# DeerFlow — CLI auth overlay (OPT-IN, NOT loaded by default)
#
# Bind-mounts the host Claude Code / Codex CLI config dirs into the gateway so:
#   - ClaudeChatModel / Codex model providers can reuse the CLI subscription
#     login (~/.claude/.credentials.json, ~/.codex/auth.json), and
#   - ACP agents (acp_agents in config.yaml) that run the claude/codex CLI
#     inside the container can read their config.
#
# SECURITY: these mounts expose the ENTIRE ~/.claude and ~/.codex dirs
# (conversation history, projects, global config, long-lived credentials) into
# the gateway container, read-only. A gateway compromise leaks all of it. That
# is why they are NOT mounted by default.
#
# Prefer passing only a token via env instead (no directory exposure):
#   CLAUDE_CODE_OAUTH_TOKEN / ANTHROPIC_AUTH_TOKEN for Claude, CODEX_AUTH_PATH
#   for a single Codex auth file — see .env.example and SECURITY.md.
# Use this overlay only when you need the full CLI config (e.g. ACP adapters
# that run the CLI in-container and read more than just the credential file).
#
# Manual use (works with both prod and dev compose):
#   docker compose -f docker-compose.yaml -f docker-compose.cli-auth.yaml up -d
services:
  gateway:
    volumes:
      - type: bind
        source: ${HOME:?HOME must be set}/.claude
        target: /root/.claude
        read_only: true
        bind:
          create_host_path: true
      - type: bind
        source: ${HOME:?HOME must be set}/.codex
        target: /root/.codex
        read_only: true
        bind:
          create_host_path: true