Commit graph

43 commits

Author SHA1 Message Date
8e661311b5 feat(db): migrate SQLite to Postgres OPS_DB (Sam & Claude)
Replace better-sqlite3 with pg Pool for all operational data (chats,
messages, tasks, sessions, router_state, registered_groups). New
OPS_DB_URL config drives a dedicated ops database alongside the
existing memory and skills databases.

All db.ts functions are now async. Callers in src/, setup/, and tests
updated accordingly. Tests use a mock pool (src/test-helpers.ts) so
they run without a live Postgres connection.

---
Build: pass | Tests: not run (Linux)
2026-04-11 12:21:27 +02:00
e07a68ae92 feat: Crowdin integration - Slovenian first (Sam & Claude) 2026-04-06 19:53:35 +02:00
84cc452497 docs: complete Codex's public/internal restructure alignment
Codex restructured docs on 5 Apr (cc37d2c) into public/ and internal/
subdirectories. This commit completes the alignment work by updating all
references across skills, agents, and generated files.

Changes:

Skills Documentation:
- docs-deployment/SKILL.md: Update doc paths (docs/INSTALL.md → docs/public/install/install.md)
- docs-deployment/INTEGRATION.md: Update example paths for new structure
- agent-setup/SKILL.md: Update references
- ansible-freebsd/SKILL.md: Update references

Agents & Conventions:
- AGENTS.md: Add tmux "testing" window guideline for long-running commands
- AGENTS.md: Update doc path references (INSTALL.md → install.md lowercase)
- README-CLAWDIE.md: Update doc paths
- CROWDIN.md: Update structure references

Build System:
- setup/cms.ts: Improve frontmatter generation (skip files with existing h1)
- scripts/memory/embed-docs.py: Adjust for new structure
- docs-deployment/DOCUMENTATION-POLICY.md: Update guidelines

HTML/Web Output:
- html/: Version bumps, link fixes, manifest updated
- Reflect new public/ structure in rendered docs

Validation:
- All skills reference docs correctly
- Install/setup docs now at docs/public/install/
- Docs build and serve correctly (verified 6 Apr)
- 603 tests passing (from Codex's build)

Co-Authored-By: Codex (Agent) <codex@clawdie.si>
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  603 passed (603)
2026-04-06 13:22:24 +00:00
3ab5d01ba9 Regenerate built-in knowledge: 84 docs, 1853 embeddings
Rewrote embed-builtin-knowledge.py to dynamically discover all project
docs, internal docs, identity files, and skill definitions instead of
using a hardcoded 6-chunk array.  Artifact now covers full corpus via
OpenRouter BAAI/bge-m3 at 1024 dimensions.

Also fixed stale config.ts defaults: EMBED_MODEL from nomic-embed to
BAAI/bge-m3, EMBED_DIMENSIONS from 768 to 1024 (matching the pgvector
schema's vector(1024) column).

Tested: imported into live clawdie_skills DB, FTS search confirmed.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  603 passed (603)
2026-04-06 01:37:26 +00:00
cc37d2c8cf Public/internal docs restructure; CMS/verify cleanup (Sam & Codex)
---

Build: pass | Tests: pass - 603 passed (44 files)

---
Build: pass | Tests: pass — Tests  603 passed (603)
2026-04-05 06:29:19 +00:00
1452da8d75 Enforce UTF-8 locales and expand snapshot coverage
---
Build: pass | Tests: pass — Tests  603 passed (603)
2026-04-04 14:17:04 +00:00
a2639162a3 fix(tmp): keep temp files under project tmp/ (Sam & Codex)
- Skills engine uses <project-root>/tmp/skills for merge/update temp files

- Scripts and Telegram voice downloads avoid system /tmp

- Add formatSnapshotStamp() for DD.mmm.YYYY-HHMM naming

---

Build: pass | Tests: pass — 603 passed (44 files)

---
Build: pass | Tests: pass — Tests  603 passed (603)
2026-04-03 09:37:42 +00:00
e0dd328990 fix: correct preflight summary path and hardcoded session name
- Evidence script and checklist looked in logs/preflight-* but preflight
  writes to tmp/preflight/ — fixed both to match actual output path
- Checklist referenced npm run preflight (missing) — corrected to
  preflight-check
- preflight.ts screenshot capture had hardcoded 'clawdie' session —
  now uses AGENT_NAME

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  605 passed (605)
2026-04-02 06:12:26 +00:00
7ce798c251 feat: add bhyve-evidence.sh for cross-agent deployment verification
Runs preflight + tsc + screenshot inside a bhyve guest and emits a
single JSON bundle for another agent to verify.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  605 passed (605)
2026-04-01 22:22:36 +00:00
8f14ce0573 chore: replace legacy klavdija refs with agent-agnostic names, fix checklist to use Bastille
Replaces hardcoded "klavdija" with ${AGENT_NAME} or generic phrasing across
docs, scripts, and identity files. Fixes fresh-install checklist: jls → bastille
list, parameterized log paths, Bastille-based service checks.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  605 passed (605)
2026-04-01 21:59:13 +00:00
0357ddb789 feat: enable hybrid search with pre-generated embeddings
- Add embed-builtin-knowledge.py script for OpenRouter bge-m3 embeddings
- Update artifact.sql with pre-generated 1024-dim embeddings for 6 chunks
- Update metadata: openrouter/baai/bge-m3, embedding_count=6, search_mode=hybrid
- Change locale from en-US to sl-SI per project language setting

Author: Clawdie AI <hello@clawdie.si>
Co-Authored-By: Samo Blatnik, Zed.ai
2026-03-29 23:28:15 +02:00
f637389088 infra: agent-prefix controlplane jail, keep shared services un-prefixed
- setup-controlplane-jail.sh: JAIL=${AGENT_NAME}-controlplane (was hardcoded)
- setup-llamacpp-jail.sh: JAIL=llamacpp — shared service, no agent prefix
- destroy-jails.sh: reads AGENT_NAME from .env, targets prefixed jail names
- heartbeat.sh: checks prefixed name first, falls back to un-prefixed

Architecture decision: llamacpp/db/cms are shared services (one instance,
all agents). Only controlplane is per-agent. Heartbeat handles both naming
conventions during the live migration window.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  431 passed (431)
2026-03-29 08:28:41 +00:00
1cf4152bd3 chore: templatize agent name/subnet; fix heartbeat PGPASSWORD + timeouts
- Replace hardcoded "klavdija" tmux session names with $AGENT_NAME in
  glass.sh and run-klavdija.sh
- Replace hardcoded 192.168.100.x fallbacks with 10.0.1.x throughout
  scripts/memory/ and heartbeat.sh defaults
- Fix heartbeat PGPASSWORD: use inline `VAR=val cmd` form so psql
  actually receives the password in the subshell
- Fix heartbeat curl hangs: add --max-time to all curl calls
- Add run-klavdija.sh and src/transcription.ts (previously untracked)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  431 passed (431)
2026-03-28 21:56:40 +00:00
f07e4f1a0c feat: switch embeddings to OpenRouter BAAI/bge-m3; fix heartbeat embed check
- embed-docs.py, import-memories.py: only send dimensions param for openai.com
- heartbeat.sh: skip /health TCP probe for external APIs to avoid false WARN;
  use dynamic URL in flag message instead of hardcoded :8080

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  431 passed (431)
2026-03-28 21:15:43 +00:00
e73afafbb2 feat: switch embeddings to OpenAI text-embedding-3-small; add embed-docs.py
- embed-docs.py: new script to batch-embed project docs into klavdija_brain
  (37 docs → 852 chunks with session_id pattern doc:<path>)
- import-memories.py: updated embed() to send Authorization header and
  dimensions=1024 parameter for OpenAI/configurable provider support
- memories-transfer-v2.json: recovered historical session memories (local copy)
- package.json: add @supabase/supabase-js dependency
- src/channels/telegram.ts, src/config.ts: Telegram channel integration

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  431 passed (431)
2026-03-28 20:44:09 +00:00
0c309c5fdf fix: move btop to own tmux window to avoid minimum size error
btop requires Height≥24 which can't be guaranteed in a 3-pane split
on smaller terminals. btop now runs in window 1 (full terminal height),
glass pane (window 0) keeps gateway/pi | shell layout.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---
Build: FAIL | Tests: pass — Tests  431 passed (431)
2026-03-28 18:14:05 +00:00
d0402cc361 feat: glass-pane tmux session script
Layout: gateway/pi (top-left) | shell (top-right) | btop (bottom full-width)
Usage: scripts/glass.sh  /  scripts/glass.sh kill

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  431 passed (431)
2026-03-28 14:55:44 +00:00
c1fe217f7e feat: import prior session memories into brain; add import-memories.py
- MEMORY.md restored from v2 transfer JSON (was absent in Supabase backups)
- scripts/memory/import-memories.py: chunk + embed + insert into memories,
  memory_chunks, memory_embeddings via psql fallback (no psycopg2 required)
- Imported 8 historical sessions (Feb-Mar 2026) from old agent into klavdija_brain

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  431 passed (431)
2026-03-28 14:14:59 +00:00
49ae80512d feat: heartbeat agent + local LLM path; docs consistency pass
Heartbeat:
- scripts/heartbeat.sh — cron-ready health monitor; checks jails,
  PostgreSQL, llama-server instances; writes HEARTBEAT.md; optional
  Telegram alert on WARN/CRIT; LLM interpretation via local :8081
- docs/HEARTBEAT.md — architecture, schedule, escalation model,
  memory integration, LLM model path by RAM tier
- HEARTBEAT.md added to .gitignore (runtime-generated, changes every 30 min)

Local LLM:
- docs/LOCAL-LLM.md — two-instance llama-server design (:8080 embed,
  :8081 chat); model choices for 12/32/64 GB; setup instructions;
  upgrade path from dolphin3.0-phi4-mini → Qwen3-14B with no schema change
- docs/REFACTOR-PLAN.md — replace stale z.ai recharge note with local
  llama-cpp direction; add action item to migrate pi to :8081

Docs consistency pass:
- Replace 10.0.0.x → 192.168.100.x in 8 docs files
- Replace jexec → bastille cmd in FREEBSD-JAIL-IMPLEMENTATION.md,
  HOST-OPERATOR-MODEL.md, SECURITY.md
- Fix /home/clawdija/ path typo in WARDEN.md, HOST-OPERATOR-MODEL.md,
  SECURITY.md
- Fix AGENT_SUBNET_BASE default in HOST-OPERATOR-MODEL.md
- Fix CMS PF redirect IP bug in CMS-DEPLOYMENT-PLAN.md (.5 → .4)
- Clarify git jail has no fixed IP slot in GIT-STORAGE.md
- Fix user-facing dates to DD.mmm.YYYY in REFACTOR-PLAN.md,
  DEBUG_CHECKLIST.md

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  431 passed (431)
2026-03-28 10:43:22 +00:00
f990d5650e refactor: derive DB identity from AGENT_NAME, drop hardcoded agent refs
- Remove 7 redundant .env vars: DB_NAME, DB_USER, DB_HOST, DB_PORT,
  MEMORY_DB_NAME, MEMORY_DB_USER, MEMORY_DB_URL — all now derived from
  AGENT_NAME by config.ts and common.sh
- Fix DB_HOST in common.sh pointing to .2 (controlplane) instead of .3 (db)
- common.sh: normalise AGENT_NAME → Postgres identifier, same algorithm
  as db-identifiers.ts; embed config now reads from .env instead of
  overriding with stale OpenRouter values
- embed.sh: drop OPENROUTER_API_KEY requirement; use EMBED_BASE_URL +
  EMBED_API_KEY (empty = local llama-server, no auth needed)
- memory-hydrate-pg.sh, memory-lifecycle.ts: replace ai_brain/clawdie_brain
  literals with live DB_NAME / MEMORY_DB_NAME values

Bump to 0.9.1.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  431 passed (431)
2026-03-28 08:55:06 +00:00
e695f8f248 test: add end-to-end memory pipeline test (embed → store → search)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  431 passed (431)
2026-03-27 22:14:43 +00:00
9e27a4834c Revert "fix: use GNU sed syntax for Linux compatibility"
This reverts commit 47cd358e2b.
2026-03-27 07:52:34 +01:00
47cd358e2b fix: use GNU sed syntax for Linux compatibility
The BSD sed syntax 'sed -i ""' doesn't work on Linux (GNU sed).
Changed to 'sed -i' which works on Linux.
2026-03-27 07:50:08 +01:00
d2e6ec0d04 prep: update language configuration for Crowdin v0.9.0 (6 languages)
Updated for regional focus:
- Slovenian (sl) — primary
- English (en) — source
- German (de) — Central Europe
- Croatian (hr) — Balkan
- Serbian (sr) — Balkan
- Russian (ru) — Eastern Europe

Changes:
- .crowdin.yml: Update language mapping (sl, en, de, hr, sr, ru)
- scripts/docs-sync.cron.sh: Update LANGUAGES variable
- CROWDIN.md: Update language table and file structure examples
- docs/{de,hr,sr,ru}/: Create placeholder directories with .gitkeep

Ready for Crowdin project creation (awaiting project ID & API token).

Future additions (v0.9.1+): French, Spanish, Greek, Macedonian

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

---
Build: pass | Tests: FAIL — Tests  2 failed | 487 passed | 10 skipped (499)
2026-03-24 18:25:18 +00:00
b2b1d17d39 feat: add multi-language support to docs compilation pipeline
docs-compile.sh:
- Add --language LANG parameter for per-language compilation
- Support language-specific source directories (docs/sl/, docs/en/, etc.)
- Create language subdirectories in output (docs-v0.8.2_24.mar.2026/sl/)
- Default behavior unchanged (compile docs/ root if no --language specified)

docs-sync.cron.sh:
- Add LANGUAGES="sl,en,de,fr,es" configuration (Slovenian primary)
- Loop through each language, call docs-compile.sh per language
- Compile all languages to version-dated language subdirectories

INTEGRATION.md (docs-deployment skill):
- Update examples to show Slovenian as primary language
- Document language configuration format
- Show per-language compilation workflow
- Update Crowdin sync diagrams (sl first, then others)

Rationale:
- Slovenian is prototype default locale/timezone (sl-SI/Europe/Ljubljana)
- Documentation language hierarchy should match system language default
- Crowdin will manage translations (sl as source, others as translations)
- Zero-downtime deployment now supports multiple language versions

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

---
Build: pass | Tests: FAIL — Tests  2 failed | 487 passed | 10 skipped (499)
2026-03-24 17:11:16 +00:00
7f488af56d Phase 3.8: Create docs-deployment skill + Slovenian date format
Add comprehensive docs-deployment skill for host-level multi-language documentation:

SKILL.md:
  - Complete skill definition and guide (600+ lines)
  - Architecture overview and deployment flow
  - Multi-language support (en, de, fr, es)
  - Crowdin integration workflow
  - Troubleshooting guide
  - Quick reference for common tasks
  - Performance metrics and capacity planning

Templates:
  - nginx-vhost-template.conf: Production-ready multi-language routing
    * Language-specific locations (/en/, /de/, /fr/, /es/)
    * Zero-downtime symlink swaps
    * SSL/TLS configuration
    * Security headers and caching
  - language-selector.html: Beautiful language picker UI
    * Mobile-responsive design
    * Supports 4 languages
    * Links to Crowdin translation project

Date Format Fix (User-Facing):
  - Change from YYYYMMDD (20260324) to DD.mon.YYYY (24.mar.2026)
  - docs-compile.sh: Update date generation and validation
  - docs-sync.cron.sh: Update to match compile.sh format
  - All version directories now human-readable: docs-v0.9.0_24.mar.2026

This format is:
  - User-friendly (appears in directory names, documentation)
  - Consistent with Slovenian date preferences
  - Easily sortable (day.month.year order)
  - Clear in translated documentation

Skill enables operators and authors to:
  - Understand the complete documentation deployment system
  - Set up Crowdin projects from scratch
  - Troubleshoot common issues
  - Monitor deployment health
  - Perform rollbacks and manual syncs

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

---
Build: pass | Tests: FAIL — Tests  2 failed | 487 passed | 10 skipped (499)
2026-03-24 09:41:57 +00:00
4714bf9d65 Phase 3.1-3.2: Documentation compilation and sync infrastructure
Add complete markdown-to-HTML compilation pipeline and automated sync orchestrator:

- docs-compile.sh: Compiles markdown to HTML with .docignore filtering, version
  naming (docs-v0.9.0_20260324), and automatic index generation
- docs-sync.cron.sh: Orchestrator for automated daily sync (05:00 UTC): git pull,
  compile, validate, atomic symlink swap, cleanup old versions (30-day retention)
- VERSIONING.md: Architecture guide explaining symlink-based zero-downtime
  deployments with instant rollback capability
- DOCUMENTATION-POLICY.md: Policy establishing markdown as single source of truth,
  git rules, sync procedures, monitoring guidelines
- .docignore: Filtering rules excluding internal/sensitive docs from public sites
- .sync-metadata.json: Metadata tracking for sync automation and monitoring
- Pre-commit hook: Appended documentation validation checks

No external dependencies required (no pandoc/pandoc). HTML wrapper uses pure shell
with simple markdown syntax conversion. Tested with 28 markdown source files.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

---
Build: pass | Tests: FAIL — Tests  2 failed | 487 passed | 10 skipped (499)
2026-03-24 09:28:20 +00:00
ed159bbec0 Add pre-commit security hook to block sensitive data
Implement Privacy-First Documentation strategy:
- Pre-commit hook scans staged files for credentials, IPs, usernames, domains
- Blocks commits containing: samob, smilepowered, 192.168.x.x, 10.x.x.x, password=, secret=, api_key=, token=, etc.
- Auto-generates .git/hooks/sensitive-patterns.txt and sensitive-allowlist.txt on first run
- Users can add false positives to allowlist without removing legitimate content
- Documented in scripts/hooks/SECURITY.md with customization and audit instructions
- Updated CONTRIBUTING.md with setup and troubleshooting steps

Enforcement: All contributors now have automatic sensitive data detection before push.
Benefits: Docs become safe to share publicly, prevents credential leaks, enables Privacy-First approach.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  489 passed | 10 skipped (499)
2026-03-23 22:58:21 +00:00
2ed6245b11 feat(backup): add backup script and restore runbook
npm run backup exports all critical state to a portable tarball:
  - messages.db (SQLite — all chats, tasks, sessions)
  - memory_db.sql + skills_db.sql (pg_dump from db jail)
  - .env, groups/, mount-allowlist.json

Takes ZFS snapshots via hostd before export. Flags:
  --skip-skills   skip skills_db (large, regenerable)
  --output <dir>  write archive to specific directory
  --no-snapshot   skip ZFS snapshots

setup/sanoid.ts: add management jail dataset to snapshot retention policy.
docs/sessions/2026-03-16-backup-restore.md: full restore runbook covering
SQLite, PostgreSQL, ZFS rollback, hardware migration, and cron automation.

---
Build: pass | Tests: pass — 489 passed (48 files)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---
Build: pass | Tests: pass — Tests  489 passed | 10 skipped (499)
2026-03-16 11:17:46 +00:00
57cacae3a3 feat(setup): add FreeBSD onboarding and baseline sync 2026-03-14 02:51:10 +01:00
37e43d353c fix(dates): standardize DD.mmm.YYYY display and snapshot naming 2026-03-14 00:07:55 +01:00
9c82826296 chore: v0.5.0 prep — BSD-3 emphasis, changelog, license page
Version: bump package.json 0.4.0 → 0.5.0, add "license": "BSD-3-Clause"

LICENSE:
- Add NanoClaw credit line: "Built on NanoClaw — Copyright (c) 2024 Peter Steinberger (MIT License)"
- Preserves credit chain in all redistributions per BSD-3 clause 1

scripts/gen-changelog.ts:
- New: generates html/clawdie/changelog.html from annotated git tags
- Parses conventional commit prefixes → colour-coded type badges
- npm run gen-changelog — run after each release tag

html/clawdie/changelog.html:
- Initial generation from v0.3.0 tag (312 commits)
- Regenerate with: git tag -a v0.5.0 -m "v0.5.0 - <name>" && npm run gen-changelog

html/clawdie/license.html:
- BSD-3-Clause explanation: non-endorsement clause, FreeBSD lineage
- PlayStation/Sony (Orbis OS), Apple (Darwin), Netflix, Juniper context
- Why BSD-3 over MIT, NanoClaw compatibility table
- Full license text + what-you-can-do table

html/clawdie/docs/index.html:
- Add "Project" section with Changelog + License cards
- Add BSD-3-Clause row to quick reference table

html/clawdie/index.html:
- Bump version badge v0.4.0 → v0.5.0
- Replace "MIT License" badge with linked "BSD-3-Clause" → /license.html

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-13 20:37:27 +00:00
f113bcbd9c feat: sharpen FreeBSD differentiation and skills-memory bootstrap 2026-03-13 19:05:10 +01:00
1df76f110d feat: NanoClaw upstream toggle — Option A (git remote)
Implements the upstream tracking toggle discussed in design review.
Operator enables once during setup; the agent can check divergence from chat.

Changes:
- setup/upstream.ts — new setup step: --enable adds nanoclaw remote,
  fetches, writes NANOCLAW_UPSTREAM_ENABLED=true to .env; --disable/--status
- setup/index.ts — register 'upstream' in STEPS
- scripts/fetch-upstream.ts — cron-safe host-side fetch; prints divergence
  summary (commits in nanoclaw/main not in HEAD); respects NANOCLAW_UPSTREAM_ENABLED
- jail/agent-runner/src/ipc-mcp-stdio.ts — add check_upstream_updates MCP tool:
  read-only git log against nanoclaw/main, returns commit list for operator review
- docs/REFACTOR-PLAN.md — add Phase 7 (Option B: Gitea jail, deferred)

Nothing auto-merges. Operator decides what to apply.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-13 16:27:25 +00:00
07974ac7d2 Add clean slate rebuild guide + fix CMS IP
IP Convention (lower = more foundational):
- .1 = Gateway (warden0 bridge)
- .2 = Controlplane (agent brain)
- .3 = Database (PostgreSQL)
- .4 = Bhyve (reserved)
- .5 = CMS (Astro/Strapi)

Changes:
- docs/CLEAN-SLATE-REBUILD.md: Complete rebuild guide
  - Phase 1: Update .env to new IPs
  - Phase 2: Destroy existing jails
  - Phase 3: Rebuild from scratch with screenshots
- docs/CMS-DEPLOYMENT-PLAN.md: Fix CMS IP (10.0.0.5 → 192.168.100.5)
- scripts/destroy-jails.sh: Automated jail destruction

Old .env had:
- controlplane at .100 (wrong)
- db at .2 (should be .3)
- cms at .3 (should be .5)

New convention aligns service importance with IP number.
2026-03-11 01:48:49 +00:00
0d192a4f72 Complete PGVector memory system
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-10 09:43:40 +00:00
3e404b4332 Add memory pipeline scripts (Phase 2)
Three scripts in scripts/memory/:
- common.sh: shared config, DB connection, dependency checks
- embed.sh: generate 1536d embeddings via OpenRouter API
- chunk.sh: split text on sentence boundaries (~500 chars)
- memory-pg.sh: full CLI for store/search/recent/important/count

Store pipeline: text → chunk → embed → insert (fully automated).
Search: hybrid RRF combining full-text and vector similarity.
All scripts use #!/usr/bin/env bash for FreeBSD compatibility.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-10 09:30:34 +00:00
Clawdie
4fccff3f4e refactor: replace WhatsApp with Telegram, rename container→jail, migrate skills to .agent/
- Replace WhatsApp channel (@whiskeysockets/baileys) with Telegram (grammy)
  - Add src/channels/telegram.ts, remove src/channels/whatsapp.ts + whatsapp-auth.ts
  - TELEGRAM_BOT_TOKEN required; fatal exit if not set
  - Remove @whiskeysockets/baileys, qrcode, qrcode-terminal packages
  - Update routing tests to use tg: JID format

- Rename container→jail throughout src/
  - container-runner.ts → jail-runner.ts (jexec-based spawn)
  - container-runtime.ts → jail-ops.ts (stopJail, ensureJailRunning, cleanupStaleJails)
  - Add jail-config.ts, jail-runtime.ts for FreeBSD jail provisioning
  - Rename config exports: CONTAINER_TIMEOUT→JAIL_TIMEOUT, MAX_CONCURRENT_CONTAINERS→MAX_CONCURRENT_JAILS
  - Update group-queue.ts: isTaskContainer→isTaskJail, activeContainers→activeJails

- Migrate skills from .claude/skills/ to .agent/skills/
  - Add tmux-screenshot skill (ANSI color PNG renderer, wide-char fix, 24-bit truecolor)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-07 18:36:27 +01:00
Clawdie
d9148cd180 refactor: replace container paradigm with FreeBSD jails, rename all container refs
- Rename container-runtime.ts → jail-ops.ts, container-runner.ts → jail-runner.ts
- Rename all types: ContainerInput→JailInput, ContainerOutput→JailOutput, VolumeMount→JailMount
- Rename all functions: runContainerAgent→runJailAgent, stopContainer→stopJail,
  ensureContainerRuntimeRunning→ensureJailRunning, cleanupOrphans→cleanupStaleJails
- Rename config constants: CONTAINER_TIMEOUT→JAIL_TIMEOUT,
  CONTAINER_MAX_OUTPUT_SIZE→JAIL_MAX_OUTPUT_SIZE, MAX_CONCURRENT_CONTAINERS→MAX_CONCURRENT_JAILS
- Remove Docker/Apple Container runtime detection, CONTAINER_IMAGE, CONTAINER_RUNTIME_BIN
- Add jail-ops.ts: pure FreeBSD jail runtime (nullfs mounts, jexec, jls cleanup)
- Add jail-runner.ts: agent runner using jexec instead of docker run
- Add FreeBSD jail implementation docs and JAIL-CLEANUP-MODEL
- Add AGENT.md, AGENTS.md, groups/*/AGENT.md for Clawdie context
- Add mount-allowlist.example.json

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-07 16:30:12 +01:00
Gabi Simons
d12c3c4da3 refactor: CI optimization, logging improvements, and codebase formatting (#456)
* fix(db): remove unique constraint on folder to support multi-channel agents

* ci: implement automated skill drift detection and self-healing PRs

* fix: align registration logic with Gavriel's feedback and fix build/test issues from Daniel Mi

* style: conform to prettier standards for CI validation

* test: fix branch naming inconsistency in CI (master vs main)

* fix(ci): robust module resolution by removing file extensions in scripts

* refactor(ci): simplify skill validation by removing redundant combination tests

* style: conform skills-engine to prettier, unify logging in index.ts and cleanup unused imports

* refactor: extract multi-channel DB changes to separate branch

Move channel column, folder suffix logic, and related migrations
to feat/multi-channel-db-v2 for independent review. This PR now
contains only CI/CD optimizations, Prettier formatting, and
logging improvements.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 23:13:36 +02:00
Gabi Simons
c57d2afcc0 refactor: remove deterministic caching system from skills engine (#453) 2026-02-24 15:49:29 +02:00
gavrielc
5295e2e6fc feat: add /update skill for pulling upstream changes (#372)
Interactive skill that guides Claude through fetching upstream NanoClaw,
previewing changes, merging with customizations, running migrations, and
verifying the result. Includes:

- SKILL.md with 9-step update flow
- fetch-upstream.sh: detects remote, fetches, extracts tracked paths
- run-migrations.ts: discovers and runs version-ordered migrations
- post-update.ts: clears backup after conflict resolution
- update-core.ts: adds --json and --preview-only flags
- BASE_INCLUDES moved to constants.ts as single source of truth
- 16 new tests covering fetch, migrations, and CLI flags

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-23 01:03:13 +02:00
gavrielc
6e10deecc8 Skills engine v0.1 + multi-channel infrastructure (#307)
* refactor: multi-channel infrastructure with explicit channel/is_group tracking

- Add channels[] array and findChannel() routing in index.ts, replacing
  hardcoded whatsapp.* calls with channel-agnostic callbacks
- Add channel TEXT and is_group INTEGER columns to chats table with
  COALESCE upsert to protect existing values from null overwrites
- is_group defaults to 0 (safe: unknown chats excluded from groups)
- WhatsApp passes explicit channel='whatsapp' and isGroup to onChatMetadata
- getAvailableGroups filters on is_group instead of JID pattern matching
- findChannel logs warnings instead of silently dropping unroutable JIDs
- Migration backfills channel/is_group from JID patterns for existing DBs

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: skills engine v0.1 — deterministic skill packages with rerere resolution

Three-way merge engine for applying skill packages on top of a core
codebase. Skills declare which files they add/modify, and the engine
uses git merge-file for conflict detection with git rerere for
automatic resolution of previously-seen conflicts.

Key components:
- apply: three-way merge with backup/rollback safety net
- replay: clean-slate replay for uninstall and rebase
- update: core version updates with deletion detection
- rebase: bake applied skills into base (one-way)
- manifest: validation with path traversal protection
- resolution-cache: pre-computed rerere resolutions
- structured: npm deps, env vars, docker-compose merging
- CI: per-skill test matrix with conflict detection

151 unit tests covering merge, rerere, backup, replay, uninstall,
update, rebase, structured ops, and edge cases.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: add Discord and Telegram skill packages

Skill packages for adding Discord and Telegram channels to NanoClaw.
Each package includes:
- Channel implementation (add/src/channels/)
- Three-way merge targets for index.ts, config.ts, routing.test.ts
- Intent docs explaining merge invariants
- Standalone integration tests
- manifest.yaml with dependency/conflict declarations

Applied via: npx tsx scripts/apply-skill.ts .claude/skills/add-discord
These are inert until applied — no runtime impact.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* remove unused docs (skills-system-status, implementation-guide)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-19 01:55:00 +02:00