The dns step previously rendered dnsmasq.conf to a project-local
tmp/ path and stopped there — the platform classified dnsmasq as a
shared service but never actually deployed, enabled, or started it.
This is the dnsmasq blind spot.
What changed:
- On FreeBSD as root, the rendered config now lands at
/usr/local/etc/dnsmasq.conf with a .bak of any prior content.
- sysrc dnsmasq_enable=YES is set so the service comes up on boot.
- service dnsmasq restart fires only when the config actually changed
or the service is not currently running. Idempotent.
- Off-host (tests, dev) the step still writes to tmp/dnsmasq.conf
and skips all lifecycle ops, so unit tests and dry-runs are unchanged.
Upstream resolvers were the other half of the gap — the previous
config had `no-resolv` with no `server=` directive, making it unusable
as a system resolver standalone. We now resolve upstream from, in
priority order:
1. $DNSMASQ_UPSTREAM (comma- or space-separated; operator override)
2. non-loopback nameservers parsed from /etc/resolv.conf
3. 1.1.1.1 + 9.9.9.9 fallback
Each step renders `server=<ip>` lines so dnsmasq can forward queries
outside the local zone.
Deliberately NOT changed: /etc/resolv.conf. Pointing the host at
dnsmasq for system-wide resolution is a separate operator decision —
mis-doing it can take a host offline. The structured status now emits
SETUP_DNS with DEPLOYED/SYSRC_ENABLED/SERVICE state so /publishreport
can surface where the resolver stands.
---
13 dns tests pass (up from 5). Pre-existing cms.test.ts failure in
the wider setup/ run is unrelated to this change.
---
Build: FAIL | Tests: FAIL — 16 failed
Sweep active code, tests, identity files, public docs, CMS seed content, and stale handoffs so old assistant-name fixtures no longer leak into current Clawdie/system-namespace behavior. Keep the skills-memory SQL artifact unchanged per regeneration policy.
---
Build: pass
Tests: pass — 2197 passed (164 files)
---
Build: pass | Tests: pass — 2197 passed (650 files)
8cd208d fixed the four tenant-registry test failures (and restored the
publishing_mode / public_base separation flagged in c2893a7) but left
three failures untouched. This commit finishes the job so origin
goes green.
The three remaining failures, all caused by upstream changes in
8cd208d / 82ee74b that earlier tests were not updated for:
- src/platform-layout.test.ts: `siteFqdn(_, _, 'public', 'home.arpa')`
now throws (was: returned null), and `siteFqdn('', _, _)` now falls
back to the resource-id fallback slug 'clawdie' (was: returned null).
Both behaviors are exercised elsewhere — removed the stale
`.toBeNull()` lines and added a comment pointing readers to the
dedicated `rejects public surface or site derivation without a
public base` test.
- setup/dns.test.ts: rendered records now include `blog.mevy.home.arpa`
because mevy declares an internal `blog` site in tenants.yaml. Test
was on the wrong side of the move; added the host to the expected
list.
- src/platform-audit-report.test.ts: shared.services grew in 82ee74b
to include `cms`, `web-service`, and `code-service`. Service probes
iterate alphabetical, so the deduped union is now
[clawdie, clawdie_hostd, cms, code-service, mevy, postgresql,
web-service] — 7 services, not 4. Mock only supplied 4 service
responses; calls 5–7 returned `undefined` and tripped `.catch(...)`
on `undefined`. Added the three missing mocks in alphabetical
order, updated the length assertion 4→7, and added a comment naming
the order so the next time `shared.services` changes the test
fails loudly instead of silently misaligning.
Two operator-side notes (not part of this commit, but worth
recording):
- The primary clone at /home/clawdija/clawdie-ai had `core.bare=true`
set on it (probably as part of someone trying to follow the
primary-bare pattern from AGENT-WORKTREE-WORKFLOW.md). That setting
on a non-bare clone orphans every worktree — `git status` and
`git pull` start failing with "must be run in a work tree" inside
every worktree dir. Recovery is `git config --unset core.bare` in
the primary; the bare-primary pattern requires `git clone --bare`
at clone time and is not reachable by toggling the flag later.
- Codex's c970792 wording-tightening intent is now in the handoff
via 8cd208d, but `multitenant-claude` (c2893a7) was not
fast-forwarded — Codex re-implemented the fix in parallel. Net
effect is fine (their version is better), but the
feature-branch → integrator FF flow we agreed on did not actually
happen this round. Worth confirming the working agreement is
still the one we want before next integration.
Local checks (Linux, /home/clawdija/clawdie-ai-claude worktree):
Build: pass | Tests: pass — 1841 passed (120 files)
Typecheck: pass — tsc --noEmit clean
---
Build: pass | Tests: FAIL — Tests 49 failed | 1792 passed (1841)
Tenant records now carry an optional sites: list per the approved naming
policy (id + exposure ∈ disabled | internal | public). The registry loader
rejects a public site when platform.publishing_mode is disabled or when
platform.public_base is unset, and refuses duplicate site ids within a
tenant. Adds siteFqdn() and tenantHomeFqdn() helpers so consumers derive
'<site>.<tenant>.<base>' uniformly instead of reinventing the rule.
setup/dns.ts now emits an address record per declared internal/public
site (skipping disabled ones), so dnsmasq answers the full
'<site>.<tenant>.<internal_base>' zone that mDNS cannot serve.
This is the schema prerequisite the publish-flow design note will need;
the Astro-publish implementation can read tenant.sites instead of a CLI
argument once it lands.
---
Build: pass | Tests: pass — 1812 passed (115 files)
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Adds setup/dns.ts (and dns.test.ts) that renders a minimal dnsmasq.conf
from infra/tenants.yaml: one address record for ai.<base> (controlplane),
one per declared shared jail (cms, git), and one per tenant service
hostname. Wires into the setup --step runner. This closes the last open
next-move item from the 24.apr handoff — the iso already carries the
dnsmasq package.
---
Build: pass | Tests: pass — 4 passed (1 file)
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
