failed to inspect existing container: {e}"))
            })?;
        info.id.unwrap_or_else(|| names.container_name.to_string())
    } else {
        // Create new container
        container::create_container(
            client,
            None,
            None,
            opencode_web_port,
            env_vars,
            bind_address,
            cockpit_port,
            cockpit_enabled,
            systemd_enabled,
            bind_mounts,
        )
        .await?
    };

    // Start if not running
    if !container::container_is_running(client, &names.container_name).await? {
        container::start_container(client, &names.container_name).await?;
    }

    // Restore persisted users after the container is running
    users::restore_persisted_users(client, &names.container_name).await?;

    Ok(container_id)
}

/// Default graceful shutdown timeout in seconds
pub const DEFAULT_STOP_TIMEOUT_SECS: i64 = 30;

/// Stop and optionally remove the opencode container
///
/// # Arguments
/// * `client` - Docker client
/// * `remove` - Also remove the container after stopping
/// * `timeout_secs` - Graceful shutdown timeout (default: 30 seconds)
pub async fn stop_service(
    client: &DockerClient,
    remove: bool,
    timeout_secs: Option<i64>,
) -> Result<(), DockerError> {
    let names = active_resource_names();
    let name = names.container_name.as_str();
    let timeout = timeout_secs.unwrap_or(DEFAULT_STOP_TIMEOUT_SECS);

    // Check if container exists
    if !container::container_exists(client, name).await? {
        return Err(DockerError::Container(format!(
            "Container '{name}' does not exist"
        )));
    }

    // Stop if running
    if container::container_is_running(client, name).await? {
        container::stop_container(client, name, Some(timeout)).await?;
    }

    // Remove if requested
    if remove {
        container::remove_container(client, name, false).await?;
    }

    Ok(())
}