IMAGE_NAME is now clawdie-${codename}-${ISO_VERSION}.img (e.g.
clawdie-quindecim-0.2.29.img), the version tracking zot. Drops desktop/usb/date/
commit from the filename; per-build provenance (date, clawdie-iso commit, zot
commit) lives in build-manifest.json. Removes the now-unused date/commit name
vars. Updates docs + publish-skill globs (clawdie-*) to the new format.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Makes colibri-mcp a required Colibri artifact for the live operator USB, copies it into the image, documents the read-only default and explicit trusted COLIBRI_MCP_WRITE profile, and updates ISO build handoff docs.\n\nChecks: ./scripts/check-format.sh; sh -n build.sh scripts/stage-colibri-iso.sh; git diff --check
The agent (a static Go binary) was a separately-named opt-in stage gated by
FEATURE_ZOT=NO, so baseline builds shipped colibri without its agent. It is
really a component of colibri, not its own product surface — so name and stage
it under the colibri umbrella.
- build.cfg: remove FEATURE_ZOT; add internal COLIBRI_STAGE_AGENT (default YES,
undocumented escape hatch for daemon-only debug builds). Keep ZOT_REPO/
ZOT_VERSION as internal staging inputs (they point at the real agent repo+tag).
- build.sh: preflight + install now gate on FEATURE_COLIBRI (and the hidden
COLIBRI_STAGE_AGENT), banner folds the agent into the Colibri line, messages
use colibri-agent naming.
- README: agent harness presented under the colibri control plane; pi retained
as a spawnable agent backend rather than the default harness.
Behavior change for the builder: with FEATURE_COLIBRI=YES (default) the agent
now stages on baseline builds, so preflight FAILS if the agent binary is not
prebuilt in $ZOT_REPO/bin. Build it first (GOOS=freebsd go build -o bin/zot
./cmd/zot) or pass COLIBRI_STAGE_AGENT=NO for a daemon-only image.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Removes stale Herdr references, reserves service clawdie for deployed disk/server targets, and keeps the live USB on colibri_daemon. Drops the baseline live rc.d/clawdie wrapper so the mounted-image contract matches the docs.\n\nChecks: ./scripts/check-format.sh; git diff --check; sh -n over scripts/ firstboot/ live/operator-session/ executables
BREAKING CHANGE: Removes --target and --gpu-driver flags, unified ISO for all use cases
## Phase 0: GPU Fix + Unified ISO
### Core Changes
**GPU Package Installation (FIXES CRITICAL GAP):**
- Add clawdie_shell_nvidia_install() function to shell-nvidia.sh
- NVIDIA drivers now installed after detection (previously only configured)
- Works offline (USB packages) or online (pkg install)
- Resolves issue where rc.conf was set but driver not installed
**Unified ISO Architecture:**
- Remove --target flag from build.sh (no more vps/baremetal branching)
- Remove --gpu-driver flag from build.sh (runtime detection instead)
- All packages included on every ISO (desktop + all GPU drivers)
- Single image works on VPS, baremetal, and cloud
**Runtime Detection:**
- Add shell-desktop.sh for display detection at firstboot
- VPS/cloud: no display → lightdm disabled (headless)
- Baremetal: display detected → lightdm enabled (Lumina desktop)
- GPU detection always runs, installs correct driver version
**Sudo Unification:**
- Replace all doas references with sudo across entire codebase
- Update AGENTS.md with system configuration guidelines
- Update all documentation (BUILD.md, README.md, REQUIREMENTS.md, etc.)
- Admin panel now uses sudo for privileged operations
### Files Modified
**Core System:**
- build.sh: Remove target/gpu-driver logic, unified package selection
- firstboot/firstboot.sh: Add desktop detection module
- firstboot/shell-nvidia.sh: Add package installation function (+33 lines)
**New Files:**
- firstboot/shell-desktop.sh: Display detection and desktop enablement
- packages/pkg-list-nvidia-all.txt: All three NVIDIA driver versions (390/470/590)
- .opencode/plans/phase0-gpu-fix-unified-iso.md: Implementation plan
**Documentation:**
- PLAN-UNIFY.md: Update Step 3 for unified approach
- REQUIREMENTS.md: Simplify (no target choice), update for sudo
- BUILD.md: Update for unified ISO, sudo commands
- README.md: Update installation instructions
- AGENTS.md: Add system configuration section (sudo standardization)
- ADMIN-PANEL.md: Update privileged operations to use sudo
- CLAWDIE-SHELL.md: Update example commands to sudo
- CLAWDIE-ISO-REFACTORED.md: Update access paths to sudo
- REFACTOR-SUMMARY.md: Update permissions section to sudo
### Benefits
**Simplicity:**
- One build command: ./build.sh (no flags needed)
- One ISO to test and maintain
- No wrong choices for users
- No documentation explaining target differences
**Flexibility:**
- VPS can use GUI via VNC (wayvnc always available)
- Baremetal can run headless (disable lightdm)
- Repurpose hardware without reinstall
- All GPU drivers available for any hardware
**Technical:**
- Fixes critical GPU driver installation gap
- Runtime detection replaces build-time decisions
- Disk overhead: ~650MB (1-2% of 50GB - acceptable)
- No runtime overhead on VPS (services disabled by detection)
### Testing Required
- [ ] Build unified ISO: ./build.sh
- [ ] Test on VPS (no display): lightdm disabled, packages installed
- [ ] Test on baremetal (display): lightdm enabled, Lumina boots
- [ ] Test on NVIDIA hardware: driver installed and loaded
- [ ] Test sudo commands work without password prompts
- [ ] Verify all doas references removed
