clawdie/clawdie-iso
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
clawdie-iso/build.cfg
Sam & Claude da3f06f7da docs: rename 'fake-agent' → 'sample-agent' (matches colibri test rename) 
Harness-neutral, lighter wording for the optional local test-double agent
(colibri-test-agent), matching the colibri-side fake→sample rename. Only the
two references that named it 'fake-agent' (build.cfg comment, AGENTS.md
staging note); the unrelated /tmp/fake-usb example path in FIRSTBOOT.md is a
different context and left as-is.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 18:20:55 +02:00

172 lines
8.3 KiB
Bash
Raw Blame History

#!/bin/sh
# clawdie-iso build configuration
# Sourced by build.sh — edit before building
FREEBSD_VERSION="15.0-RELEASE"
FREEBSD_ARCH="amd64"
FREEBSD_RELEASE_SERIES="${FREEBSD_VERSION%-RELEASE}"
FREEBSD_ISO_BASE_URL="https://download.freebsd.org/releases/${FREEBSD_ARCH}/${FREEBSD_ARCH}/ISO-IMAGES/${FREEBSD_RELEASE_SERIES}"
FREEBSD_MEMSTICK_URL="${FREEBSD_ISO_BASE_URL}/FreeBSD-${FREEBSD_VERSION}-${FREEBSD_ARCH}-memstick.img"
FREEBSD_MEMSTICK_SHA256_URL="${FREEBSD_ISO_BASE_URL}/CHECKSUM.SHA256-FreeBSD-${FREEBSD_VERSION}-${FREEBSD_ARCH}"
# Clawdie release version.
# clawdie-iso and colibri share this unified version (keep colibri's Cargo.toml
# in sync). zot and clawdie-ai keep their own versions, recorded as provenance in
# build-manifest.json. Bump this for each release.
ISO_VERSION="${ISO_VERSION:-0.12.0}"
BUILD_CHANNEL="${BUILD_CHANNEL:-dev}" # dev | release
# Output image
# User-facing operator image format:
# clawdie-<freebsd-codename>-<iso-version>.img
#
# USB KEY SIZING GUIDE:
# 32GB USB → IMAGE_SIZE="28G" (current fast-iteration default)
# 64GB USB → IMAGE_SIZE="50G" (roomier operator media)
# 128GB USB → IMAGE_SIZE="80G" (more offline growth)
#
# Current validation target: 32GB-class USB sticks.
# Raise IMAGE_SIZE manually when the workflow shifts back to larger media.
IMAGE_SIZE="28G"
# build.sh derives IMAGE_NAME from the FreeBSD codename and ISO_VERSION.
# Clawdie-AI ref to bundle from Forgejo.
# Use main for install validation so ISO firstboot exercises the current
# post-install setup/token flow. Use --clawdie-version X.Y.Z for release builds.
CLAWDIE_VERSION="main"
CLAWDIE_REF="${CLAWDIE_REF:-main}"
# Default installer choices (can be overridden by setup.txt on the writable USB config partition)
DEFAULT_PKG_BRANCH="latest" # latest or quarterly
DEFAULT_DESKTOP="xfce" # operator USB desktop
# GPU driver variant (set at build time via the GPU_DRIVER environment variable)
# intel | amd | nvidia-590 | nvidia-470 | nvidia-390 | vesa | "" (auto-detect)
# Use the :- form so an env value (e.g. `GPU_DRIVER=nvidia-590 ./build.sh`) is
# honored; a plain GPU_DRIVER="" here would clobber the environment.
GPU_DRIVER="${GPU_DRIVER:-}"
# Universal NVIDIA lane (opt-in). When YES, the image carries an on-image NVIDIA
# pkg repo for all three branches (390/470/580), does NOT bake a single branch,
# and clawdie_live_gpu runs in "nvidia-auto": at boot it detects the GPU, installs
# the matching branch from the on-image repo, and kldloads it before SDDM. On any
# failure it falls back to the integrated/scfb path (never worse than today).
# Builds a larger image. Leave NO for single-branch GPU_DRIVER=nvidia-* builds.
NVIDIA_UNIVERSAL="${NVIDIA_UNIVERSAL:-NO}"
# Deploy target
TARGET="baremetal" # vps | baremetal
# Cloud pre-bake vars (supplied via --assistant-name, --domain, --tz flags,
# or via environment variables). Env vars take precedence.
ASSISTANT_NAME="${ASSISTANT_NAME:-}"
AGENT_DOMAIN="${AGENT_DOMAIN:-}"
AGENT_GENDER="${AGENT_GENDER:-}"
TZ="${TZ:-}"
# LLM provider/model. Leave blank for post-install setup and Clawdie-AI profile defaults.
PI_TUI_PROVIDER="${PI_TUI_PROVIDER:-}"
PI_TUI_MODEL="${PI_TUI_MODEL:-}"
# API keys (pre-baked for cloud, deferred to web UI for baremetal)
ZAI_API_KEY="${ZAI_API_KEY:-}"
OPENROUTER_API_KEY="${OPENROUTER_API_KEY:-}"
ANTHROPIC_API_KEY="${ANTHROPIC_API_KEY:-}"
# Embeddings. Leave base URL blank to let Clawdie-AI choose OpenRouter when
# OPENROUTER_API_KEY is present, otherwise local llama-server.
EMBED_BASE_URL="${EMBED_BASE_URL:-}"
EMBED_MODEL="${EMBED_MODEL:-}"
EMBED_API_KEY="${EMBED_API_KEY:-}"
EMBED_DIMENSIONS="${EMBED_DIMENSIONS:-1024}"
# Canonical build-host source checkout root. Keep all source repos under
# /home/clawdie/ai across agents/build hosts so detached worktrees and tmp builds do not
# depend on fragile ../ sibling layout.
CLAWDIE_AI_REPO="${CLAWDIE_AI_REPO:-/home/clawdie/ai/clawdie-ai}"
# Colibri Rust control-plane service for the live operator USB.
# The ISO build stages prebuilt FreeBSD release binaries from COLIBRI_REPO or
# COLIBRI_ARTIFACT_DIR; it does not compile Rust while the image is mounted.
FEATURE_COLIBRI="${FEATURE_COLIBRI:-YES}"
COLIBRI_REPO="${COLIBRI_REPO:-/home/clawdie/ai/colibri}"
COLIBRI_ARTIFACT_DIR="${COLIBRI_ARTIFACT_DIR:-}"
# Auto-start the Colibri daemon at boot. Enabled now that live boot is proven on
# AMD hardware. The rc.d service is REQUIRE: LOGIN — it starts after the login
# milestone, so it cannot block SDDM/XFCE even if it fails. Pair with the daemon
# socket-perms fix (colibri fix-colibri-socket-perms, 0770 socket) so the
# operator's colibri-tui can connect; without it the daemon runs but group
# operators get EACCES. Still env-overridable: COLIBRI_DAEMON_ENABLE=NO ./build.sh.
COLIBRI_DAEMON_ENABLE="${COLIBRI_DAEMON_ENABLE:-YES}"
COLIBRI_COST_MODE="${COLIBRI_COST_MODE:-smart}"
# `service clawdie` is reserved for installed disk/server systems. The current
# live USB does not stage a clawdie rc.d service or mini-binary; it uses the
# lightweight `colibri_daemon` control plane directly. Add deployed-system
# service packaging only after that implementation is chosen.
# Colibri's bundled agent harness (the consolidation target — see colibri ADR
# docs/ADR-agent-harness-consolidation.md). Shipped under the colibri umbrella as
# a single static Go binary (providers incl. DeepSeek, Telegram bot, json/rpc
# modes, SKILL.md, extensions), so it has NO separate feature flag: it stages
# automatically whenever FEATURE_COLIBRI=YES. Internal escape hatch only —
# COLIBRI_STAGE_AGENT=NO stages the daemon without the agent (debug builds).
# Pin a tag for reproducible images; the agent has no FreeBSD release, so the
# build host compiles it: (cd $ZOT_REPO && git checkout $ZOT_VERSION &&
# ZOT_BUILD_VERSION="${ZOT_VERSION:-v0.2.42}" && VERSION="${ZOT_BUILD_VERSION#v}" make build)
COLIBRI_STAGE_AGENT="${COLIBRI_STAGE_AGENT:-YES}"
# Development-only local sample-agent binary. Auto mode includes it for dev
# builds and omits it from release/prod images; override with YES/NO for
# explicit validation builds.
COLIBRI_STAGE_TEST_AGENT="${COLIBRI_STAGE_TEST_AGENT:-auto}"
if [ "${COLIBRI_STAGE_TEST_AGENT}" = "auto" ]; then
case "${BUILD_CHANNEL}" in
release|prod|production) COLIBRI_STAGE_TEST_AGENT="NO" ;;
*) COLIBRI_STAGE_TEST_AGENT="YES" ;;
esac
fi
ZOT_VERSION="${ZOT_VERSION:-v0.2.42}"
ZOT_REPO="${ZOT_REPO:-/home/clawdie/ai/zot}"
ZOT_ARTIFACT_DIR="${ZOT_ARTIFACT_DIR:-}"
# Optional: bake the operator's DeepSeek key into the agent's auth.json (0600).
# Leave blank to stage an auth.json.sample template the operator fills in, or
# to configure at runtime via agent env / `zot telegram-bot setup`.
ZOT_DEEPSEEK_KEY="${ZOT_DEEPSEEK_KEY:-}"
# Local LLM runtime (optional)
# Choices: none | ollama | llama_cpp
LOCAL_LLM_PROVIDER="${LOCAL_LLM_PROVIDER:-none}"
FEATURE_OLLAMA="${FEATURE_OLLAMA:-NO}"
FEATURE_LLAMA_CPP="${FEATURE_LLAMA_CPP:-NO}"
FEATURE_OLLAMA_HPP="${FEATURE_OLLAMA_HPP:-NO}"
OLLAMA_RAM_ESTIMATE="${OLLAMA_RAM_ESTIMATE:-8-16 GB}"
OLLAMA_DISK_ESTIMATE="${OLLAMA_DISK_ESTIMATE:-4-20 GB per model}"
LLAMA_CPP_RAM_ESTIMATE="${LLAMA_CPP_RAM_ESTIMATE:-8-16 GB}"
LLAMA_CPP_DISK_ESTIMATE="${LLAMA_CPP_DISK_ESTIMATE:-4-20 GB per model}"
USB_LLM_MODELS_PATH="${USB_LLM_MODELS_PATH:-/mnt/media/llm-models}"
# Telegram (pre-baked for cloud, deferred for baremetal)
TELEGRAM_BOT_TOKEN="${TELEGRAM_BOT_TOKEN:-}"
TELEGRAM_ADMIN_IDS="${TELEGRAM_ADMIN_IDS:-}"
FEATURE_TELEGRAM="${FEATURE_TELEGRAM:-}"
# Tailscale (recommended for secure remote access)
# On the operator USB, tailscaled is enabled by default. A build may optionally
# bake a one-shot TAILSCALE_AUTHKEY for first-boot autojoin, or the operator
# can authenticate later with `mdo -u root tailscale up`. The disk installer
# firstboot flow on main also uses TAILSCALE_AUTHKEY for unattended join.
FEATURE_TAILSCALE="${FEATURE_TAILSCALE:-YES}"
TAILSCALE_AUTHKEY="${TAILSCALE_AUTHKEY:-}"
# Code hosting (local git + Forgejo by default)
CODE_HOSTING_MODE="${CODE_HOSTING_MODE:-git}"
FEATURE_GIT="${FEATURE_GIT:-YES}"
FEATURE_GITEA="${FEATURE_GITEA:-NO}"
FORGEJO_DISK_ESTIMATE="${FORGEJO_DISK_ESTIMATE:-1.2 GB}"
# SSH public key (optional, supplied via --ssh-key flag)
SSH_PUBLIC_KEY="${SSH_PUBLIC_KEY:-}"
# System passwords (optional, supplied via flags)
ROOT_PASSWORD="${ROOT_PASSWORD:-}"
CLAWDIE_USER_PASSWORD="${CLAWDIE_USER_PASSWORD:-}"
Reference in a new issue View git blame Copy permalink