diff --git a/.ide/Dockerfile b/.ide/Dockerfile
index ef5406286..0444e997b 100644
--- a/.ide/Dockerfile
+++ b/.ide/Dockerfile
@@ -16,14 +16,14 @@ ENV GOCACHE=/workspace/.cache/go-build
 ENV GOMODCACHE=/workspace/.cache/gomod
 
 # ==========================================
-# 2. Codex 动态配置变量 (构建时的默认值，运行时可被 -e 覆盖)
+# 2. Codex 动态配置变量 (构建时的默认值，运行时可被 -e 随意覆盖)
 # ==========================================
 ENV CODEX_BASE_URL="https://api.aibh.site/v1"
 ENV CODEX_MODEL="gpt-5.4"
 ENV OPENAI_API_KEY="sk-foAHgsJtmanACECtBlFYZE2z4LkwBboEOYETO3ZdWvCxdmNr"
 
 # ==========================================
-# 3. 系统与核心工具安装 (合并层级，减少镜像体积)
+# 3. 系统与核心工具安装 (合并层级，极大减小镜像体积)
 # ==========================================
 RUN set -ex; \
     apt update && \
@@ -99,51 +99,42 @@ RUN mkdir -p /workspace/.cache/go-build /workspace/.cache/gomod /workspace/.cach
     >> /etc/profile
 
 # ==========================================
-# 7. 核心优化：内置动态 Entrypoint 脚本
-# (每次容器启动时，根据当前环境变量动态生成 Codex 配置)
+# 7. 核心：使用 printf 安全生成启动脚本 (彻底解决 Heredoc 格式报错)
 # ==========================================
-RUN cat > /entrypoint.sh <<'SCRIPT'
-#!/bin/bash
-set -e
+RUN printf '%s\n' \
+    '#!/bin/bash' \
+    'set -e' \
+    'mkdir -p /root/.codex' \
+    '' \
+    'cat > /root/.codex/config.toml << EOF' \
+    'model_provider = "OpenAI"' \
+    'model = "${CODEX_MODEL:-gpt-5.4}"' \
+    'model_reasoning_effort = "high"' \
+    'disable_response_storage = true' \
+    '' \
+    '[model_providers.OpenAI]' \
+    'name = "OpenAI"' \
+    'base_url = "${CODEX_BASE_URL:-https://api.openai.com/v1}"' \
+    'wire_api = "responses"' \
+    'requires_openai_auth = true' \
+    'EOF' \
+    '' \
+    'cat > /root/.codex/auth.json << EOF' \
+    '{' \
+    '  "auth_mode": "apikey",' \
+    '  "OPENAI_API_KEY": "${OPENAI_API_KEY:-}"' \
+    '}' \
+    'EOF' \
+    '' \
+    'chmod 600 /root/.codex/auth.json' \
+    '' \
+    'export OPENAI_API_KEY="${OPENAI_API_KEY:-}"' \
+    'export CODEX_API_KEY="${OPENAI_API_KEY:-}"' \
+    '' \
+    'echo "✅ Codex 动态配置已加载: Model=${CODEX_MODEL}, BaseURL=${CODEX_BASE_URL}"' \
+    'exec "$@"' > /entrypoint.sh && chmod +x /entrypoint.sh
 
-# 确保目录存在
-mkdir -p /root/.codex
-
-# 动态渲染 config.toml
-cat > /root/.codex/config.toml <<EOF
-model_provider = "OpenAI"
-model = "${CODEX_MODEL:-gpt-4o}"
-model_reasoning_effort = "high"
-disable_response_storage = true
-
-[model_providers.OpenAI]
-name = "OpenAI"
-base_url = "${CODEX_BASE_URL:-https://api.openai.com/v1}"
-wire_api = "responses"
-requires_openai_auth = true
-EOF
-
-# 动态渲染 auth.json
-cat > /root/.codex/auth.json <<EOF
-{
-  "auth_mode": "apikey",
-  "OPENAI_API_KEY": "${OPENAI_API_KEY:-}"
-}
-EOF
-chmod 600 /root/.codex/auth.json
-
-# 将变量注入当前 shell 环境 (用于终端直接使用 codex 命令)
-export OPENAI_API_KEY="${OPENAI_API_KEY:-}"
-export CODEX_API_KEY="${OPENAI_API_KEY:-}"
-
-echo "✅ Codex 配置已动态加载: Model=${CODEX_MODEL}, BaseURL=${CODEX_BASE_URL}"
-
-# 执行 Dockerfile 原本的 CMD (如: code-server 或 bash)
-exec "$@"
-SCRIPT
-chmod +x /entrypoint.sh
-
-# 将入口点设为该脚本
+# 设置入口点
 ENTRYPOINT ["/entrypoint.sh"]
-# 默认启动 bash (你可以通过 docker run 覆盖，比如改成 code-server)
+# 默认启动 bash
 CMD ["/bin/bash"]
\ No newline at end of file