fix: mount PVC at /config to persist Chrome and app state across restarts

The jlesage/baseimage-gui sets XDG_CONFIG_HOME=/config/xdg/config at
runtime, so Chrome was writing its profile to /config/xdg/config/google-chrome
which lived on ephemeral storage. This caused Chrome to open as a fresh
install on every pod restart.

Changes:
- Mount the PVC at /config instead of /home (aligns with baseimage-gui convention)
- Move user home directory to /config/userdata (on the PVC)
- Add explicit --user-data-dir for Chrome pointing to PVC path
- Clean up Chrome crash lock files and patch Preferences on startup
  to prevent session/cookie loss after unclean pod shutdown
- Update all scripts (sshd, init-repo, cont-init) to use new paths
- Remove unnecessary cont-init-home.sh

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>

Dockerfile

@@ -35,15 +35,24 @@ RUN wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | gpg --dearm
 # Chrome wrapper: adds flags required for running inside a Docker container.
 # xdg-open (used by Claude Code on Linux) respects $BROWSER, so pointing it
 # here ensures the OAuth popup works without manual --no-sandbox invocations.
-# Also explicitly sets user-data-dir to persist Chrome settings across restarts.
+# Cleans up crash lock files and suppresses the crash-restore bubble so that
+# sessions/cookies survive unclean pod shutdowns (SIGKILL).
 RUN printf '#!/bin/bash\n\
-# Ensure Chrome data directory exists with proper permissions\n\
-mkdir -p "$HOME/.config/google-chrome"\n\
+CHROME_DIR="/config/userdata/.config/google-chrome"\n\
+mkdir -p "$CHROME_DIR"\n\
+# Remove stale lock files left by unclean container shutdown\n\
+rm -f "$CHROME_DIR/SingletonLock" "$CHROME_DIR/SingletonSocket" "$CHROME_DIR/SingletonCookie"\n\
+# Mark the previous session as clean so Chrome does not clear cookies\n\
+PREFS="$CHROME_DIR/Default/Preferences"\n\
+if [ -f "$PREFS" ]; then\n\
+  sed -i '\''s/"exit_type":"Crashed"/"exit_type":"Normal"/g; s/"exited_cleanly":false/"exited_cleanly":true/g'\'' "$PREFS"\n\
+fi\n\
 exec /usr/bin/google-chrome-stable \\\n\
   --no-sandbox \\\n\
   --disable-dev-shm-usage \\\n\
   --disable-gpu \\\n\
-  --user-data-dir="$HOME/.config/google-chrome" \\\n\
+  --disable-session-crashed-bubble \\\n\
+  --user-data-dir="$CHROME_DIR" \\\n\
   "$@"\n' > /usr/local/bin/google-chrome && \
     chmod +x /usr/local/bin/google-chrome
 
@@ -96,15 +105,13 @@ COPY --chmod=755 scripts/startapp.sh /startapp.sh
 COPY --chmod=755 scripts/init-repo.sh /usr/local/bin/init-repo
 # Fix app user shell after baseimage-gui creates it at runtime
 COPY --chmod=755 scripts/cont-init-user.sh /etc/cont-init.d/20-fix-user-shell.sh
-# Initialize persistent home directory structure
-COPY --chmod=755 scripts/cont-init-home.sh /etc/cont-init.d/21-init-home.sh
 COPY --chmod=755 scripts/cont-init-sshd.sh /etc/cont-init.d/25-start-sshd.sh
 
 # Set working directory
 WORKDIR /workspace
 
 # Configure container to run as user user
-ENV HOME=/home/user \
+ENV HOME=/config/userdata \
     USER=user \
     BROWSER=/usr/local/bin/google-chrome
 

chart/templates/deployment.yaml

@@ -68,7 +68,7 @@ spec:
             {{- toYaml .Values.resources | nindent 12 }}
           volumeMounts:
             - name: userhome
-              mountPath: /home
+              mountPath: /config
             - name: workspace
               mountPath: /workspace
             - name: shm

chart/values.yaml

@@ -23,7 +23,7 @@ ssh: false
 # Happy Coder endpoints
 happyServerUrl: "https://happy.farh.net"
 happyWebappUrl: "https://happy-coder.farh.net"
-happyHomeDir: "/home/user/.happy"
+happyHomeDir: "/config/userdata/.happy"
 happyExperimental: "true"
 
 # VNC display

scripts/cont-init-home.sh

@@ -1,26 +0,0 @@
-#!/bin/sh
-# Initialize persistent home directory structure for the app user
-# This ensures Chrome settings and SSH keys persist across pod restarts
-
-echo "=== Initializing persistent home directory ==="
-
-# Ensure the user home directory exists with proper ownership
-if [ ! -d "/home/user" ]; then
-    echo "Creating /home/user directory..."
-    mkdir -p /home/user
-    chown app:app /home/user
-fi
-
-# Ensure critical directories exist for persistent data
-echo "Ensuring persistent directories exist..."
-mkdir -p /home/user/.config
-mkdir -p /home/user/.ssh
-mkdir -p /home/user/.cache
-
-# Set proper ownership for all directories
-chown -R app:app /home/user
-
-# Ensure SSH directory has proper permissions
-chmod 700 /home/user/.ssh
-
-echo "Home directory initialization complete"

scripts/cont-init-sshd.sh

@@ -5,7 +5,7 @@
 
 echo "=== SSH enabled: starting sshd ==="
 
-HOME_DIR="/home/user"
+HOME_DIR="/config/userdata"
 HOST_KEY_STORE="$HOME_DIR/.ssh/host_keys"
 
 # Persist host keys on the home PVC so clients don't see a "host key

scripts/cont-init-user.sh

@@ -3,4 +3,4 @@
 # baseimage-gui sets shell=/sbin/nologin and home=/dev/null, which
 # prevents VSCode from opening terminals.
 usermod -s /bin/bash app
-usermod -d /home/user app
+usermod -d /config/userdata app

scripts/init-repo.sh

@@ -25,8 +25,8 @@ else
         # Configure git to use token if provided
         if [ -n "$GITHUB_TOKEN" ]; then
             git config credential.helper store
-            echo "https://oauth2:${GITHUB_TOKEN}@github.com" > /home/.git-credentials
-            chmod 600 /home/.git-credentials
+            echo "https://oauth2:${GITHUB_TOKEN}@github.com" > /config/userdata/.git-credentials
+            chmod 600 /config/userdata/.git-credentials
         fi
 
         git pull || echo "Pull failed, continuing anyway..."
@@ -42,8 +42,8 @@ else
 
             # Configure credentials for future use
             git config --global credential.helper store
-            echo "https://oauth2:${GITHUB_TOKEN}@github.com" > /home/.git-credentials
-            chmod 600 /home/.git-credentials
+            echo "https://oauth2:${GITHUB_TOKEN}@github.com" > /config/userdata/.git-credentials
+            chmod 600 /config/userdata/.git-credentials
         else
             git clone "$GITHUB_REPO" "$WORKSPACE_DIR"
         fi