184 lines
6 KiB
HTML
184 lines
6 KiB
HTML
<!doctype html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="utf-8" />
|
|
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
|
<title>Clawdie Operator USB</title>
|
|
<style>
|
|
:root {
|
|
--bg: #f3f1ea;
|
|
--paper: #fffdf7;
|
|
--ink: #1f2629;
|
|
--muted: #5b6469;
|
|
--line: #d8d1c4;
|
|
--accent: #1f6a5e;
|
|
--accent-soft: #d8eee9;
|
|
--warn: #b85c1a;
|
|
--warn-soft: #fef0e4;
|
|
}
|
|
body {
|
|
margin: 0;
|
|
font-family: "Noto Sans", "DejaVu Sans", sans-serif;
|
|
background: linear-gradient(135deg, #f6f4ee 0%, #ece7dd 100%);
|
|
color: var(--ink);
|
|
}
|
|
main {
|
|
max-width: 860px;
|
|
margin: 32px auto;
|
|
padding: 32px;
|
|
background: var(--paper);
|
|
border: 1px solid var(--line);
|
|
box-shadow: 0 20px 50px rgba(31, 38, 41, 0.08);
|
|
}
|
|
h1 {
|
|
margin-top: 0;
|
|
font-size: 2rem;
|
|
letter-spacing: 0.01em;
|
|
}
|
|
h2 {
|
|
margin-top: 2rem;
|
|
font-size: 1.2rem;
|
|
}
|
|
p,
|
|
li {
|
|
line-height: 1.6;
|
|
color: var(--muted);
|
|
}
|
|
.lead {
|
|
color: var(--ink);
|
|
font-size: 1.05rem;
|
|
}
|
|
.card {
|
|
margin-top: 1rem;
|
|
padding: 16px 18px;
|
|
background: var(--accent-soft);
|
|
border-left: 4px solid var(--accent);
|
|
}
|
|
.warn {
|
|
background: var(--warn-soft);
|
|
border-left-color: var(--warn);
|
|
}
|
|
code,
|
|
pre {
|
|
font-family: "DM Mono", "Cascadia Mono", monospace;
|
|
}
|
|
pre {
|
|
overflow-x: auto;
|
|
padding: 14px;
|
|
background: #f0ede4;
|
|
border: 1px solid var(--line);
|
|
color: var(--ink);
|
|
}
|
|
ul {
|
|
padding-left: 1.2rem;
|
|
}
|
|
</style>
|
|
</head>
|
|
<body>
|
|
<main>
|
|
<h1>Clawdie Operator USB</h1>
|
|
<p class="lead">
|
|
Live USB workstation for the Clawdie operator. Colibri daemon manages
|
|
agent supervision, skills, and tasks. This HTML page is deeper
|
|
reference; the desktop now opens with a short START-HERE note in
|
|
Mousepad and leaves the dashboard/browser as explicit operator choices.
|
|
</p>
|
|
|
|
<div class="card">
|
|
<strong>Included in this build:</strong>
|
|
<ul>
|
|
<li>XFCE desktop — dual-monitor, panel, wallpaper</li>
|
|
<li><code>colibri-daemon</code> — agent supervisor, skills catalog, Glasspane state machine</li>
|
|
<li><code>colibri-tui</code> — live ratatui dashboard (agent states, spawn/kill, sessions)</li>
|
|
<li><code>colibri-mcp</code> — MCP bridge for Zed, Claude Code, Cursor, and other MCP clients</li>
|
|
<li><code>colibri-test-agent</code> — local no-network Colibri launch check</li>
|
|
<li>Firefox browser</li>
|
|
<li>Tailscale package (needs auth key)</li>
|
|
<li><code>pi</code> coding agent harness (npm global)</li>
|
|
<li>DeepSeek prefix caching (~3,500 free tokens per request)</li>
|
|
<li>FreeBSD <code>mac_do</code> for kernel-enforced privilege escalation</li>
|
|
<li>Python 3.12 with <code>python</code> + <code>python3</code> symlinks</li>
|
|
</ul>
|
|
</div>
|
|
|
|
<h2>Primary dashboard</h2>
|
|
<p>
|
|
The <code>colibri-tui</code> dashboard is launched explicitly from the
|
|
desktop or terminal. If closed, restart with:
|
|
</p>
|
|
<pre>colibri-tui</pre>
|
|
|
|
<div class="card warn">
|
|
<strong>Colibri daemon must be running:</strong>
|
|
<pre>service colibri_daemon status
|
|
mdo -u root service colibri_daemon start</pre>
|
|
</div>
|
|
|
|
<h2>Colibri quick checks</h2>
|
|
<pre>
|
|
colibri status
|
|
colibri snapshot # Glasspane agent states
|
|
colibri list-tasks # Coordination board
|
|
colibri list-skills # Skills catalog
|
|
colibri-mcp tools # MCP bridge, read-only by default
|
|
COLIBRI_MCP_WRITE=1 colibri-mcp tools # trusted write-capable profile
|
|
colibri spawn-local /usr/local/bin/colibri-test-agent --session-id local-check
|
|
colibri create-task --title "check network"
|
|
colibri list-tasks --status queued</pre>
|
|
<p>
|
|
MCP client examples are installed under
|
|
<code>/usr/local/share/clawdie-iso/mcp-examples/</code>.
|
|
</p>
|
|
|
|
<h2>LLM provider keys + Vaultwarden bootstrap</h2>
|
|
<p>
|
|
Colibri can run local checks without a key. The ISO prepopulates the
|
|
non-secret Vaultwarden endpoint in
|
|
<code>/usr/local/etc/colibri/provider.env</code>. To let agents populate
|
|
their own provider secrets from Vaultwarden, add only the bootstrap
|
|
credentials there. Keep this file root-owned and mode <code>0600</code>;
|
|
it is read when <code>colibri_daemon</code> starts.
|
|
</p>
|
|
<pre>
|
|
mdo -u root ee /usr/local/etc/colibri/provider.env
|
|
mdo -u root chmod 600 /usr/local/etc/colibri/provider.env
|
|
mdo -u root service colibri_daemon restart</pre>
|
|
<p>The endpoint is already present. Add the three Vaultwarden bootstrap values:</p>
|
|
<pre>
|
|
BW_CLIENTID="..."
|
|
BW_CLIENTSECRET="..."
|
|
BW_PASSWORD="..."</pre>
|
|
<p>Direct provider keys are optional fallback entries:</p>
|
|
<pre>
|
|
DEEPSEEK_API_KEY="sk-..."
|
|
OPENROUTER_API_KEY="sk-or-..."
|
|
ANTHROPIC_API_KEY="sk-ant-..."</pre>
|
|
|
|
<h2>pi assistant</h2>
|
|
<pre>
|
|
pi # interactive session
|
|
pi --help # options
|
|
pi --provider deepseek --model deepseek-v4-pro</pre>
|
|
|
|
<h2>Tailscale</h2>
|
|
<p>If this USB was built without an auth key, join later with:</p>
|
|
<pre>mdo -u root tailscale up</pre>
|
|
|
|
<h2>Privilege escalation</h2>
|
|
<p>
|
|
This USB uses FreeBSD's native <code>mac_do</code> instead of
|
|
<code>sudo</code>. Wheel group members escalate with <code>mdo</code>:
|
|
</p>
|
|
<pre>
|
|
mdo -u root <command>
|
|
mdo -u root service tailscaled restart
|
|
mdo -u root service colibri_daemon start</pre>
|
|
|
|
<h2>Disk deployment</h2>
|
|
<p>
|
|
Disk deployment is intentionally deferred. This milestone is a stable
|
|
operator USB with full agent supervision and skills catalog.
|
|
</p>
|
|
</main>
|
|
</body>
|
|
</html>
|