Forgejo runner adds complexity before build.sh is working.
Workflow file (runner/README.md) kept for when CI/CD is needed.
Cron job documented in runner/README.md as the active automation path.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Subnet: .5 → .10 (was colliding with CMS jail at .5)
- Bridge: lagg0 → warden0 (correct Bastille bridge name)
- Hostname: poudriere.local → poudriere.clawdie.home.arpa (consistent with
internal naming convention used by other jails)
- Architecture diagram: git (.1→.4), cms (.4→.5), add full subnet legend
- rsync paths: use jail filesystem path directly instead of rsync-over-SSH
to the jail IP (jails share the host filesystem, no SSH hop needed)
- Phase 5.2 build.sh: align with actual --fetch-only/--skip-fetch flags
and explain Poudriere as a pre-fetch step in the existing pipeline
- Phase 6.2: cron is fallback only — Forgejo Actions handles scheduling
- Alternatives table: CI/CD marked as implemented, not rejected
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
.forgejo/workflows/build.yml:
- Forgejo Actions pipeline: push to main + weekly cron + manual dispatch
- Two-stage: fetch-only (no root) → assemble ISO (root via sudo)
- Publishes ISO to CMS nginx downloads; Codeberg release entry (metadata only)
- Uploads packages/ as workflow artifact for pkg-cache seeding
packages/:
- pkg-list-host.txt — host baseline (mirrors clawdie-ai infra/packages/)
- pkg-list-jails.txt — union of all jail package lists
- pkg-list-desktop-base.txt — Xorg + drm base for all DEs
- pkg-list-xfce.txt / kde.txt / mate.txt / nvidia.txt — per-DE packages
build.sh:
- --fetch-only flag: downloads packages + memstick, no root, CI step 1
- Real pkg fetch loop: reads all pkg-list-*.txt, deduplicates, runs pkg fetch
- pkg repo step: generates offline repo metadata after fetch
- Resolves "latest" Clawdie version via Codeberg API
firstboot/firstboot.sh:
- Seeds zroot/pkg-cache from USB packages/ after desktop install
- npm run install-all runs fully offline — no internet needed for jails
- Creates ZFS dataset if not present, falls back to plain directory
runner/README.md:
- forgejo-runner install + register on FreeBSD
- Scoped sudoers entry (build.sh + publish.sh only)
- rc.d service setup
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Option 3 from brainstorming session — two-tier package system:
- Base layer: stock FreeBSD packages from official latest repo
- Clawdie layer: custom-built packages from Poudriere (priority 100)
Covers:
- Phase 1-7 implementation steps
- Jail setup and configuration
- Package list and make.conf
- ISO integration and automation
- Resource requirements and update flow
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Moved from clawdie-ai for development alongside build.sh.
Will be merged back to clawdie-ai once the ISO build is working.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
