clawdie/clawdie-iso
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
clawdie-iso/build.cfg

173 lines
8.3 KiB
INI
Raw Permalink Normal View History

feat: initial clawdie-iso skeleton USB installer for Clawdie-AI. Combines FreeBSD base install, desktop-installer GPU/DE setup, and Clawdie-AI deployment into a single rc.firstboot wizard flow. Skeleton includes: - build.cfg: FreeBSD 15.0-RELEASE-p4, amd64, XFCE default - build.sh: 7-step build outline (fetch → inject → repack), stubs - installerconfig: bsdinstall post-install hook, copies firstboot/ to HDD - firstboot/rc.d/clawdie-firstboot: runs once on first HDD boot - firstboot/firstboot.sh: tiered bsddialog wizard (identity, desktop, pi profile, auto-generated secrets, AGENTS.md seeding, npm prefix setup) - firstboot/gpu-detect.sh: pciconf PCI ID → kld/xorg driver mapping - CLAWDIE-ISO.md: full design doc (copied from clawdie-ai) VirtualBox excluded. pkg latest default. LLM keys deferred to pi first-run. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-17 10:20:23 +00:00
#!/bin/sh
# clawdie-iso build configuration
# Sourced by build.sh — edit before building
build: bump FreeBSD to 15.1-RELEASE, make it override-friendly, de-version docs - build.cfg: FREEBSD_VERSION -> ${FREEBSD_VERSION:-15.1-RELEASE}. The memstick URL, checksum URL, cache path, and build-manifest all derive from it, so the live-USB build bumps from this one line. The :- form also lets an operator override at build time (FREEBSD_VERSION=15.2-RELEASE ./build.sh) without editing git — previously a plain assignment clobbered any env value. - docs: de-version README/BUILD/REQUIREMENTS + iso-build skill from '15.0' to '15.x' so they stop drifting on every point release. Verified: default derives the 15.1 memstick URL (HTTP 200, dated 12.jun.2026); env override cascades to 15.2. ABI stays FreeBSD:15:amd64 (same major — no package rebuild needed). build-vps.sh (mfsbsd) and poudriere keep their own version knobs and are intentionally untouched (ABI-compatible, separate paths). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-25 09:35:30 +02:00
FREEBSD_VERSION="${FREEBSD_VERSION:-15.1-RELEASE}"
feat: initial clawdie-iso skeleton USB installer for Clawdie-AI. Combines FreeBSD base install, desktop-installer GPU/DE setup, and Clawdie-AI deployment into a single rc.firstboot wizard flow. Skeleton includes: - build.cfg: FreeBSD 15.0-RELEASE-p4, amd64, XFCE default - build.sh: 7-step build outline (fetch → inject → repack), stubs - installerconfig: bsdinstall post-install hook, copies firstboot/ to HDD - firstboot/rc.d/clawdie-firstboot: runs once on first HDD boot - firstboot/firstboot.sh: tiered bsddialog wizard (identity, desktop, pi profile, auto-generated secrets, AGENTS.md seeding, npm prefix setup) - firstboot/gpu-detect.sh: pciconf PCI ID → kld/xorg driver mapping - CLAWDIE-ISO.md: full design doc (copied from clawdie-ai) VirtualBox excluded. pkg latest default. LLM keys deferred to pi first-run. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-17 10:20:23 +00:00
FREEBSD_ARCH="amd64"
Boot live installer session and narrow install-time contract (Sam & Codex)
2026-05-12 12:17:59 +02:00
FREEBSD_RELEASE_SERIES="${FREEBSD_VERSION%-RELEASE}"
FREEBSD_ISO_BASE_URL="https://download.freebsd.org/releases/${FREEBSD_ARCH}/${FREEBSD_ARCH}/ISO-IMAGES/${FREEBSD_RELEASE_SERIES}"
FREEBSD_MEMSTICK_URL="${FREEBSD_ISO_BASE_URL}/FreeBSD-${FREEBSD_VERSION}-${FREEBSD_ARCH}-memstick.img"
FREEBSD_MEMSTICK_SHA256_URL="${FREEBSD_ISO_BASE_URL}/CHECKSUM.SHA256-FreeBSD-${FREEBSD_VERSION}-${FREEBSD_ARCH}"
feat: initial clawdie-iso skeleton USB installer for Clawdie-AI. Combines FreeBSD base install, desktop-installer GPU/DE setup, and Clawdie-AI deployment into a single rc.firstboot wizard flow. Skeleton includes: - build.cfg: FreeBSD 15.0-RELEASE-p4, amd64, XFCE default - build.sh: 7-step build outline (fetch → inject → repack), stubs - installerconfig: bsdinstall post-install hook, copies firstboot/ to HDD - firstboot/rc.d/clawdie-firstboot: runs once on first HDD boot - firstboot/firstboot.sh: tiered bsddialog wizard (identity, desktop, pi profile, auto-generated secrets, AGENTS.md seeding, npm prefix setup) - firstboot/gpu-detect.sh: pciconf PCI ID → kld/xorg driver mapping - CLAWDIE-ISO.md: full design doc (copied from clawdie-ai) VirtualBox excluded. pkg latest default. LLM keys deferred to pi first-run. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-17 10:20:23 +00:00
release: bump Clawdie version to 0.11.0 (unify clawdie-iso + colibri) - build.cfg: ISO_VERSION 0.10.0 -> 0.11.0; reword the version note — clawdie-iso and colibri now share one unified Clawdie release version (zot/clawdie-ai stay provenance in build-manifest.json). - CHANGELOG: [0.11.0] entry (date in EU format DD.mon.YYYY per AGENTS rule) covering the versioning unify, operator-session hardening, poudriere build-server scripts, and the duplicate-port retirement. colibri Cargo.toml + port DISTVERSION bump to 0.11.0 lands in the colibri repo (separate branch). Tags held until both bumps merge. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-20 21:52:52 +02:00
# Clawdie release version.
# clawdie-iso and colibri share this unified version (keep colibri's Cargo.toml
# in sync). zot and clawdie-ai keep their own versions, recorded as provenance in
# build-manifest.json. Bump this for each release.
chore: fix model names + bump version to 0.12.0 - seed README: claude-opus-4-8 → deepseek-v4-pro (example harness.toml) - provider.env.sample: DEEPSEEK_MODEL deepseek-chat → deepseek-v4-pro - ISO_VERSION: 0.11.0 → 0.12.0
2026-06-23 08:50:29 +02:00
ISO_VERSION="${ISO_VERSION:-0.12.0}"
Add ISO build manifest metadata
2026-05-12 17:10:54 +02:00
BUILD_CHANNEL="${BUILD_CHANNEL:-dev}" # dev | release
feat: initial clawdie-iso skeleton USB installer for Clawdie-AI. Combines FreeBSD base install, desktop-installer GPU/DE setup, and Clawdie-AI deployment into a single rc.firstboot wizard flow. Skeleton includes: - build.cfg: FreeBSD 15.0-RELEASE-p4, amd64, XFCE default - build.sh: 7-step build outline (fetch → inject → repack), stubs - installerconfig: bsdinstall post-install hook, copies firstboot/ to HDD - firstboot/rc.d/clawdie-firstboot: runs once on first HDD boot - firstboot/firstboot.sh: tiered bsddialog wizard (identity, desktop, pi profile, auto-generated secrets, AGENTS.md seeding, npm prefix setup) - firstboot/gpu-detect.sh: pciconf PCI ID → kld/xorg driver mapping - CLAWDIE-ISO.md: full design doc (copied from clawdie-ai) VirtualBox excluded. pkg latest default. LLM keys deferred to pi first-run. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-17 10:20:23 +00:00
# Output image
Merge xfce-operator-usb: Track F Colibri, DeepSeek smoke, LLM provider harness
2026-05-24 23:21:02 +02:00
# User-facing operator image format:
docs(iso): clean builder handoff terminology (Sam & Codex) Replace stale colibri-smoke-agent references with colibri-test-agent, mark colibri-tui optional/desirable, update image-name comments, and avoid smoke wording in current build handoff docs.\n\nChecks: sh -n build.sh; sh -n scripts/test-release-gate.sh; ./scripts/check-format.sh; git diff --check.
2026-06-15 18:50:16 +02:00
# clawdie-<freebsd-codename>-<iso-version>.img
build: Upgrade ISO builder for Clawdie Shell v0.9.0 Changes: - Increase image size from 8G → 25G (accommodate bundled packages) - Refactor image prep: create fresh 25GB UFS image with proper MBR/BSD partitioning (replaces simple memstick copy; enables larger filesystem + offline package cache) - Remove KDE/MATE desktop options (focus to XFCE only) - Fix FreeBSD download URL path (15.0 ISO-IMAGES) - Add bsdinstall post-install hook variables (nonInteractive, PARTITIONS, DISTRIBUTIONS) - Implement idempotent mdconfig reattachment for interrupted builds Build workflow: ./build.sh --fetch-only # Fetch packages (no root needed) ./build.sh --skip-fetch # Assemble ISO (requires root for mdconfig/gpart/newfs) Tested on FreeBSD 15.0-RELEASE-p4. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-24 00:51:22 +00:00
#
# USB KEY SIZING GUIDE:
Merge xfce-operator-usb: Track F Colibri, DeepSeek smoke, LLM provider harness
2026-05-24 23:21:02 +02:00
# 32GB USB → IMAGE_SIZE="28G" (current fast-iteration default)
# 64GB USB → IMAGE_SIZE="50G" (roomier operator media)
# 128GB USB → IMAGE_SIZE="80G" (more offline growth)
build: Upgrade ISO builder for Clawdie Shell v0.9.0 Changes: - Increase image size from 8G → 25G (accommodate bundled packages) - Refactor image prep: create fresh 25GB UFS image with proper MBR/BSD partitioning (replaces simple memstick copy; enables larger filesystem + offline package cache) - Remove KDE/MATE desktop options (focus to XFCE only) - Fix FreeBSD download URL path (15.0 ISO-IMAGES) - Add bsdinstall post-install hook variables (nonInteractive, PARTITIONS, DISTRIBUTIONS) - Implement idempotent mdconfig reattachment for interrupted builds Build workflow: ./build.sh --fetch-only # Fetch packages (no root needed) ./build.sh --skip-fetch # Assemble ISO (requires root for mdconfig/gpart/newfs) Tested on FreeBSD 15.0-RELEASE-p4. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-24 00:51:22 +00:00
#
Merge xfce-operator-usb: Track F Colibri, DeepSeek smoke, LLM provider harness
2026-05-24 23:21:02 +02:00
# Current validation target: 32GB-class USB sticks.
# Raise IMAGE_SIZE manually when the workflow shifts back to larger media.
Make installer image UEFI bootable
2026-05-13 12:19:47 +02:00
IMAGE_SIZE="28G"
docs(iso): clean builder handoff terminology (Sam & Codex) Replace stale colibri-smoke-agent references with colibri-test-agent, mark colibri-tui optional/desirable, update image-name comments, and avoid smoke wording in current build handoff docs.\n\nChecks: sh -n build.sh; sh -n scripts/test-release-gate.sh; ./scripts/check-format.sh; git diff --check.
2026-06-15 18:50:16 +02:00
# build.sh derives IMAGE_NAME from the FreeBSD codename and ISO_VERSION.
feat: initial clawdie-iso skeleton USB installer for Clawdie-AI. Combines FreeBSD base install, desktop-installer GPU/DE setup, and Clawdie-AI deployment into a single rc.firstboot wizard flow. Skeleton includes: - build.cfg: FreeBSD 15.0-RELEASE-p4, amd64, XFCE default - build.sh: 7-step build outline (fetch → inject → repack), stubs - installerconfig: bsdinstall post-install hook, copies firstboot/ to HDD - firstboot/rc.d/clawdie-firstboot: runs once on first HDD boot - firstboot/firstboot.sh: tiered bsddialog wizard (identity, desktop, pi profile, auto-generated secrets, AGENTS.md seeding, npm prefix setup) - firstboot/gpu-detect.sh: pciconf PCI ID → kld/xorg driver mapping - CLAWDIE-ISO.md: full design doc (copied from clawdie-ai) VirtualBox excluded. pkg latest default. LLM keys deferred to pi first-run. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-17 10:20:23 +00:00
Merge pull request 'pi/main-live-boot-xfce-colibri-fixes' (#4) from pi/main-live-boot-xfce-colibri-fixes into main Simplifying Clawdie service
2026-06-02 09:00:33 +02:00
# Clawdie-AI ref to bundle from Forgejo.
Bundle current Clawdie AI for install validation
2026-05-12 16:53:48 +02:00
# Use main for install validation so ISO firstboot exercises the current
# post-install setup/token flow. Use --clawdie-version X.Y.Z for release builds.
CLAWDIE_VERSION="main"
CLAWDIE_REF="${CLAWDIE_REF:-main}"
feat: initial clawdie-iso skeleton USB installer for Clawdie-AI. Combines FreeBSD base install, desktop-installer GPU/DE setup, and Clawdie-AI deployment into a single rc.firstboot wizard flow. Skeleton includes: - build.cfg: FreeBSD 15.0-RELEASE-p4, amd64, XFCE default - build.sh: 7-step build outline (fetch → inject → repack), stubs - installerconfig: bsdinstall post-install hook, copies firstboot/ to HDD - firstboot/rc.d/clawdie-firstboot: runs once on first HDD boot - firstboot/firstboot.sh: tiered bsddialog wizard (identity, desktop, pi profile, auto-generated secrets, AGENTS.md seeding, npm prefix setup) - firstboot/gpu-detect.sh: pciconf PCI ID → kld/xorg driver mapping - CLAWDIE-ISO.md: full design doc (copied from clawdie-ai) VirtualBox excluded. pkg latest default. LLM keys deferred to pi first-run. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-17 10:20:23 +00:00
feat(firstboot): unify setup import across USB and VPS
2026-04-27 11:56:49 +02:00
# Default installer choices (can be overridden by setup.txt on the writable USB config partition)
feat: initial clawdie-iso skeleton USB installer for Clawdie-AI. Combines FreeBSD base install, desktop-installer GPU/DE setup, and Clawdie-AI deployment into a single rc.firstboot wizard flow. Skeleton includes: - build.cfg: FreeBSD 15.0-RELEASE-p4, amd64, XFCE default - build.sh: 7-step build outline (fetch → inject → repack), stubs - installerconfig: bsdinstall post-install hook, copies firstboot/ to HDD - firstboot/rc.d/clawdie-firstboot: runs once on first HDD boot - firstboot/firstboot.sh: tiered bsddialog wizard (identity, desktop, pi profile, auto-generated secrets, AGENTS.md seeding, npm prefix setup) - firstboot/gpu-detect.sh: pciconf PCI ID → kld/xorg driver mapping - CLAWDIE-ISO.md: full design doc (copied from clawdie-ai) VirtualBox excluded. pkg latest default. LLM keys deferred to pi first-run. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-17 10:20:23 +00:00
DEFAULT_PKG_BRANCH="latest" # latest or quarterly
Merge xfce-operator-usb: Track F Colibri, DeepSeek smoke, LLM provider harness
2026-05-24 23:21:02 +02:00
DEFAULT_DESKTOP="xfce" # operator USB desktop
build.cfg: Add GPU_DRIVER default Add GPU_DRIVER configuration variable (defaults to empty) to enable --gpu-driver flag parametrization at build time. Supports 6 variants: - intel | amd | nvidia-590 | nvidia-470 | nvidia-390 | vesa | "" (auto-detect) This allows build.sh to bake GPU driver selection into the ISO, bypassing live pciconf detection at firstboot and guaranteeing ONE reboot instead of TWO. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-24 01:17:37 +00:00
fix(build): honor GPU_DRIVER from the environment (Sam & Claude) build.cfg hard-set GPU_DRIVER="" , and build.sh sources build.cfg after the environment is already set, so `env GPU_DRIVER=nvidia-590 ./build.sh` was silently clobbered to "" (no NVIDIA branch baked). There is no --gpu-driver flag in build.sh, so the environment is the only way to set it. Use GPU_DRIVER="${GPU_DRIVER:-}" so an env value is honored; default stays "". Verified: env nvidia-590 -> nvidia-590; no env -> "". Replaces the detached-worktree workaround applied during the live build. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-04 23:03:31 +02:00
# GPU driver variant (set at build time via the GPU_DRIVER environment variable)
build.cfg: Add GPU_DRIVER default Add GPU_DRIVER configuration variable (defaults to empty) to enable --gpu-driver flag parametrization at build time. Supports 6 variants: - intel | amd | nvidia-590 | nvidia-470 | nvidia-390 | vesa | "" (auto-detect) This allows build.sh to bake GPU driver selection into the ISO, bypassing live pciconf detection at firstboot and guaranteeing ONE reboot instead of TWO. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-24 01:17:37 +00:00
# intel | amd | nvidia-590 | nvidia-470 | nvidia-390 | vesa | "" (auto-detect)
fix(build): honor GPU_DRIVER from the environment (Sam & Claude) build.cfg hard-set GPU_DRIVER="" , and build.sh sources build.cfg after the environment is already set, so `env GPU_DRIVER=nvidia-590 ./build.sh` was silently clobbered to "" (no NVIDIA branch baked). There is no --gpu-driver flag in build.sh, so the environment is the only way to set it. Use GPU_DRIVER="${GPU_DRIVER:-}" so an env value is honored; default stays "". Verified: env nvidia-590 -> nvidia-590; no env -> "". Replaces the detached-worktree workaround applied during the live build. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-04 23:03:31 +02:00
# Use the :- form so an env value (e.g. `GPU_DRIVER=nvidia-590 ./build.sh`) is
# honored; a plain GPU_DRIVER="" here would clobber the environment.
GPU_DRIVER="${GPU_DRIVER:-}"
build.cfg: Add TARGET, ASSISTANT_NAME, AGENT_DOMAIN, TZ defaults Add deploy target configuration and cloud pre-bake variables. Cloud builds accept these via CLI flags; baremetal leaves them blank for interactive collection via bsddialog wizard. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-24 01:50:31 +00:00
feat(gpu): universal NVIDIA lane — detect + install branch at boot (Sam & Claude) Opt-in NVIDIA_UNIVERSAL lane (default NO; normal/single-branch builds unchanged): one ISO that adapts to an unknown NVIDIA target. - build.cfg: NVIDIA_UNIVERSAL flag. - build.sh: install_nvidia_universal_repo() stages an on-image pkg repo with all three branches (390/470/580 + settings), pkg-repo metadata, and a file:// repo conf; universal mode bakes no branch and sets clawdie_live_gpu_mode=nvidia-auto. - clawdie_live_gpu: nvidia-auto mode detects the device id (PR #30 fix) -> branch {390,470,590} -> pkg-name -> `pkg install -r clawdie-nvidia` -> kldload, all best-effort with fallback to integrated/scfb (never blocks boot). - doc/NVIDIA-UNIVERSAL-HANDOFF.md: Codex FreeBSD build + hardware validation plan. sh -n clean; detector+branch+pkg map unit-tested on Linux (1c8c->590->nvidia-driver-580, 0fc8->470, 0e22->390). The pkg fetch/repo layout, offline boot install, writable root, kernel ABI, and image size MUST be validated on the FreeBSD build host + real NVIDIA hardware (see handoff). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-04 22:19:15 +02:00
# Universal NVIDIA lane (opt-in). When YES, the image carries an on-image NVIDIA
# pkg repo for all three branches (390/470/580), does NOT bake a single branch,
# and clawdie_live_gpu runs in "nvidia-auto": at boot it detects the GPU, installs
# the matching branch from the on-image repo, and kldloads it before SDDM. On any
# failure it falls back to the integrated/scfb path (never worse than today).
# Builds a larger image. Leave NO for single-branch GPU_DRIVER=nvidia-* builds.
NVIDIA_UNIVERSAL="${NVIDIA_UNIVERSAL:-NO}"
build.cfg: Add TARGET, ASSISTANT_NAME, AGENT_DOMAIN, TZ defaults Add deploy target configuration and cloud pre-bake variables. Cloud builds accept these via CLI flags; baremetal leaves them blank for interactive collection via bsddialog wizard. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-24 01:50:31 +00:00
# Deploy target
feat: rename cloud→vps, fix domain naming (Sam & Claude) Breaking changes: - --target cloud renamed to --target vps - Default domain changed from "home.arpa" to "${agentname}.home.arpa" Changes: - build.cfg: TARGET="vps" (was cloud) - build.sh: --target vps, error messages updated - firstboot.sh: AGENT_DOMAIN defaults to ${agentname}.home.arpa - vps/firstboot-vps.sh: TARGET=vps - Rename cloud-path-test.sh → vps-path-test.sh - Update integration-test.sh: clawdie.home.arpa - Update MODULE-MANIFEST.md, shell-system.sh examples - Update BUILD.md: "VPS target" (was "VPS/cloud target") Why: - "vps" is more precise than "cloud" (VPS != always cloud) - ${agentname}.home.arpa follows mDNS standard - .local collides with mDNS (as noted in shell-env.sh) Migration: Update build scripts from --target cloud to --target vps
2026-04-06 12:11:45 +02:00
TARGET="baremetal" # vps | baremetal
build.cfg: Add TARGET, ASSISTANT_NAME, AGENT_DOMAIN, TZ defaults Add deploy target configuration and cloud pre-bake variables. Cloud builds accept these via CLI flags; baremetal leaves them blank for interactive collection via bsddialog wizard. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-24 01:50:31 +00:00
feat(build): bake new agent config vars into ISO image build.cfg now uses ${VAR:-} pattern so env vars take precedence, enabling cloud builds with arbitrary agent config via environment. build.sh step 6 now injects all new fields (AGENT_GENDER, PI_TUI_PROVIDER, PI_TUI_MODEL, API keys, Telegram, embeddings) into the baked build.cfg inside the image. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 13:35:07 +00:00
# Cloud pre-bake vars (supplied via --assistant-name, --domain, --tz flags,
# or via environment variables). Env vars take precedence.
ASSISTANT_NAME="${ASSISTANT_NAME:-}"
AGENT_DOMAIN="${AGENT_DOMAIN:-}"
AGENT_GENDER="${AGENT_GENDER:-}"
TZ="${TZ:-}"
build: Add SSH key and system password support - Add --ssh-key flag for providing SSH public key at build time - Add --root-password and --clawdie-password flags for custom system passwords - Update build.cfg with SSH_PUBLIC_KEY, ROOT_PASSWORD, CLAWDIE_USER_PASSWORD - Bake all security-related vars into ISO for firstboot access Enables secure passwordless SSH auth and custom password provisioning. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-24 07:45:44 +00:00
Align ISO config docs with post-install setup
2026-05-12 19:58:33 +02:00
# LLM provider/model. Leave blank for post-install setup and Clawdie-AI profile defaults.
feat(build): bake new agent config vars into ISO image build.cfg now uses ${VAR:-} pattern so env vars take precedence, enabling cloud builds with arbitrary agent config via environment. build.sh step 6 now injects all new fields (AGENT_GENDER, PI_TUI_PROVIDER, PI_TUI_MODEL, API keys, Telegram, embeddings) into the baked build.cfg inside the image. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 13:35:07 +00:00
PI_TUI_PROVIDER="${PI_TUI_PROVIDER:-}"
PI_TUI_MODEL="${PI_TUI_MODEL:-}"
feat: make firstboot agent-name-agnostic for multi-agent deployments Derive AGENT_NAME from ASSISTANT_NAME instead of hardcoding "clawdie". Database names, users, and identity vars now follow the agent name. Add configurable fields to build.cfg and shell-env.sh: - AGENT_GENDER, PI_TUI_PROVIDER, PI_TUI_MODEL - ZAI_API_KEY, OPENROUTER_API_KEY, EMBED_BASE_URL, EMBED_MODEL - TELEGRAM_BOT_TOKEN, FEATURE_TELEGRAM (pre-bakeable for cloud) Add gender selection to baremetal wizard (bsddialog radiolist). Update bhyve-test.sh with --name flag, tap0/bridge auto-setup, sparse disk reuse, and reduced default disk size (25G). Tested: dry-run env generation produces correct Mevy config (agent_name=mevy, db=mevy, provider=zai, model=glm-5). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 13:31:36 +00:00
# API keys (pre-baked for cloud, deferred to web UI for baremetal)
feat(build): bake new agent config vars into ISO image build.cfg now uses ${VAR:-} pattern so env vars take precedence, enabling cloud builds with arbitrary agent config via environment. build.sh step 6 now injects all new fields (AGENT_GENDER, PI_TUI_PROVIDER, PI_TUI_MODEL, API keys, Telegram, embeddings) into the baked build.cfg inside the image. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 13:35:07 +00:00
ZAI_API_KEY="${ZAI_API_KEY:-}"
OPENROUTER_API_KEY="${OPENROUTER_API_KEY:-}"
ANTHROPIC_API_KEY="${ANTHROPIC_API_KEY:-}"
feat: make firstboot agent-name-agnostic for multi-agent deployments Derive AGENT_NAME from ASSISTANT_NAME instead of hardcoding "clawdie". Database names, users, and identity vars now follow the agent name. Add configurable fields to build.cfg and shell-env.sh: - AGENT_GENDER, PI_TUI_PROVIDER, PI_TUI_MODEL - ZAI_API_KEY, OPENROUTER_API_KEY, EMBED_BASE_URL, EMBED_MODEL - TELEGRAM_BOT_TOKEN, FEATURE_TELEGRAM (pre-bakeable for cloud) Add gender selection to baremetal wizard (bsddialog radiolist). Update bhyve-test.sh with --name flag, tap0/bridge auto-setup, sparse disk reuse, and reduced default disk size (25G). Tested: dry-run env generation produces correct Mevy config (agent_name=mevy, db=mevy, provider=zai, model=glm-5). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 13:31:36 +00:00
Align ISO config docs with post-install setup
2026-05-12 19:58:33 +02:00
# Embeddings. Leave base URL blank to let Clawdie-AI choose OpenRouter when
# OPENROUTER_API_KEY is present, otherwise local llama-server.
feat(build): bake new agent config vars into ISO image build.cfg now uses ${VAR:-} pattern so env vars take precedence, enabling cloud builds with arbitrary agent config via environment. build.sh step 6 now injects all new fields (AGENT_GENDER, PI_TUI_PROVIDER, PI_TUI_MODEL, API keys, Telegram, embeddings) into the baked build.cfg inside the image. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 13:35:07 +00:00
EMBED_BASE_URL="${EMBED_BASE_URL:-}"
EMBED_MODEL="${EMBED_MODEL:-}"
Add EMBED_API_KEY and EMBED_DIMENSIONS to .env pipeline The .env template was missing two vars that src/config.ts reads at runtime. Without them embeddings silently fall back to wrong defaults (768 dims vs the 1024 the pgvector schema expects). - shell-env.sh: add EMBED_API_KEY + EMBED_DIMENSIONS to template - build.cfg: add matching defaults (1024 dims) - firstboot.sh: export the new vars - cloud-path-test.sh: add EMBED var checks (now 19 total) Build: not tested | Tests: PASS (cloud-path 19/19, integration 7/7) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-06 01:37:16 +00:00
EMBED_API_KEY="${EMBED_API_KEY:-}"
EMBED_DIMENSIONS="${EMBED_DIMENSIONS:-1024}"
feat: make firstboot agent-name-agnostic for multi-agent deployments Derive AGENT_NAME from ASSISTANT_NAME instead of hardcoding "clawdie". Database names, users, and identity vars now follow the agent name. Add configurable fields to build.cfg and shell-env.sh: - AGENT_GENDER, PI_TUI_PROVIDER, PI_TUI_MODEL - ZAI_API_KEY, OPENROUTER_API_KEY, EMBED_BASE_URL, EMBED_MODEL - TELEGRAM_BOT_TOKEN, FEATURE_TELEGRAM (pre-bakeable for cloud) Add gender selection to baremetal wizard (bsddialog radiolist). Update bhyve-test.sh with --name flag, tap0/bridge auto-setup, sparse disk reuse, and reduced default disk size (25G). Tested: dry-run env generation produces correct Mevy config (agent_name=mevy, db=mevy, provider=zai, model=glm-5). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 13:31:36 +00:00
Standardize ISO build checkouts under /home/clawdie/ai (Sam & Codex)
2026-06-05 00:38:25 +02:00
# Canonical build-host source checkout root. Keep all source repos under
# /home/clawdie/ai across agents/build hosts so detached worktrees and tmp builds do not
# depend on fragile ../ sibling layout.
CLAWDIE_AI_REPO="${CLAWDIE_AI_REPO:-/home/clawdie/ai/clawdie-ai}"
Clarify Colibri live and Clawdie deploy service split (Sam & Codex) Removes stale Herdr references, reserves service clawdie for deployed disk/server targets, and keeps the live USB on colibri_daemon. Drops the baseline live rc.d/clawdie wrapper so the mounted-image contract matches the docs.\n\nChecks: ./scripts/check-format.sh; git diff --check; sh -n over scripts/ firstboot/ live/operator-session/ executables
2026-06-13 12:00:57 +02:00
# Colibri Rust control-plane service for the live operator USB.
Merge xfce-operator-usb: Colibri ISO staging (Sam & Claude) # Conflicts: # AGENTS.md
2026-05-28 00:46:24 +02:00
# The ISO build stages prebuilt FreeBSD release binaries from COLIBRI_REPO or
# COLIBRI_ARTIFACT_DIR; it does not compile Rust while the image is mounted.
FEATURE_COLIBRI="${FEATURE_COLIBRI:-YES}"
Standardize ISO build checkouts under /home/clawdie/ai (Sam & Codex)
2026-06-05 00:38:25 +02:00
COLIBRI_REPO="${COLIBRI_REPO:-/home/clawdie/ai/colibri}"
Merge xfce-operator-usb: Colibri ISO staging (Sam & Claude) # Conflicts: # AGENTS.md
2026-05-28 00:46:24 +02:00
COLIBRI_ARTIFACT_DIR="${COLIBRI_ARTIFACT_DIR:-}"
feat(iso): auto-start the Colibri daemon at boot (Sam & Claude) Re-landed on current main (the earlier branch never merged — main moved under it). Flip COLIBRI_DAEMON_ENABLE default NO -> YES now that live boot is proven on AMD hardware. rc.d is REQUIRE: LOGIN, so it starts after login and cannot block SDDM/XFCE. Still env-overridable. Pair with colibri socket-perms fix so operators connect without EACCES. CLAWDIE_ENABLE left NO. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-05 10:53:41 +02:00
# Auto-start the Colibri daemon at boot. Enabled now that live boot is proven on
# AMD hardware. The rc.d service is REQUIRE: LOGIN — it starts after the login
# milestone, so it cannot block SDDM/XFCE even if it fails. Pair with the daemon
# socket-perms fix (colibri fix-colibri-socket-perms, 0770 socket) so the
# operator's colibri-tui can connect; without it the daemon runs but group
# operators get EACCES. Still env-overridable: COLIBRI_DAEMON_ENABLE=NO ./build.sh.
COLIBRI_DAEMON_ENABLE="${COLIBRI_DAEMON_ENABLE:-YES}"
Merge xfce-operator-usb: Colibri ISO staging (Sam & Claude) # Conflicts: # AGENTS.md
2026-05-28 00:46:24 +02:00
COLIBRI_COST_MODE="${COLIBRI_COST_MODE:-smart}"
Drop unresolved Clawdie service staging from USB (Sam & Codex) Keeps service clawdie as a deployed-system contract only, removes the old mini-binary FEATURE_CLAWDIE staging lane from the ISO build, and adds explicit Linux-vs-FreeBSD proof boundaries for provider/runtime claims.\n\nChecks: ./scripts/check-format.sh; git diff --check; sh -n over scripts/ firstboot/ live/operator-session/ executables
2026-06-13 12:12:34 +02:00
# `service clawdie` is reserved for installed disk/server systems. The current
# live USB does not stage a clawdie rc.d service or mini-binary; it uses the
# lightweight `colibri_daemon` control plane directly. Add deployed-system
# service packaging only after that implementation is chosen.
Merge pull request 'feat: stage the simplified `clawdie` agent into the ISO (Sam & Claude)' (#5) from feat/clawdie-staging-onto-live-boot into main Reviewed-on: https://code.smilepowered.org/clawdie/clawdie-iso/pulls/5
2026-06-02 09:18:00 +02:00
fix(build): point agent-harness reference to AGENTS.md
2026-06-24 10:47:29 +02:00
# Colibri's bundled agent harness (the consolidation target — see colibri
# AGENTS.md). Shipped under the colibri umbrella as
Fold the agent harness under the colibri feature (drop FEATURE_ZOT) The agent (a static Go binary) was a separately-named opt-in stage gated by FEATURE_ZOT=NO, so baseline builds shipped colibri without its agent. It is really a component of colibri, not its own product surface — so name and stage it under the colibri umbrella. - build.cfg: remove FEATURE_ZOT; add internal COLIBRI_STAGE_AGENT (default YES, undocumented escape hatch for daemon-only debug builds). Keep ZOT_REPO/ ZOT_VERSION as internal staging inputs (they point at the real agent repo+tag). - build.sh: preflight + install now gate on FEATURE_COLIBRI (and the hidden COLIBRI_STAGE_AGENT), banner folds the agent into the Colibri line, messages use colibri-agent naming. - README: agent harness presented under the colibri control plane; pi retained as a spawnable agent backend rather than the default harness. Behavior change for the builder: with FEATURE_COLIBRI=YES (default) the agent now stages on baseline builds, so preflight FAILS if the agent binary is not prebuilt in $ZOT_REPO/bin. Build it first (GOOS=freebsd go build -o bin/zot ./cmd/zot) or pass COLIBRI_STAGE_AGENT=NO for a daemon-only image. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-13 18:42:01 +02:00
# a single static Go binary (providers incl. DeepSeek, Telegram bot, json/rpc
# modes, SKILL.md, extensions), so it has NO separate feature flag: it stages
# automatically whenever FEATURE_COLIBRI=YES. Internal escape hatch only —
# COLIBRI_STAGE_AGENT=NO stages the daemon without the agent (debug builds).
# Pin a tag for reproducible images; the agent has no FreeBSD release, so the
# build host compiles it: (cd $ZOT_REPO && git checkout $ZOT_VERSION &&
chore(zot): pin operator image to zot v0.2.42 (Sam & Pi) Update the ISO default Zot pin and build docs from v0.2.29 to v0.2.42 so the next image stages the current rebuilt FreeBSD zot binary instead of recording a mismatched checkout/binary pair. Also refresh the release runbook's 0.11.0 examples.\n\nValidation: ./scripts/check-format.sh; sh -n build.sh scripts/stage-zot-iso.sh; BUILD_CHANNEL=dev build.cfg default check; git diff --check.
2026-06-22 06:08:42 +02:00
# ZOT_BUILD_VERSION="${ZOT_VERSION:-v0.2.42}" && VERSION="${ZOT_BUILD_VERSION#v}" make build)
Fold the agent harness under the colibri feature (drop FEATURE_ZOT) The agent (a static Go binary) was a separately-named opt-in stage gated by FEATURE_ZOT=NO, so baseline builds shipped colibri without its agent. It is really a component of colibri, not its own product surface — so name and stage it under the colibri umbrella. - build.cfg: remove FEATURE_ZOT; add internal COLIBRI_STAGE_AGENT (default YES, undocumented escape hatch for daemon-only debug builds). Keep ZOT_REPO/ ZOT_VERSION as internal staging inputs (they point at the real agent repo+tag). - build.sh: preflight + install now gate on FEATURE_COLIBRI (and the hidden COLIBRI_STAGE_AGENT), banner folds the agent into the Colibri line, messages use colibri-agent naming. - README: agent harness presented under the colibri control plane; pi retained as a spawnable agent backend rather than the default harness. Behavior change for the builder: with FEATURE_COLIBRI=YES (default) the agent now stages on baseline builds, so preflight FAILS if the agent binary is not prebuilt in $ZOT_REPO/bin. Build it first (GOOS=freebsd go build -o bin/zot ./cmd/zot) or pass COLIBRI_STAGE_AGENT=NO for a daemon-only image. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-13 18:42:01 +02:00
COLIBRI_STAGE_AGENT="${COLIBRI_STAGE_AGENT:-YES}"
docs: rename 'fake-agent' → 'sample-agent' (matches colibri test rename) Harness-neutral, lighter wording for the optional local test-double agent (colibri-test-agent), matching the colibri-side fake→sample rename. Only the two references that named it 'fake-agent' (build.cfg comment, AGENTS.md staging note); the unrelated /tmp/fake-usb example path in FIRSTBOOT.md is a different context and left as-is. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 18:20:55 +02:00
# Development-only local sample-agent binary. Auto mode includes it for dev
feat(colibri): gate test-agent staging by build mode (Sam & Pi) Add COLIBRI_STAGE_TEST_AGENT with dev/release defaults so validation builds can include colibri-test-agent while production/release operator USB images omit it by default. Keep poudriere guidance test-friendly and document binary roles in BUILD.md.\n\nValidation: sh -n build.sh scripts/stage-colibri-iso.sh live/operator-session/colibri-live-rebuild; ./scripts/check-format.sh; ./scripts/test-release-gate.sh; build.cfg default/override checks.
2026-06-21 07:55:24 +02:00
# builds and omits it from release/prod images; override with YES/NO for
# explicit validation builds.
COLIBRI_STAGE_TEST_AGENT="${COLIBRI_STAGE_TEST_AGENT:-auto}"
if [ "${COLIBRI_STAGE_TEST_AGENT}" = "auto" ]; then
case "${BUILD_CHANNEL}" in
release|prod|production) COLIBRI_STAGE_TEST_AGENT="NO" ;;
*) COLIBRI_STAGE_TEST_AGENT="YES" ;;
esac
fi
fix(seed): close three OOTB gaps before merge A. ZOT_VERSION drift: build.cfg defaulted to v0.2.42 while build.sh preflight hint said v0.2.47. Now both default to v0.2.47. B. AGENTS.md hw-probe phrasing: told zot to run clawdie-hw-probe, but the daemon already collects it into CLAWDIE_HW_PROFILE at autospawn time. zot should read the env var, not shell out. C. RPC_PROMPT missing: COLIBRI_AUTOSPAWN=YES starts zot in RPC mode, but without RPC_PROMPT, zot blocks on stdin and idles. Added a prompt telling zot to read CLAWDIE_HW_PROFILE, call node_register on mother, and report its assigned capabilities.
2026-06-25 04:38:06 +02:00
ZOT_VERSION="${ZOT_VERSION:-v0.2.47}"
feat(iso): stage zot agent (pinned) + populate ZOT_HOME/auth.json (Sam & Claude) First concrete step of the zot consolidation (colibri ADR). Opt-in FEATURE_ZOT (default NO; Pi stays default during migration). - build.cfg: FEATURE_ZOT, ZOT_VERSION (pinned v0.2.29), ZOT_REPO, ZOT_ARTIFACT_DIR, ZOT_DEEPSEEK_KEY (optional bake). - scripts/stage-zot-iso.sh: install the prebuilt zot binary -> /usr/local/bin/zot; populate the operator's $ZOT_HOME (~/.local/state/zot) with auth.json ({"deepseek":{"api_key":...}}, 0600) when a key is given, else an auth.json.sample template + README (telegram via `zot telegram-bot setup`). - build.sh: status line, resolve_zot_paths, preflight_zot_artifacts (errors with the GOOS=freebsd go-build hint — zot has no FreeBSD release), install_zot_agent (+ chown operator state), wired into preflight + install sequences. zot is built on the FreeBSD host from the pinned tag: (cd $ZOT_REPO && git checkout v0.2.29 && GOOS=freebsd GOARCH=amd64 \ go build -trimpath -o bin/zot ./cmd/zot) sh -n clean; staging smoke-tested (binary staged, auth.json 0600 valid). Credentials use zot's own resolution (--api-key -> env -> auth.json), replacing baked-into-binary keys. Default build unchanged (FEATURE_ZOT=NO). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-13 10:33:37 +02:00
ZOT_REPO="${ZOT_REPO:-/home/clawdie/ai/zot}"
ZOT_ARTIFACT_DIR="${ZOT_ARTIFACT_DIR:-}"
Fold the agent harness under the colibri feature (drop FEATURE_ZOT) The agent (a static Go binary) was a separately-named opt-in stage gated by FEATURE_ZOT=NO, so baseline builds shipped colibri without its agent. It is really a component of colibri, not its own product surface — so name and stage it under the colibri umbrella. - build.cfg: remove FEATURE_ZOT; add internal COLIBRI_STAGE_AGENT (default YES, undocumented escape hatch for daemon-only debug builds). Keep ZOT_REPO/ ZOT_VERSION as internal staging inputs (they point at the real agent repo+tag). - build.sh: preflight + install now gate on FEATURE_COLIBRI (and the hidden COLIBRI_STAGE_AGENT), banner folds the agent into the Colibri line, messages use colibri-agent naming. - README: agent harness presented under the colibri control plane; pi retained as a spawnable agent backend rather than the default harness. Behavior change for the builder: with FEATURE_COLIBRI=YES (default) the agent now stages on baseline builds, so preflight FAILS if the agent binary is not prebuilt in $ZOT_REPO/bin. Build it first (GOOS=freebsd go build -o bin/zot ./cmd/zot) or pass COLIBRI_STAGE_AGENT=NO for a daemon-only image. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-13 18:42:01 +02:00
# Optional: bake the operator's DeepSeek key into the agent's auth.json (0600).
feat(iso): stage zot agent (pinned) + populate ZOT_HOME/auth.json (Sam & Claude) First concrete step of the zot consolidation (colibri ADR). Opt-in FEATURE_ZOT (default NO; Pi stays default during migration). - build.cfg: FEATURE_ZOT, ZOT_VERSION (pinned v0.2.29), ZOT_REPO, ZOT_ARTIFACT_DIR, ZOT_DEEPSEEK_KEY (optional bake). - scripts/stage-zot-iso.sh: install the prebuilt zot binary -> /usr/local/bin/zot; populate the operator's $ZOT_HOME (~/.local/state/zot) with auth.json ({"deepseek":{"api_key":...}}, 0600) when a key is given, else an auth.json.sample template + README (telegram via `zot telegram-bot setup`). - build.sh: status line, resolve_zot_paths, preflight_zot_artifacts (errors with the GOOS=freebsd go-build hint — zot has no FreeBSD release), install_zot_agent (+ chown operator state), wired into preflight + install sequences. zot is built on the FreeBSD host from the pinned tag: (cd $ZOT_REPO && git checkout v0.2.29 && GOOS=freebsd GOARCH=amd64 \ go build -trimpath -o bin/zot ./cmd/zot) sh -n clean; staging smoke-tested (binary staged, auth.json 0600 valid). Credentials use zot's own resolution (--api-key -> env -> auth.json), replacing baked-into-binary keys. Default build unchanged (FEATURE_ZOT=NO). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-13 10:33:37 +02:00
# Leave blank to stage an auth.json.sample template the operator fills in, or
Fold the agent harness under the colibri feature (drop FEATURE_ZOT) The agent (a static Go binary) was a separately-named opt-in stage gated by FEATURE_ZOT=NO, so baseline builds shipped colibri without its agent. It is really a component of colibri, not its own product surface — so name and stage it under the colibri umbrella. - build.cfg: remove FEATURE_ZOT; add internal COLIBRI_STAGE_AGENT (default YES, undocumented escape hatch for daemon-only debug builds). Keep ZOT_REPO/ ZOT_VERSION as internal staging inputs (they point at the real agent repo+tag). - build.sh: preflight + install now gate on FEATURE_COLIBRI (and the hidden COLIBRI_STAGE_AGENT), banner folds the agent into the Colibri line, messages use colibri-agent naming. - README: agent harness presented under the colibri control plane; pi retained as a spawnable agent backend rather than the default harness. Behavior change for the builder: with FEATURE_COLIBRI=YES (default) the agent now stages on baseline builds, so preflight FAILS if the agent binary is not prebuilt in $ZOT_REPO/bin. Build it first (GOOS=freebsd go build -o bin/zot ./cmd/zot) or pass COLIBRI_STAGE_AGENT=NO for a daemon-only image. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-13 18:42:01 +02:00
# to configure at runtime via agent env / `zot telegram-bot setup`.
feat(iso): stage zot agent (pinned) + populate ZOT_HOME/auth.json (Sam & Claude) First concrete step of the zot consolidation (colibri ADR). Opt-in FEATURE_ZOT (default NO; Pi stays default during migration). - build.cfg: FEATURE_ZOT, ZOT_VERSION (pinned v0.2.29), ZOT_REPO, ZOT_ARTIFACT_DIR, ZOT_DEEPSEEK_KEY (optional bake). - scripts/stage-zot-iso.sh: install the prebuilt zot binary -> /usr/local/bin/zot; populate the operator's $ZOT_HOME (~/.local/state/zot) with auth.json ({"deepseek":{"api_key":...}}, 0600) when a key is given, else an auth.json.sample template + README (telegram via `zot telegram-bot setup`). - build.sh: status line, resolve_zot_paths, preflight_zot_artifacts (errors with the GOOS=freebsd go-build hint — zot has no FreeBSD release), install_zot_agent (+ chown operator state), wired into preflight + install sequences. zot is built on the FreeBSD host from the pinned tag: (cd $ZOT_REPO && git checkout v0.2.29 && GOOS=freebsd GOARCH=amd64 \ go build -trimpath -o bin/zot ./cmd/zot) sh -n clean; staging smoke-tested (binary staged, auth.json 0600 valid). Credentials use zot's own resolution (--api-key -> env -> auth.json), replacing baked-into-binary keys. Default build unchanged (FEATURE_ZOT=NO). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-13 10:33:37 +02:00
ZOT_DEEPSEEK_KEY="${ZOT_DEEPSEEK_KEY:-}"
feat: add local LLM choice and model seeding
2026-04-02 15:18:50 +00:00
# Local LLM runtime (optional)
# Choices: none | ollama | llama_cpp
LOCAL_LLM_PROVIDER="${LOCAL_LLM_PROVIDER:-none}"
FEATURE_OLLAMA="${FEATURE_OLLAMA:-NO}"
FEATURE_LLAMA_CPP="${FEATURE_LLAMA_CPP:-NO}"
FEATURE_OLLAMA_HPP="${FEATURE_OLLAMA_HPP:-NO}"
OLLAMA_RAM_ESTIMATE="${OLLAMA_RAM_ESTIMATE:-8-16 GB}"
OLLAMA_DISK_ESTIMATE="${OLLAMA_DISK_ESTIMATE:-4-20 GB per model}"
LLAMA_CPP_RAM_ESTIMATE="${LLAMA_CPP_RAM_ESTIMATE:-8-16 GB}"
LLAMA_CPP_DISK_ESTIMATE="${LLAMA_CPP_DISK_ESTIMATE:-4-20 GB per model}"
USB_LLM_MODELS_PATH="${USB_LLM_MODELS_PATH:-/mnt/media/llm-models}"
feat: make firstboot agent-name-agnostic for multi-agent deployments Derive AGENT_NAME from ASSISTANT_NAME instead of hardcoding "clawdie". Database names, users, and identity vars now follow the agent name. Add configurable fields to build.cfg and shell-env.sh: - AGENT_GENDER, PI_TUI_PROVIDER, PI_TUI_MODEL - ZAI_API_KEY, OPENROUTER_API_KEY, EMBED_BASE_URL, EMBED_MODEL - TELEGRAM_BOT_TOKEN, FEATURE_TELEGRAM (pre-bakeable for cloud) Add gender selection to baremetal wizard (bsddialog radiolist). Update bhyve-test.sh with --name flag, tap0/bridge auto-setup, sparse disk reuse, and reduced default disk size (25G). Tested: dry-run env generation produces correct Mevy config (agent_name=mevy, db=mevy, provider=zai, model=glm-5). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 13:31:36 +00:00
# Telegram (pre-baked for cloud, deferred for baremetal)
feat(build): bake new agent config vars into ISO image build.cfg now uses ${VAR:-} pattern so env vars take precedence, enabling cloud builds with arbitrary agent config via environment. build.sh step 6 now injects all new fields (AGENT_GENDER, PI_TUI_PROVIDER, PI_TUI_MODEL, API keys, Telegram, embeddings) into the baked build.cfg inside the image. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 13:35:07 +00:00
TELEGRAM_BOT_TOKEN="${TELEGRAM_BOT_TOKEN:-}"
feat(firstboot): unify setup import across USB and VPS
2026-04-27 11:56:49 +02:00
TELEGRAM_ADMIN_IDS="${TELEGRAM_ADMIN_IDS:-}"
feat(build): bake new agent config vars into ISO image build.cfg now uses ${VAR:-} pattern so env vars take precedence, enabling cloud builds with arbitrary agent config via environment. build.sh step 6 now injects all new fields (AGENT_GENDER, PI_TUI_PROVIDER, PI_TUI_MODEL, API keys, Telegram, embeddings) into the baked build.cfg inside the image. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 13:35:07 +00:00
FEATURE_TELEGRAM="${FEATURE_TELEGRAM:-}"
feat: make firstboot agent-name-agnostic for multi-agent deployments Derive AGENT_NAME from ASSISTANT_NAME instead of hardcoding "clawdie". Database names, users, and identity vars now follow the agent name. Add configurable fields to build.cfg and shell-env.sh: - AGENT_GENDER, PI_TUI_PROVIDER, PI_TUI_MODEL - ZAI_API_KEY, OPENROUTER_API_KEY, EMBED_BASE_URL, EMBED_MODEL - TELEGRAM_BOT_TOKEN, FEATURE_TELEGRAM (pre-bakeable for cloud) Add gender selection to baremetal wizard (bsddialog radiolist). Update bhyve-test.sh with --name flag, tap0/bridge auto-setup, sparse disk reuse, and reduced default disk size (25G). Tested: dry-run env generation produces correct Mevy config (agent_name=mevy, db=mevy, provider=zai, model=glm-5). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 13:31:36 +00:00
feat: recommend Tailscale with optional opt-out (Sam & Claude) - Change default FEATURE_TAILSCALE from NO to YES - Add build-time warning if TAILSCALE_AUTHKEY not set - Update firstboot wizard: Tailscale moves to screen 2 - Add summary screen showing Tailscale status - Update shell-tailscale.sh to handle missing auth key gracefully - Update BUILD.md with new recommended/optional flow User experience: - With auth key: Tailscale auto-connects (secure) - Without auth key: Warning shown, build continues (public SSH) - Wizard allows enabling/disabling with clear warnings No breaking changes - existing builds still work.
2026-04-06 11:45:12 +02:00
# Tailscale (recommended for secure remote access)
Merge xfce-operator-usb: Track F Colibri, DeepSeek smoke, LLM provider harness
2026-05-24 23:21:02 +02:00
# On the operator USB, tailscaled is enabled by default. A build may optionally
# bake a one-shot TAILSCALE_AUTHKEY for first-boot autojoin, or the operator
# can authenticate later with `mdo -u root tailscale up`. The disk installer
# firstboot flow on main also uses TAILSCALE_AUTHKEY for unattended join.
feat: recommend Tailscale with optional opt-out (Sam & Claude) - Change default FEATURE_TAILSCALE from NO to YES - Add build-time warning if TAILSCALE_AUTHKEY not set - Update firstboot wizard: Tailscale moves to screen 2 - Add summary screen showing Tailscale status - Update shell-tailscale.sh to handle missing auth key gracefully - Update BUILD.md with new recommended/optional flow User experience: - With auth key: Tailscale auto-connects (secure) - Without auth key: Warning shown, build continues (public SSH) - Wizard allows enabling/disabling with clear warnings No breaking changes - existing builds still work.
2026-04-06 11:45:12 +02:00
FEATURE_TAILSCALE="${FEATURE_TAILSCALE:-YES}"
Add Tailscale firstboot module (Sam & Codex)
2026-04-04 14:58:37 +00:00
TAILSCALE_AUTHKEY="${TAILSCALE_AUTHKEY:-}"
feat: enable forgejo by default in firstboot
2026-04-02 10:25:07 +00:00
# Code hosting (local git + Forgejo by default)
Default ISO code hosting: git (no Forgejo) --- Build: n/a | Tests: n/a (bash -n ok)
2026-04-19 10:36:55 +00:00
CODE_HOSTING_MODE="${CODE_HOSTING_MODE:-git}"
feat: enable forgejo by default in firstboot
2026-04-02 10:25:07 +00:00
FEATURE_GIT="${FEATURE_GIT:-YES}"
Default ISO code hosting: git (no Forgejo) --- Build: n/a | Tests: n/a (bash -n ok)
2026-04-19 10:36:55 +00:00
FEATURE_GITEA="${FEATURE_GITEA:-NO}"
feat: enable forgejo by default in firstboot
2026-04-02 10:25:07 +00:00
FORGEJO_DISK_ESTIMATE="${FORGEJO_DISK_ESTIMATE:-1.2 GB}"
build: Add SSH key and system password support - Add --ssh-key flag for providing SSH public key at build time - Add --root-password and --clawdie-password flags for custom system passwords - Update build.cfg with SSH_PUBLIC_KEY, ROOT_PASSWORD, CLAWDIE_USER_PASSWORD - Bake all security-related vars into ISO for firstboot access Enables secure passwordless SSH auth and custom password provisioning. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-24 07:45:44 +00:00
# SSH public key (optional, supplied via --ssh-key flag)
feat(build): bake new agent config vars into ISO image build.cfg now uses ${VAR:-} pattern so env vars take precedence, enabling cloud builds with arbitrary agent config via environment. build.sh step 6 now injects all new fields (AGENT_GENDER, PI_TUI_PROVIDER, PI_TUI_MODEL, API keys, Telegram, embeddings) into the baked build.cfg inside the image. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 13:35:07 +00:00
SSH_PUBLIC_KEY="${SSH_PUBLIC_KEY:-}"
build: Add SSH key and system password support - Add --ssh-key flag for providing SSH public key at build time - Add --root-password and --clawdie-password flags for custom system passwords - Update build.cfg with SSH_PUBLIC_KEY, ROOT_PASSWORD, CLAWDIE_USER_PASSWORD - Bake all security-related vars into ISO for firstboot access Enables secure passwordless SSH auth and custom password provisioning. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-24 07:45:44 +00:00
# System passwords (optional, supplied via flags)
feat(build): bake new agent config vars into ISO image build.cfg now uses ${VAR:-} pattern so env vars take precedence, enabling cloud builds with arbitrary agent config via environment. build.sh step 6 now injects all new fields (AGENT_GENDER, PI_TUI_PROVIDER, PI_TUI_MODEL, API keys, Telegram, embeddings) into the baked build.cfg inside the image. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 13:35:07 +00:00
ROOT_PASSWORD="${ROOT_PASSWORD:-}"
CLAWDIE_USER_PASSWORD="${CLAWDIE_USER_PASSWORD:-}"
Reference in a new issue Copy permalink