- Remove hardcoded USB_MOUNT_POINT=/mnt/media
- Remove USB_PKG_PATH based on mount point
- Add SHARE (default: /usr/local/share/clawdie-iso)
- Add USB_PACKAGES (default: \${SHARE}/packages)
- Update all references to use SHARE-relative paths:
* clawdie_shell_pkg_write_clawdie_usb_conf()
* clawdie_shell_pkg_seed_cache()
Path now resolves at install time from actual ISO payload location,
not a hardcoded mount point that may not exist.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Add early return for cloud deployments before any GPU detection logic.
Cloud VMs have no real GPU hardware, so skip pciconf detection entirely.
Mark [GPU] COMPLETE in progress file and return cleanly.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Add deploy target configuration and cloud pre-bake variables.
Cloud builds accept these via CLI flags; baremetal leaves them blank
for interactive collection via bsddialog wizard.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Add early check in clawdie_shell_nvidia_detect(): if GPU_DRIVER is pre-baked as
nvidia-590, nvidia-470, or nvidia-390, extract version number and set
NVIDIA_DRIVER_VERSION env var for unattended mode.
Logic:
- Case match GPU_DRIVER (nvidia-590|nvidia-470|nvidia-390)
- Set DETECTED_GPU=nvidia and NVIDIA_DRIVER_VERSION to extracted version (e.g., "470")
- Existing clawdie_shell_nvidia_select_version() already bypasses bsddialog when
NVIDIA_DRIVER_VERSION is set (L71-74)
Benefit: Automates NVIDIA driver version selection when pre-baked at build time,
eliminating the interactive bsddialog menu in firstboot. Combined with GPU
pre-bake logic, enables fully unattended firstboot for GPU-specific ISO variants.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Add early check in clawdie_shell_gpu_detect(): if GPU_DRIVER is pre-baked
(set via build.cfg at ISO build time), skip live pciconf detection and proceed
directly to kld_list configuration.
Logic:
- Check if GPU_DRIVER env var is non-empty
- Map GPU_DRIVER to kld modules (intel→i915kms, amd→amdgpu, nvidia-*→nvidia-modeset nvidia)
- Write kld_list to rc.conf (idempotent)
- Mark GPU detection complete; return early
Benefit: Eliminates variable hardware detection at firstboot. rc.d/kld reads
kld_list from rc.conf early in boot (REQUIRE: NETWORKING), before
clawdie-firstboot service runs (REQUIRE: NETWORKING LOGIN), so driver is live
when Lumina starts. Guarantees ONE reboot instead of risking TWO.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Major changes enable 6 GPU-specific ISO variants with pre-baked driver configuration:
1. Argument parsing: Add --gpu-driver flag with validation (intel|amd|nvidia-{590,470,390}|vesa)
2. IMAGE_NAME: Add GPU suffix to output filename:
- clawdie-iso-intel-24.mar.2026.img (with --gpu-driver intel)
- clawdie-iso-24.mar.2026.img (without flag, auto-detect)
3. pkg_list_all(): Conditional GPU package selection based on GPU_DRIVER
4. Payload baking (Step 6): Append GPU_DRIVER to build.cfg on ISO so firstboot
can skip live pciconf detection—driver is pre-baked in kld_list at boot time
5. Fix IMAGE_SIZE usage: Replace hardcoded 25G with "${IMAGE_SIZE}" variable
Result: Firstboot reads GPU_DRIVER from build.cfg, writes kld_list to rc.conf,
and rc.d/kld loads driver early in boot (REQUIRE: NETWORKING) before clawdie-firstboot
service runs—guaranteeing ONE reboot instead of risking TWO.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Add GPU_DRIVER configuration variable (defaults to empty) to enable --gpu-driver
flag parametrization at build time. Supports 6 variants:
- intel | amd | nvidia-590 | nvidia-470 | nvidia-390 | vesa | "" (auto-detect)
This allows build.sh to bake GPU driver selection into the ISO, bypassing live
pciconf detection at firstboot and guaranteeing ONE reboot instead of TWO.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Create versioned NVIDIA driver package lists to support 6 GPU-specific ISO variants:
- pkg-list-nvidia-590.txt: Maxwell & newer (GTX 750 Ti+, RTX 20/30/40)
- pkg-list-nvidia-470.txt: Kepler (GTX 600/700, Titan Black)
- pkg-list-nvidia-390.txt: Fermi (GTX 400/500)
Each includes the appropriate driver version and nvidia-settings for clean, per-variant bundling. The old pkg-list-nvidia.txt is deprecated but kept for reference.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Rationale:
- FreeBSD Bluetooth stack less mature than Linux
- Agent workstations typically fixed (office/rack) with Ethernet
- USB peripherals sufficient; wireless not critical for deployment
- Tight BT integration adds significant complexity for rare use case
Removed:
- Bluetooth from constraints list
- Post-install Bluetooth workaround docs
- Bluetooth from v1.0 roadmap
Decision: No Bluetooth in any Clawdie Shell version. Users requiring manual BT
can use hcsecd/rfcomm post-install if needed.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
- clawdie_shell_system_config() main entry point
- RC.CONF configuration: timezone, dbus, hald, seatd, lightdm
- Hostname configuration (/etc/hostname + live set)
- Environment setup (/etc/profile.d/clawdie.sh) with npm paths
- Service enablement (safe-fail in chroot)
- SYSRC helper for idempotent rc.conf updates (using | delimiter for paths)
- Full test suite: 22 tests, all passing
Phase 1.4 complete. System configuration ready for deployment.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
- clawdie_shell_gpu_detect() main entry point
- PCI device detection via pciconf -lv
- Vendor ID matching (Intel 0x8086, AMD 0x1002, NVIDIA 0x10de, VMware 0x15ad)
- Driver mapping: Intel→i915kms, AMD→amdgpu, NVIDIA→nvidia-modeset+nvidia, VMware→vmwgfx
- RC.CONF kld_list generation with idempotent updates
- Live module loading via kldload (safe fail in chroot)
- Fallback to VESA software rendering if GPU detection fails
- Full test suite: 15 tests, all passing
Phase 1.3 complete.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Document that bhyve UEFI firmware (edk2-bhyve) is required for testing
ISO installations before deployment via cron or Forgejo Actions.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Change IMAGE_NAME from YYYYMMDD to DD.mmm.YYYY per AGENTS.md convention.
No numeric-only months — ambiguous for humans and LLMs.
Output: clawdie-iso-17.mar.2026.img (instead of clawdie-iso-20260317.img)
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
1. Determine memstick partition layout: /dev/\${MD}s2a (UFS)
2. Implement payload injection in build.sh steps 5-6
3. Create scripts/publish.sh to copy ISO to CMS nginx /downloads/
4. Fix --fetch-only to not require root (use temp pkg config)
All 4 quickstart tasks now unblocked. Next: test in bhyve VM.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Forgejo runner adds complexity before build.sh is working.
Workflow file (runner/README.md) kept for when CI/CD is needed.
Cron job documented in runner/README.md as the active automation path.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Subnet: .5 → .10 (was colliding with CMS jail at .5)
- Bridge: lagg0 → warden0 (correct Bastille bridge name)
- Hostname: poudriere.local → poudriere.clawdie.home.arpa (consistent with
internal naming convention used by other jails)
- Architecture diagram: git (.1→.4), cms (.4→.5), add full subnet legend
- rsync paths: use jail filesystem path directly instead of rsync-over-SSH
to the jail IP (jails share the host filesystem, no SSH hop needed)
- Phase 5.2 build.sh: align with actual --fetch-only/--skip-fetch flags
and explain Poudriere as a pre-fetch step in the existing pipeline
- Phase 6.2: cron is fallback only — Forgejo Actions handles scheduling
- Alternatives table: CI/CD marked as implemented, not rejected
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
.forgejo/workflows/build.yml:
- Forgejo Actions pipeline: push to main + weekly cron + manual dispatch
- Two-stage: fetch-only (no root) → assemble ISO (root via sudo)
- Publishes ISO to CMS nginx downloads; Codeberg release entry (metadata only)
- Uploads packages/ as workflow artifact for pkg-cache seeding
packages/:
- pkg-list-host.txt — host baseline (mirrors clawdie-ai infra/packages/)
- pkg-list-jails.txt — union of all jail package lists
- pkg-list-desktop-base.txt — Xorg + drm base for all DEs
- pkg-list-xfce.txt / kde.txt / mate.txt / nvidia.txt — per-DE packages
build.sh:
- --fetch-only flag: downloads packages + memstick, no root, CI step 1
- Real pkg fetch loop: reads all pkg-list-*.txt, deduplicates, runs pkg fetch
- pkg repo step: generates offline repo metadata after fetch
- Resolves "latest" Clawdie version via Codeberg API
firstboot/firstboot.sh:
- Seeds zroot/pkg-cache from USB packages/ after desktop install
- npm run install-all runs fully offline — no internet needed for jails
- Creates ZFS dataset if not present, falls back to plain directory
runner/README.md:
- forgejo-runner install + register on FreeBSD
- Scoped sudoers entry (build.sh + publish.sh only)
- rc.d service setup
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Option 3 from brainstorming session — two-tier package system:
- Base layer: stock FreeBSD packages from official latest repo
- Clawdie layer: custom-built packages from Poudriere (priority 100)
Covers:
- Phase 1-7 implementation steps
- Jail setup and configuration
- Package list and make.conf
- ISO integration and automation
- Resource requirements and update flow
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Moved from clawdie-ai for development alongside build.sh.
Will be merged back to clawdie-ai once the ISO build is working.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
