#!/bin/sh # clawdie-iso build configuration # Sourced by build.sh — edit before building FREEBSD_VERSION="15.0-RELEASE" FREEBSD_ARCH="amd64" FREEBSD_RELEASE_SERIES="${FREEBSD_VERSION%-RELEASE}" FREEBSD_ISO_BASE_URL="https://download.freebsd.org/releases/${FREEBSD_ARCH}/${FREEBSD_ARCH}/ISO-IMAGES/${FREEBSD_RELEASE_SERIES}" FREEBSD_MEMSTICK_URL="${FREEBSD_ISO_BASE_URL}/FreeBSD-${FREEBSD_VERSION}-${FREEBSD_ARCH}-memstick.img" FREEBSD_MEMSTICK_SHA256_URL="${FREEBSD_ISO_BASE_URL}/CHECKSUM.SHA256-FreeBSD-${FREEBSD_VERSION}-${FREEBSD_ARCH}" # ISO version metadata. # ISO version is independent from the bundled Clawdie-AI runtime version. ISO_VERSION="0.1.0" BUILD_CHANNEL="${BUILD_CHANNEL:-dev}" # dev | release # Output image # User-facing operator image format: # clawdie---usb-DD.MM.YY.img # # USB KEY SIZING GUIDE: # 32GB USB → IMAGE_SIZE="28G" (current fast-iteration default) # 64GB USB → IMAGE_SIZE="50G" (roomier operator media) # 128GB USB → IMAGE_SIZE="80G" (more offline growth) # # Current validation target: 32GB-class USB sticks. # Raise IMAGE_SIZE manually when the workflow shifts back to larger media. IMAGE_SIZE="28G" # build.sh derives IMAGE_NAME from desktop, the FreeBSD major-version codename, # and the build date. # Clawdie-AI ref to bundle from Forgejo. # Use main for install validation so ISO firstboot exercises the current # post-install setup/token flow. Use --clawdie-version X.Y.Z for release builds. CLAWDIE_VERSION="main" CLAWDIE_REF="${CLAWDIE_REF:-main}" # Default installer choices (can be overridden by setup.txt on the writable USB config partition) DEFAULT_PKG_BRANCH="latest" # latest or quarterly DEFAULT_DESKTOP="xfce" # operator USB desktop # GPU driver variant (set at build time via --gpu-driver flag) # intel | amd | nvidia-590 | nvidia-470 | nvidia-390 | vesa | "" (auto-detect) GPU_DRIVER="" # Deploy target TARGET="baremetal" # vps | baremetal # Cloud pre-bake vars (supplied via --assistant-name, --domain, --tz flags, # or via environment variables). Env vars take precedence. ASSISTANT_NAME="${ASSISTANT_NAME:-}" AGENT_DOMAIN="${AGENT_DOMAIN:-}" AGENT_GENDER="${AGENT_GENDER:-}" TZ="${TZ:-}" # LLM provider/model. Leave blank for post-install setup and Clawdie-AI profile defaults. PI_TUI_PROVIDER="${PI_TUI_PROVIDER:-}" PI_TUI_MODEL="${PI_TUI_MODEL:-}" # API keys (pre-baked for cloud, deferred to web UI for baremetal) ZAI_API_KEY="${ZAI_API_KEY:-}" OPENROUTER_API_KEY="${OPENROUTER_API_KEY:-}" ANTHROPIC_API_KEY="${ANTHROPIC_API_KEY:-}" # Embeddings. Leave base URL blank to let Clawdie-AI choose OpenRouter when # OPENROUTER_API_KEY is present, otherwise local llama-server. EMBED_BASE_URL="${EMBED_BASE_URL:-}" EMBED_MODEL="${EMBED_MODEL:-}" EMBED_API_KEY="${EMBED_API_KEY:-}" EMBED_DIMENSIONS="${EMBED_DIMENSIONS:-1024}" # Colibri Rust control-plane service (next ISO integration lane). # The ISO build stages prebuilt FreeBSD release binaries from COLIBRI_REPO or # COLIBRI_ARTIFACT_DIR; it does not compile Rust while the image is mounted. FEATURE_COLIBRI="${FEATURE_COLIBRI:-YES}" COLIBRI_REPO="${COLIBRI_REPO:-../colibri}" COLIBRI_ARTIFACT_DIR="${COLIBRI_ARTIFACT_DIR:-}" # Stage Colibri binaries by default, but do not block live boot on the daemon. # Hardware validation can start it manually after rc.d supervision is proven on # the target image. COLIBRI_DAEMON_ENABLE="${COLIBRI_DAEMON_ENABLE:-NO}" COLIBRI_COST_MODE="${COLIBRI_COST_MODE:-smart}" # Local LLM runtime (optional) # Choices: none | ollama | llama_cpp LOCAL_LLM_PROVIDER="${LOCAL_LLM_PROVIDER:-none}" FEATURE_OLLAMA="${FEATURE_OLLAMA:-NO}" FEATURE_LLAMA_CPP="${FEATURE_LLAMA_CPP:-NO}" FEATURE_OLLAMA_HPP="${FEATURE_OLLAMA_HPP:-NO}" OLLAMA_RAM_ESTIMATE="${OLLAMA_RAM_ESTIMATE:-8-16 GB}" OLLAMA_DISK_ESTIMATE="${OLLAMA_DISK_ESTIMATE:-4-20 GB per model}" LLAMA_CPP_RAM_ESTIMATE="${LLAMA_CPP_RAM_ESTIMATE:-8-16 GB}" LLAMA_CPP_DISK_ESTIMATE="${LLAMA_CPP_DISK_ESTIMATE:-4-20 GB per model}" USB_LLM_MODELS_PATH="${USB_LLM_MODELS_PATH:-/mnt/media/llm-models}" # Telegram (pre-baked for cloud, deferred for baremetal) TELEGRAM_BOT_TOKEN="${TELEGRAM_BOT_TOKEN:-}" TELEGRAM_ADMIN_IDS="${TELEGRAM_ADMIN_IDS:-}" FEATURE_TELEGRAM="${FEATURE_TELEGRAM:-}" # Tailscale (recommended for secure remote access) # On the operator USB, tailscaled is enabled by default. A build may optionally # bake a one-shot TAILSCALE_AUTHKEY for first-boot autojoin, or the operator # can authenticate later with `mdo -u root tailscale up`. The disk installer # firstboot flow on main also uses TAILSCALE_AUTHKEY for unattended join. FEATURE_TAILSCALE="${FEATURE_TAILSCALE:-YES}" TAILSCALE_AUTHKEY="${TAILSCALE_AUTHKEY:-}" # Code hosting (local git + Forgejo by default) CODE_HOSTING_MODE="${CODE_HOSTING_MODE:-git}" FEATURE_GIT="${FEATURE_GIT:-YES}" FEATURE_GITEA="${FEATURE_GITEA:-NO}" FORGEJO_DISK_ESTIMATE="${FORGEJO_DISK_ESTIMATE:-1.2 GB}" # SSH public key (optional, supplied via --ssh-key flag) SSH_PUBLIC_KEY="${SSH_PUBLIC_KEY:-}" # System passwords (optional, supplied via flags) ROOT_PASSWORD="${ROOT_PASSWORD:-}" CLAWDIE_USER_PASSWORD="${CLAWDIE_USER_PASSWORD:-}"