The cron has been silently failing every day since 2026-03-28. Four
independent bugs were stacked:
1. cron/entrypoint.sh: env dump used `sed` to wrap each line in
`export `, but values with spaces (e.g. GIT_SSH_COMMAND, OIDC_SCOPES)
produced lines like `export GIT_SSH_COMMAND=ssh -o UserKnownHosts...`
which `export` parses as a flag and aborts. busybox ash treats the
builtin error as fatal, so `. /etc/environment.sh; script.sh` never
reaches the script. Now single-quote each value with proper escaping.
2. cron/Dockerfile: NODE_PATH only works for CommonJS `require()`, not
ESM `import`. The export script is `"type": "module"` and failed with
"Cannot find package 'gray-matter'". Install deps at /app/node_modules
instead — Node ESM walks up from /app/scripts and finds it there.
3. docker-compose.yml: `~/.ssh:/root/.ssh:ro` — DokPloy does NOT expand
`~`, so it created a literal `~` directory inside the deployment dir
and mounted that empty dir. The container had no SSH key. Use the
absolute host path `/root/.ssh` instead.
4. cron/entrypoint.sh: even with the SSH key, `git push` would fail
because the git remote is HTTPS and the host's git server runs on
port 2222 (set in /root/.ssh/config). Add a `pushInsteadOf` rewrite
so push uses SSH while DokPloy can keep fetching via HTTPS, and stop
re-running ssh-keyscan against the wrong port — copy the host's
known_hosts (which already has the :2222 entry) instead.
Jennie Robinson Faber
2085ad5103