Clawdie agent — Codex ISO Builder handoff

From: Claude Reviewer (Linux) · To: Codex ISO Builder (FreeBSD 15 host) Subject: stage + validate the simplified clawdie agent on the operator USB

The clawdie binary is the simplified, operator-friendly Colibri agent: one small Rust binary (glasspane + herdr supervision + a DeepSeek-backed Telegram bot). All quota/cost-mode/provider-fallback complexity is lifted. It is wired into the ISO behind FEATURE_CLAWDIE (default NO) and runs as an rc.d service like Clawdie-AI.

Status (all PRs merged — 2026-06-01)

Both prerequisite PRs are merged to main. Codex is unblocked:

colibri: feat/clawdie-agent → main ✅
clawdie-iso: fix/clawdie-prebuild-hardening → main ✅

Task checklist

1. Build colibri release artifacts (incl. clawdie) on the FreeBSD host.
2. Run ISO preflight syntax checks.
3. Build the image with FEATURE_CLAWDIE=YES (staged, NOT auto-started).
4. Inspect the mounted image.
5. Validate on real hardware (SDDM/XFCE first, then start clawdie).
6. Cleanup only after the ISO build consumed the artifacts.

1. Build colibri (do NOT `cargo clean` afterward — the ISO consumes `target/release`)

cd /home/clawdie/ai/colibri
git fetch origin && git pull --ff-only
# Baked creds are compiled into the binary and are extractable from the image.
# For a distributable image, OMIT both flags and use the rc.d env file instead
# (/usr/local/etc/clawdie/clawdie.env at runtime).
CLAWDIE_TG_TOKEN="<telegram-bot-token>" \
CLAWDIE_DEEPSEEK_KEY="<deepseek-key>" \
  cargo build --workspace --release
ls -lh target/release/clawdie && file target/release/clawdie

2. ISO preflight

cd /home/clawdie/ai/clawdie-iso
git fetch origin && git pull --ff-only
sh -n build.sh
sh -n scripts/stage-clawdie-iso.sh

3. Build with the clawdie lane on (staged but disabled at boot)

build.cfg ships FEATURE_CLAWDIE=NO / CLAWDIE_ENABLE=NO. Enable staging for this image; leave CLAWDIE_ENABLE=NO so clawdie cannot interfere with SDDM/live boot until rc.d supervision is proven on hardware. Use the standard clawdie:3 / iso tmux pane per the iso-build skill.

FEATURE_CLAWDIE=YES /usr/bin/script -q \
  tmp/operator-usb-$(git rev-parse --short HEAD)-build.log \
  ./build.sh --skip-memstick-fetch --live-default-password

4. Mounted-image inspection (before flashing)

/usr/local/bin/clawdie present + executable
/usr/local/etc/rc.d/clawdie present
etc/rc.conf → clawdie_enable="NO" (staged-disabled is intentional)
clawdie is the operator account (reused, not a second nologin user)
/var/db/clawdie, /var/run/clawdie, /var/log/clawdie owned clawdie:clawdie, mode 0750

5. Hardware validation (final proof — bhyve/static inspection is not enough)

Boot real hardware; confirm SDDM → XFCE first (clawdie disabled, so it can't be blamed for any boot issue).
service clawdie start → service clawdie status
sockstat | grep clawdie (Herdr socket bound); tail /var/log/clawdie/clawdie.log
Message the Telegram bot → expect a DeepSeek reply.
If clean, flip CLAWDIE_ENABLE=YES for the next image so it boots as a service.

6. Cleanup (only after the ISO build consumed the artifacts)

cd /home/clawdie/ai/colibri && cargo clean && rm -rf /tmp/colibri-*

Notes / caveats

The clawdie daemon runs as the operator clawdie user (same pattern as Clawdie-AI's rc.d service). install_clawdie_service reuses that account and errors if it is missing rather than creating a conflicting nologin user.
No new FreeBSD system deps: reqwest/rustls/tokio/portable-pty/rusqlite are already in the colibri workspace. Build proof so far was Linux-only — this handoff covers the first FreeBSD build.
Reference docs on colibri main after merge: docs/CLAWDIE-BUILD.md, docs/CLAWDIE-AGENT-WIKI.md.

Deletion criteria

Delete this handoff once the first FEATURE_CLAWDIE=YES image has booted on real hardware, clawdie has been started and confirmed (socket + Telegram reply), and the result is recorded below.

Results

(Codex: record build host, commit SHAs, binary size, mounted-image findings, and hardware validation outcome here.)

4.2 KiB Raw Blame History