clawdie/clawdie-iso
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(join-hive): capture vault creds and pull provider keys on first boot #95

Merged
clawdie merged 2 commits from joinhive-cred-capture into main 2026-06-21 19:22:26 +02:00
Conversation 0 Commits 2 Files changed 1 +116 -6
clawdie commented 2026-06-21 18:23:05 +02:00
Owner
Copy link

Workstream A of the next ISO rebuild. The booted XFCE "Join Hive" flow now collects the 3 Vaultwarden bootstrap values and pulls the provider keys, rather than only warning when they're missing.

Step [2/4] now:

  1. If provider.env lacks BW_*, prompt for BW_CLIENTID / BW_CLIENTSECRET / BW_PASSWORD (secret + password read with echo off) and upsert them into provider.env (root-owned 0600). Pressing Enter at the first prompt skips — the manual floor is intact.
  2. Run clawdie-vault-fetch with provider.env as both the bootstrap source and --write-env target → pulls DEEPSEEK_API_KEY (and any other agent-secrets).
  3. service colibri_daemon restart so the daemon loads the new keys — which triggers the Pi auto-spawn from #137.

Security: secrets never hit process arguments — values stay in shell variables and a 0600 temp under ~/.cache/clawdie; provider.env is read/written via mdo. The upsert preserves the endpoint line and other keys.

Verified locally: sh -n clean; the upsert/merge core tested in isolation — exactly one BW_CLIENTID line, endpoint + existing keys preserved, and special characters (/ + = ! space) in the secret/password survive verbatim.

Design note: provider.env stays the single secret store — the daemon's vault provisioning and the existing provider_env_has_bw_creds check already assume that (no separate ~/.config/vault-bootstrap.env).

For Hermes on the live image: confirm the end-to-end on real hardware — boot → Join Hive → enter 3 BW values → DeepSeek pulled into provider.env → daemon restart → colibri list-agents shows the auto-spawned Pi. (Needs bw, mdo, and Tailscale reachability to vault.smilepowered.org.)

Next: Workstream C (stage external-mcp.json + rc.conf defaults incl. COLIBRI_AUTOSPAWN_PI=YES).

🤖 Generated with Claude Code

**Workstream A** of the next ISO rebuild. The booted XFCE "Join Hive" flow now *collects* the 3 Vaultwarden bootstrap values and *pulls* the provider keys, rather than only warning when they're missing. **Step `[2/4]` now:** 1. If `provider.env` lacks `BW_*`, prompt for `BW_CLIENTID` / `BW_CLIENTSECRET` / `BW_PASSWORD` (secret + password read with **echo off**) and upsert them into `provider.env` (root-owned `0600`). Pressing Enter at the first prompt skips — the manual floor is intact. 2. Run `clawdie-vault-fetch` with `provider.env` as both the bootstrap source and `--write-env` target → pulls `DEEPSEEK_API_KEY` (and any other `agent-secrets`). 3. `service colibri_daemon restart` so the daemon loads the new keys — which triggers the Pi auto-spawn from #137. **Security:** secrets never hit process arguments — values stay in shell variables and a `0600` temp under `~/.cache/clawdie`; `provider.env` is read/written via `mdo`. The upsert preserves the endpoint line and other keys. **Verified locally:** `sh -n` clean; the upsert/merge core tested in isolation — exactly one `BW_CLIENTID` line, endpoint + existing keys preserved, and special characters (`/ + = ! space`) in the secret/password survive verbatim. **Design note:** `provider.env` stays the single secret store — the daemon's vault provisioning and the existing `provider_env_has_bw_creds` check already assume that (no separate `~/.config/vault-bootstrap.env`). **For Hermes on the live image:** confirm the end-to-end on real hardware — boot → Join Hive → enter 3 BW values → DeepSeek pulled into `provider.env` → daemon restart → `colibri list-agents` shows the auto-spawned Pi. (Needs `bw`, `mdo`, and Tailscale reachability to `vault.smilepowered.org`.) Next: **Workstream C** (stage `external-mcp.json` + `rc.conf` defaults incl. `COLIBRI_AUTOSPAWN_PI=YES`). 🤖 Generated with Claude Code
clawdie added 1 commit 2026-06-21 18:23:08 +02:00 
Workstream A of the next ISO rebuild. The booted XFCE image's "Join Hive"
flow now collects the 3 Vaultwarden bootstrap values and pulls the provider
keys, instead of only warning when they are missing.

Step [2/4] now:
- If provider.env lacks BW_*, prompts for BW_CLIENTID/BW_CLIENTSECRET/
  BW_PASSWORD (secret + password read with echo off) and upserts them into
  provider.env (root-owned 0600). Entering nothing skips — manual floor intact.
- Then runs clawdie-vault-fetch against provider.env (as bootstrap and as
  --write-env target) to pull DEEPSEEK_API_KEY (and other agent-secrets), and
  restarts colibri_daemon so it loads the new keys — which triggers the Pi
  auto-spawn (colibri#137).

Secrets never appear in process arguments: values stay in shell variables and a
0600 temp under ~/.cache/clawdie; provider.env is read/written via mdo. The
upsert preserves the endpoint line and other keys (verified: special characters
in the secret/password survive, no duplicate BW_* lines).

provider.env stays the single secret store — the daemon's vault provisioning and
the existing provider_env_has_bw_creds check already assume that.

sh -n clean.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
claude-domedog added 1 commit 2026-06-21 18:59:23 +02:00 
Per Hermes' review of the cred-capture flow: after the daemon restart that
loads the pulled keys, poll colibri status (up to 10s) for a live agent so the
operator sees confirmation that the Pi auto-spawn actually came up — instead of
just "daemon restarted". Prints "Pi agent is live." or a check hint.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
clawdie merged commit 02507476b8 into main 2026-06-21 19:22:26 +02:00
clawdie deleted branch joinhive-cred-capture 2026-06-21 19:22:30 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: clawdie/clawdie-iso#95
No description provided.
Delete branch "joinhive-cred-capture"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?