clawdie/clawdie-iso
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
438 commits 1 branch 3 tags 51 MiB
Commit graph

6 commits

Author SHA1 Message Date
Sam & Claude
b163cf1014 Merge xfce-operator-usb: Track F Colibri, DeepSeek smoke, LLM provider harness 2026-06-04 20:04:23 +02:00
Sam & Claude
9bcd455fa1 Clean up warden0 bridge documentation 2026-06-04 20:04:23 +02:00
Sam & Claude
a9ac0013e2 Fix bridge naming to warden0 and correct setup token wording (Sam & Claude) 
- shell-pf.sh: BRIDGE is now always warden0 (matches jail-config.ts and AGENTS.md)
- CompletePage.qml: token text now says will be generated after first boot
- NETWORKING.md: updated to reflect warden0 fix
 2026-06-04 20:04:23 +02:00
Sam & Claude
e690b49d27 Add implementation review to live GUI proposal; escalate bridge naming bug (Sam & Claude) 2026-06-04 20:04:23 +02:00
Sam & Claude
d59cc76f30 Narrow installer contract to identity-only and fix cross-repo alignment (Sam & Claude) 
ISO-LIVE-GUI-SETUP-PROPOSAL:
- Remove LLM keys and Telegram from install-time field collection
- Add explicit 'not collected at install time' section with rationale
- Narrow clawdie-handoff.sealed scope (no provider keys or Telegram)
- Add QML alignment note about removing ANTHROPIC_API_KEY serialization

setup-import.sh:
- Replace hard-require loop for OPENROUTER/TELEGRAM with identity-only
  validation (ASSISTANT_NAME, AGENT_DOMAIN, TZ)
- Add ZAI_API_KEY, ZAI_API_BASE, OPENAI_API_KEY, ANTHROPIC_API_KEY,
  CLAUDE_CODE_OAUTH_TOKEN to allowed parse keys
- Add provider detection defaults for z.ai, OpenAI, Anthropic with
  z.ai as the new default (matches Clawdie-AI shell-env.sh)

NETWORKING.md:
- Add architecture note: browser jail replaces cage/wayvnc for autonomous
  execution; operator refresh moves to host-side xpra
- Add alignment note: bridge naming must converge to warden0 per
  Clawdie-AI AGENTS.md

README.md:
- Add architecture note on glasspane section with forward reference to
  browser jail and operator browser architecture docs
 2026-06-04 20:04:22 +02:00
Sam & Claude
aa0aec2d2c feat: port PF module with glasspane VNC (Sam & Claude) 
- Add shell-pf.sh module for PF firewall setup
- Add NETWORKING.md with glasspane documentation
- Update MODULE-MANIFEST.md for 8 modules
- Update integration-test.sh for 8 modules
- Update firstboot.sh to source and call PF module

PF features:
  - Block-all default
  - SSH brute-force protection
  - Jail NAT (192.168.0.0/16 supernet)
  - Glasspane VNC (port 5900 via Tailscale only)
  - pf_reload rc.d service for cold boot race
 2026-06-04 20:04:22 +02:00