protonbridge: use init container for GPG+pass setup; fix TTY+home issues

Root causes of prior CrashLoopBackOff:
  1. %no-passphrase unsupported; %no-protection needed instead
  2. GPG agent couldn't use pinentry without a TTY
  3. Container runs as root (HOME=/root) so mounting at /home/protonmail was wrong

Fix: dedicated setup-pass init container (shares image, has gpg+pass)
that configures allow-loopback-pinentry in gpg-agent.conf + gpg.conf,
then generates a passphrase-free key and inits the pass store. All state
is written to /bridge-data (PVC mount), with GNUPGHOME and
PASSWORD_STORE_DIR env vars so the main container finds the store.
Main container no longer overrides the default entrypoint.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

0 files changed, 0 insertions, 0 deletions