Use packages/npm-globals.txt as the source of truth for offline npm CLI tarballs, update Pi to 0.75.5, and keep Claude Code out of the XFCE USB path.
---
Build: not run — ISO build not requested
Tests: pass — sh -n fetch-npm-globals and shell-npm-globals; pinned npm pack smoke passed
Live GUI installs now write runtime handoff files under /var/run/clawdie-installer, invoke bsdinstall script through a dedicated commit helper, persist the installed handoff for first HDD boot, and point the operator at /setup after reboot.
The live autologin user is restricted to a narrow sudoers rule for the commit helper and reboot only.
Build: pass
Tests: pass — sh -n + QML build + config-format + stubbed live-commit dry-run
Real-disk / bhyve install: NOT YET TESTED
Four critical fixes before v1.0.0 VM test, informed by PC-BSD failure
modes and GhostBSD's improvements:
1. shell-zfs.sh: zpool labelclear on fresh install
Clear ZFS labels from every device that was in the old pool before
bsdinstall writes new ones. Prevents the "can't find pool by GUID"
boot failure that made PC-BSD reinstalls unreliable.
2. shell-zfs.sh: pre-upgrade snapshot
When operator selects Upgrade, take zfs snapshot -r
pool@pre-upgrade-{timestamp} before any changes. One reboot to
roll back if the upgrade goes wrong. UPGRADE_SNAPSHOT exported for
downstream modules to reference.
3. shell-env.sh: never overwrite secrets on upgrade
clawdie_shell_env_generate() now checks CLAWDIE_BOOT_MODE. In
upgrade mode it calls clawdie_shell_env_append_new_keys() instead
of regenerating — reads existing .env and appends only keys that
are absent. Existing DB passwords, JWT secrets, API keys are never
touched. This fixes the root cause of the orphaned-database bug:
new passwords that don't match the existing pool's data.
4. firstboot.sh: module execution matrix via run_step_if
New run_step_if "<modes>" wrapper marks steps as done without
running them when not applicable to the current boot mode.
Upgrade skips: gpu, nvidia, ssh, system, desktop, pf, tailscale
Upgrade runs: pkg, env (append-only), npm-globals, deploy
Prevents SSH key resets, rc.conf overwrites, and firewall rewrites
during upgrade — all of which undid operator customisations.
Also adds INSTALLER-PLAN.md: full architecture plan for unified
GUI/TUI installer with Fresh / Upgrade / Repair modes, boot
environment support, and a clear phase roadmap to v1.1.0.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
ISO deploy module now runs `just install` (with a dev fallback to `npm run install`) instead of `npm run install-all`, and docs/tests are updated accordingly.
- Updated firstboot completion messages: Aider and Pi now listed as primary harnesses, Codex as optional
- Added [Unreleased] section to CHANGELOG documenting Aider venv provisioning and harness integration
- Reflects completion of Aider+Pi harness migration across clawdie-ai and clawdie-iso
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Ships @anthropic-ai/claude-code, @google/gemini-cli, and
@mariozechner/pi-coding-agent as prebuilt .tgz tarballs on the install
media so the agent runtime has its CLI dependencies on first boot
without network access.
Critical: installs to /home/clawdie/.npm-global to match the
npm_config_prefix set by shell-system.sh in /etc/profile.d/clawdie.sh,
so the clawdie user's PATH (and the agent's commandExists() probes)
actually resolve the binaries.
- scripts/fetch-npm-globals.sh: npm pack the 3 CLIs into tmp/npm-globals/
- firstboot/shell-npm-globals.sh: offline install as clawdie user with
matching prefix, runs between pkg setup and deploy
- build.sh: fetch + bundle into ${SHARE}/npm-globals/
- firstboot.sh: source module and run_step before deploy
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add ANTHROPIC_API_KEY and CLAUDE_CODE_OAUTH_TOKEN as optional password
fields to both shell wizard and GUI installer. Fields flow through to
.env via shell-env.sh. Document /tmp exemption in AGENTS.md.
Fix 2 critical issues preventing Phase 4 from working on FreeBSD:
1. Path Detection (main.cpp:438-447)
- Detect firstboot.sh location at runtime
- Try /usr/local/share/clawdie-iso/firstboot/firstboot.sh (live ISO)
- Fall back to /home/clawdie/clawdie-iso/firstboot/firstboot.sh (dev)
- Error with helpful message if neither found
- Closes blocker: installer now works on both dev + ISO
2. Progress Tracking (firstboot.sh:49-65, 253-262)
- Add optional _step_num parameter to run_step() function
- Write PROGRESS=N to progress file after each step completes
- Update all 10 step calls with step numbers (1-8)
- Closes blocker: progress bar now moves from 0% to 100%
3. Privilege Escalation (main.cpp:460)
- Add sudo wrapper to firstboot.sh execution
- Prompts for password when needed
- Closes blocker: pkg/sysrc operations now succeed
Files changed:
- main.cpp: +13 lines (path detection + sudo)
- firstboot.sh: +7 lines (progress tracking)
All changes validate:
- C++ compiles clean (2 pre-existing warnings)
- Shell syntax valid (sh -n)
- Binary created: 115 KB
Status: Ready for ISO build + FreeBSD testing
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
BREAKING CHANGE: Removes --target and --gpu-driver flags, unified ISO for all use cases
## Phase 0: GPU Fix + Unified ISO
### Core Changes
**GPU Package Installation (FIXES CRITICAL GAP):**
- Add clawdie_shell_nvidia_install() function to shell-nvidia.sh
- NVIDIA drivers now installed after detection (previously only configured)
- Works offline (USB packages) or online (pkg install)
- Resolves issue where rc.conf was set but driver not installed
**Unified ISO Architecture:**
- Remove --target flag from build.sh (no more vps/baremetal branching)
- Remove --gpu-driver flag from build.sh (runtime detection instead)
- All packages included on every ISO (desktop + all GPU drivers)
- Single image works on VPS, baremetal, and cloud
**Runtime Detection:**
- Add shell-desktop.sh for display detection at firstboot
- VPS/cloud: no display → lightdm disabled (headless)
- Baremetal: display detected → lightdm enabled (Lumina desktop)
- GPU detection always runs, installs correct driver version
**Sudo Unification:**
- Replace all doas references with sudo across entire codebase
- Update AGENTS.md with system configuration guidelines
- Update all documentation (BUILD.md, README.md, REQUIREMENTS.md, etc.)
- Admin panel now uses sudo for privileged operations
### Files Modified
**Core System:**
- build.sh: Remove target/gpu-driver logic, unified package selection
- firstboot/firstboot.sh: Add desktop detection module
- firstboot/shell-nvidia.sh: Add package installation function (+33 lines)
**New Files:**
- firstboot/shell-desktop.sh: Display detection and desktop enablement
- packages/pkg-list-nvidia-all.txt: All three NVIDIA driver versions (390/470/590)
- .opencode/plans/phase0-gpu-fix-unified-iso.md: Implementation plan
**Documentation:**
- PLAN-UNIFY.md: Update Step 3 for unified approach
- REQUIREMENTS.md: Simplify (no target choice), update for sudo
- BUILD.md: Update for unified ISO, sudo commands
- README.md: Update installation instructions
- AGENTS.md: Add system configuration section (sudo standardization)
- ADMIN-PANEL.md: Update privileged operations to use sudo
- CLAWDIE-SHELL.md: Update example commands to sudo
- CLAWDIE-ISO-REFACTORED.md: Update access paths to sudo
- REFACTOR-SUMMARY.md: Update permissions section to sudo
### Benefits
**Simplicity:**
- One build command: ./build.sh (no flags needed)
- One ISO to test and maintain
- No wrong choices for users
- No documentation explaining target differences
**Flexibility:**
- VPS can use GUI via VNC (wayvnc always available)
- Baremetal can run headless (disable lightdm)
- Repurpose hardware without reinstall
- All GPU drivers available for any hardware
**Technical:**
- Fixes critical GPU driver installation gap
- Runtime detection replaces build-time decisions
- Disk overhead: ~650MB (1-2% of 50GB - acceptable)
- No runtime overhead on VPS (services disabled by detection)
### Testing Required
- [ ] Build unified ISO: ./build.sh
- [ ] Test on VPS (no display): lightdm disabled, packages installed
- [ ] Test on baremetal (display): lightdm enabled, Lumina boots
- [ ] Test on NVIDIA hardware: driver installed and loaded
- [ ] Test sudo commands work without password prompts
- [ ] Verify all doas references removed
- Change default FEATURE_TAILSCALE from NO to YES
- Add build-time warning if TAILSCALE_AUTHKEY not set
- Update firstboot wizard: Tailscale moves to screen 2
- Add summary screen showing Tailscale status
- Update shell-tailscale.sh to handle missing auth key gracefully
- Update BUILD.md with new recommended/optional flow
User experience:
- With auth key: Tailscale auto-connects (secure)
- Without auth key: Warning shown, build continues (public SSH)
- Wizard allows enabling/disabling with clear warnings
No breaking changes - existing builds still work.
The .env template was missing two vars that src/config.ts reads at
runtime. Without them embeddings silently fall back to wrong defaults
(768 dims vs the 1024 the pgvector schema expects).
- shell-env.sh: add EMBED_API_KEY + EMBED_DIMENSIONS to template
- build.cfg: add matching defaults (1024 dims)
- firstboot.sh: export the new vars
- cloud-path-test.sh: add EMBED var checks (now 19 total)
Build: not tested | Tests: PASS (cloud-path 19/19, integration 7/7)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- shell-system.sh: exit → return in sourced module (would kill firstboot)
- maintenance-mode.sh: replace bash += with POSIX concat, fix subshell
scope in pipe-to-while-read (vdev_status/failed_disks were always
empty), quote all $POOL_NAME and $disk expansions
- build-vps.sh: portable _sed_i() wrapper for FreeBSD/Linux
- firstboot.sh: set -eu; set USB_PKG_PATH to SHARE/packages so offline
package repo works after HDD boot (was defaulting to /mnt/media)
- firstboot-vps.sh: remove plaintext password log, check loader.efi
exists before EFI copy
Integration test: PASS (7/7 modules)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New shell-zfs.sh module: detects existing clawdie pool, presents
boot mode menu (install/upgrade/maintenance/shell). Runs as first
step in firstboot.sh before wizard. Upgrade mode loads existing
.env and skips wizard. Maintenance mode exec's to maintenance-mode.sh.
Also: fix POSIX herestrings in maintenance-mode.sh, fix paren
mismatch in snapshot age calc, add nda (NVMe) to disk detection
patterns across all ZFS scripts for FreeBSD 15.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
firstboot.sh:
- Set SHELL_{GPU,NVIDIA,PKG,ENV,DEPLOY}_TEST=1 before sourcing modules
(prevents double-execution on source — same bug fixed in integration-test)
- Add --resume: run_step() skips steps already recorded in progress file
- Add --reset: clears progress file, starts over from scratch
- Add --help
- Wizard tracked as checkpoint so --resume skips re-prompting the user
- run_step() helper: guard → run → mark done in one call
scripts/bhyve-test.sh (was tmp/bhyve-test-setup.sh):
- Moved to tracked scripts/ directory (tmp/ is gitignored)
- Timeout 300→1800s (full install is 20–25 min, not 5)
scripts/run-bhyve-test.sh (was tmp/run-bhyve-test.sh):
- Moved to scripts/, log output redirected to logs/ (also gitignored)
BUILD.md, TESTING.md, IMPLEMENTATION-PLAN.md:
- Update all bhyve script references to scripts/bhyve-test.sh
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add welcome screen with experimental build disclaimer
- Add SSH public key input field to baremetal wizard
- Export SSH_PUBLIC_KEY to environment
- Call clawdie_shell_ssh_setup in module sequence (after pkg, before env)
Wizard now collects: name, domain, timezone, SSH key
Users can optionally provide SSH key to enable passwordless auth.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
- Rename all modules: clawdie-shell-{func}.sh → shell-{func}.sh
- Update references in firstboot.sh and installerconfig
- Update self-detection case statements in each module
- Reduces naming redundancy and improves clarity
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
.forgejo/workflows/build.yml:
- Forgejo Actions pipeline: push to main + weekly cron + manual dispatch
- Two-stage: fetch-only (no root) → assemble ISO (root via sudo)
- Publishes ISO to CMS nginx downloads; Codeberg release entry (metadata only)
- Uploads packages/ as workflow artifact for pkg-cache seeding
packages/:
- pkg-list-host.txt — host baseline (mirrors clawdie-ai infra/packages/)
- pkg-list-jails.txt — union of all jail package lists
- pkg-list-desktop-base.txt — Xorg + drm base for all DEs
- pkg-list-xfce.txt / kde.txt / mate.txt / nvidia.txt — per-DE packages
build.sh:
- --fetch-only flag: downloads packages + memstick, no root, CI step 1
- Real pkg fetch loop: reads all pkg-list-*.txt, deduplicates, runs pkg fetch
- pkg repo step: generates offline repo metadata after fetch
- Resolves "latest" Clawdie version via Codeberg API
firstboot/firstboot.sh:
- Seeds zroot/pkg-cache from USB packages/ after desktop install
- npm run install-all runs fully offline — no internet needed for jails
- Creates ZFS dataset if not present, falls back to plain directory
runner/README.md:
- forgejo-runner install + register on FreeBSD
- Scoped sudoers entry (build.sh + publish.sh only)
- rc.d service setup
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
