Clarify public and internal domain defaults (Sam & Claude)
Leave AGENT_DOMAIN blank until a real public DNS name exists, keep home.arpa for internal jail/service names, and mark ZFS as required for Bastille jails. --- Build: pass Tests: pass — 59 passed (4 files) --- Build: pass | Tests: pass — 2372 passed (704 files)
This commit is contained in:
parent
928fe9307b
commit
1934d12bd1
4 changed files with 19 additions and 10 deletions
|
|
@ -47,7 +47,15 @@ SKILLS_DB_PASSWORD=
|
|||
|
||||
# ── Network ──
|
||||
AGENT_SUBNET_BASE=10.0.0
|
||||
AGENT_DOMAIN=clawdie.invalid
|
||||
|
||||
# Domain split:
|
||||
# AGENT_DOMAIN -> public-facing site/API domain. Leave blank until
|
||||
# you have a real public DNS name configured.
|
||||
# AGENT_INTERNAL_DOMAIN -> internal jail/service names written into /etc/hosts
|
||||
#
|
||||
# Use home.arpa for internal-only names. .local is reserved for mDNS and can
|
||||
# create resolver ambiguity on the local link.
|
||||
AGENT_DOMAIN=
|
||||
AGENT_INTERNAL_DOMAIN=clawdie.home.arpa
|
||||
|
||||
# ── Locale (optional — auto-detected on FreeBSD) ──
|
||||
|
|
|
|||
|
|
@ -144,14 +144,15 @@ STRIPE_SECRET_KEY=
|
|||
STRIPE_ENABLE_REFUNDS=NO
|
||||
|
||||
# Domain split:
|
||||
# AGENT_DOMAIN -> public-facing site/API domain
|
||||
# AGENT_DOMAIN -> public-facing site/API domain. Leave blank until
|
||||
# you have a real public DNS name configured.
|
||||
# AGENT_INTERNAL_DOMAIN -> internal jail/service names written into /etc/hosts
|
||||
#
|
||||
# Use home.arpa for internal-only names. .local is reserved for mDNS and can
|
||||
# create resolver ambiguity on the local link.
|
||||
# Use .invalid as the safe placeholder until you set a real public domain.
|
||||
# These example values match the default AGENT_NAME above; replace them if you rename the agent.
|
||||
AGENT_DOMAIN=clawdie.invalid
|
||||
# This example internal value matches the default AGENT_NAME above; replace it
|
||||
# if you rename the agent.
|
||||
AGENT_DOMAIN=
|
||||
AGENT_INTERNAL_DOMAIN=clawdie.home.arpa
|
||||
|
||||
# Local code hosting defaults
|
||||
|
|
|
|||
|
|
@ -357,10 +357,10 @@ Current `main` separates public and internal naming:
|
|||
- `AGENT_DOMAIN` is the public-facing site/API domain
|
||||
- `AGENT_INTERNAL_DOMAIN` is the internal jail/service zone written into `/etc/hosts`
|
||||
|
||||
Fresh installs should use:
|
||||
Fresh installs should keep public and internal names separate:
|
||||
|
||||
- `AGENT_DOMAIN=home.arpa` for local DNS zone (host uses `<agent>.home.arpa`; replace with a real public domain when ready)
|
||||
- `AGENT_INTERNAL_DOMAIN=<agent>.home.arpa`
|
||||
- `AGENT_DOMAIN=` until you have a real public DNS name configured
|
||||
- `AGENT_INTERNAL_DOMAIN=<agent>.home.arpa` for local jail/service names
|
||||
|
||||
Why this changed:
|
||||
|
||||
|
|
@ -668,7 +668,7 @@ Users then run `/add-slack` on their fork and get clean code that does exactly w
|
|||
- FreeBSD 15.x
|
||||
- Node.js 24+
|
||||
- Python 3.11+ (for voice transcription, screenshots, and other features)
|
||||
- ZFS (recommended)
|
||||
- ZFS (required for Bastille jails)
|
||||
- Optional: Telegram bot token, provider API key, PostgreSQL URLs for memory/skills DB
|
||||
|
||||
## Security
|
||||
|
|
|
|||
|
|
@ -106,7 +106,7 @@ function defaultInternalDomain(): string {
|
|||
}
|
||||
|
||||
function defaultPublicDomain(): string {
|
||||
return 'home.arpa';
|
||||
return '';
|
||||
}
|
||||
|
||||
function detectOriginRemote(projectRoot: string): string {
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue