fix(wiki): repair broken ../packaging/ links (EN+SL) + clean stray content dir
- 12 links in mother-hive.md (6 EN, 6 SL): ../packaging/ → ../../packaging/ (packaging/ lives at repo root, not under docs/) - Remove untracked astro/wiki/src/content/ (stray staging dir) - Add src/content/ to astro/wiki/.gitignore
This commit is contained in:
parent
464d075f5c
commit
350c9ce3ba
3 changed files with 232 additions and 229 deletions
1
astro/wiki/.gitignore
vendored
1
astro/wiki/.gitignore
vendored
|
|
@ -1,3 +1,4 @@
|
|||
node_modules/
|
||||
dist/
|
||||
.astro/
|
||||
src/content/
|
||||
|
|
|
|||
|
|
@ -1,110 +1,111 @@
|
|||
# Mother hive
|
||||
|
||||
← [index](./index.md)
|
||||
|
||||
## What this is
|
||||
|
||||
The mother node (OSA) coordinates USB operator nodes via MCP over SSH →
|
||||
PostgreSQL. USB nodes send hardware profiles; mother derives capabilities and
|
||||
maintains the hive registry. This page records the **decisions** behind the
|
||||
implementation — the rationale the code can't express. For setup instructions,
|
||||
architecture diagrams, and the first-run checklist, see
|
||||
[`packaging/mother/MOTHER-SETUP.md`](../packaging/mother/MOTHER-SETUP.md).
|
||||
|
||||
## Decisions
|
||||
|
||||
### Forced-command SSH boundary (not a listening daemon)
|
||||
|
||||
USB nodes reach mother by spawning `ssh colibri@mother` (no remote command).
|
||||
On the mother side, `authorized_keys` enforces
|
||||
`command="/usr/local/bin/colibri-mcp-ssh",restrict,...` — the connection
|
||||
**cannot** run an interactive shell or any command except the wrapper.
|
||||
|
||||
The wrapper (`colibri-mcp-ssh`) further allowlists `SSH_ORIGINAL_COMMAND` to
|
||||
`""` (stdio MCP mode) or `"tools"` (one-shot discovery). Every other value is
|
||||
rejected.
|
||||
|
||||
**Why not a listening daemon** (HTTP, gRPC, raw TCP): Tailscale encrypts the
|
||||
wire, so the SSH layer adds authentication + confinement without extra
|
||||
infrastructure (no TLS certs, no auth tokens, no open ports). The forced-command
|
||||
boundary is a second lock on top of the SSH key — even a compromised USB that
|
||||
holds the key can only invoke the wrapper, and the wrapper only delegates to
|
||||
colibri-mcp. Defense in depth, deployed as one OpenSSH feature.
|
||||
|
||||
→ [`colibri-mcp-ssh`](../packaging/mother/colibri-mcp-ssh), [`MOTHER-SETUP.md` §Security](../packaging/mother/MOTHER-SETUP.md#security-properties)
|
||||
|
||||
### Single home for mother infra (colibri, not clawdie-iso)
|
||||
|
||||
The mother MCP scripts (`node-register-mcp`, `geodesic-dome-mcp`, etc.) were
|
||||
originally copied into both repos. The clawdie-iso copy drifted — its
|
||||
`node-register-mcp` used `E'${...}'` string interpolation (SQL-injectable)
|
||||
while the colibri copy used parameterized `psql -v :'variable'`. The iso copy
|
||||
was removed in clawdie-iso PR #129.
|
||||
|
||||
**Lesson**: a script in two repos **will** drift. The wiki lint is single-repo
|
||||
and can't see cross-repo duplicates. The mitigation is discipline: mother infra
|
||||
lives in one place.
|
||||
|
||||
→ [naming-decisions §Structural](./naming-decisions.md#structural-decisions) ("Single home" row)
|
||||
|
||||
### `hive_nodes` — not `usb_nodes`
|
||||
|
||||
The original table name assumed only USB-booted nodes would register. But a
|
||||
node is any host that joins the hive — USB, NVMe, a jail. Renamed to
|
||||
`hive_nodes` with a `node_type` column (colibri #161). The `derive_capabilities()`
|
||||
trigger is table-agnostic and auto-computes `has_gpu`, `gpu_vendor`,
|
||||
`can_run_local_llm`, `has_wifi`, `max_model` on INSERT.
|
||||
|
||||
→ [`mother_schema.sql`](../packaging/mother/mother_schema.sql),
|
||||
[naming-decisions](./naming-decisions.md) (`usb_nodes → hive_nodes` row)
|
||||
|
||||
### PostgreSQL peer auth (no passwords)
|
||||
|
||||
The `colibri` OS user connects to `mother_hive` via peer authentication — the
|
||||
kernel attests the Unix user, no password needed. `node-register-mcp` runs as
|
||||
this user and inherits the trust. No pgpass files, no env vars, no credential
|
||||
rotation. One moving part: the `pg_hba.conf` peer rule must precede any
|
||||
catch-all `local all all` line (first-match).
|
||||
|
||||
**Why not a password or certificate**: passwords rotate and leak; certificates
|
||||
need a CA. Peer auth is built into PostgreSQL on every Unix and works for a
|
||||
localhost connection with zero configuration beyond one `pg_hba.conf` line.
|
||||
|
||||
→ [`MOTHER-SETUP.md` §Setup step 6](../packaging/mother/MOTHER-SETUP.md#setup-one-time)
|
||||
|
||||
### Key on seed partition, not in the image
|
||||
|
||||
The `mother-mcp` private key is placed on the CLAWDIESEED partition, not baked
|
||||
into the ISO. The build script has a release guard that **refuses** to bake it
|
||||
into a release image. The seed importer (`clawdie-live-seed`) installs it at
|
||||
boot time.
|
||||
|
||||
**Why**: a release ISO is a downloadable artifact. Baking a private key into it
|
||||
would give every downloader access to the mother MCP. The seed partition is a
|
||||
separate physical medium that the operator controls. Even without a seed, the
|
||||
ISO boots and runs — the daemon's external MCP connection to mother fails
|
||||
gracefully (SSH: "config file not found"), and the node operates standalone.
|
||||
|
||||
→ [naming-decisions](./naming-decisions.md) ("Known residue"), clawdie-iso #133
|
||||
|
||||
### Daemon user, not operator
|
||||
|
||||
The colibri daemon runs as the `colibri` user (`/var/db/colibri`), not as the
|
||||
operator (`clawdie`, `/home/clawdie`). The external MCP SSH connection to mother
|
||||
is spawned by the daemon — so the SSH key, config, and known_hosts must be in
|
||||
the daemon's home. The seed importer installs SSH material to **both** homes
|
||||
(operator + daemon).
|
||||
|
||||
**Why not just put it in clawdie's home and `sudo`**: the daemon is not the
|
||||
operator. Running as a separate user means the blast radius of a daemon
|
||||
compromise is limited to what the `colibri` user can do — MCP calls to mother,
|
||||
not operator files or `sudo`.
|
||||
|
||||
→ [`clawdie-live-seed` (clawdie-iso)](https://code.smilepowered.org/clawdie/clawdie-iso/src/branch/main/live/operator-session/clawdie-live-seed),
|
||||
[`MOTHER-SETUP.md` §Key management](../packaging/mother/MOTHER-SETUP.md#key-management)
|
||||
|
||||
## See also
|
||||
|
||||
- [agent-harness](./agent-harness.md) — the zot/Colibri split; autospawn
|
||||
- [naming-decisions](./naming-decisions.md) — `usb_nodes → hive_nodes`, autospawn flag rename
|
||||
- [quality-gates](./quality-gates.md) — the gate that should catch drift at PR time
|
||||
1|# Mother hive
|
||||
2|
|
||||
3|← [index](./index.md)
|
||||
4|
|
||||
5|## What this is
|
||||
6|
|
||||
7|The mother node (OSA) coordinates USB operator nodes via MCP over SSH →
|
||||
8|PostgreSQL. USB nodes send hardware profiles; mother derives capabilities and
|
||||
9|maintains the hive registry. This page records the **decisions** behind the
|
||||
10|implementation — the rationale the code can't express. For setup instructions,
|
||||
11|architecture diagrams, and the first-run checklist, see
|
||||
12|[`packaging/mother/MOTHER-SETUP.md`](../../packaging/mother/MOTHER-SETUP.md).
|
||||
13|
|
||||
14|## Decisions
|
||||
15|
|
||||
16|### Forced-command SSH boundary (not a listening daemon)
|
||||
17|
|
||||
18|USB nodes reach mother by spawning `ssh colibri@mother` (no remote command).
|
||||
19|On the mother side, `authorized_keys` enforces
|
||||
20|`command="/usr/local/bin/colibri-mcp-ssh",restrict,...` — the connection
|
||||
21|**cannot** run an interactive shell or any command except the wrapper.
|
||||
22|
|
||||
23|The wrapper (`colibri-mcp-ssh`) further allowlists `SSH_ORIGINAL_COMMAND` to
|
||||
24|`""` (stdio MCP mode) or `"tools"` (one-shot discovery). Every other value is
|
||||
25|rejected.
|
||||
26|
|
||||
27|**Why not a listening daemon** (HTTP, gRPC, raw TCP): Tailscale encrypts the
|
||||
28|wire, so the SSH layer adds authentication + confinement without extra
|
||||
29|infrastructure (no TLS certs, no auth tokens, no open ports). The forced-command
|
||||
30|boundary is a second lock on top of the SSH key — even a compromised USB that
|
||||
31|holds the key can only invoke the wrapper, and the wrapper only delegates to
|
||||
32|colibri-mcp. Defense in depth, deployed as one OpenSSH feature.
|
||||
33|
|
||||
34|→ [`colibri-mcp-ssh`](../../packaging/mother/colibri-mcp-ssh), [`MOTHER-SETUP.md` §Security](../../packaging/mother/MOTHER-SETUP.md#security-properties)
|
||||
35|
|
||||
36|### Single home for mother infra (colibri, not clawdie-iso)
|
||||
37|
|
||||
38|The mother MCP scripts (`node-register-mcp`, `geodesic-dome-mcp`, etc.) were
|
||||
39|originally copied into both repos. The clawdie-iso copy drifted — its
|
||||
40|`node-register-mcp` used `E'${...}'` string interpolation (SQL-injectable)
|
||||
41|while the colibri copy used parameterized `psql -v :'variable'`. The iso copy
|
||||
42|was removed in clawdie-iso PR #129.
|
||||
43|
|
||||
44|**Lesson**: a script in two repos **will** drift. The wiki lint is single-repo
|
||||
45|and can't see cross-repo duplicates. The mitigation is discipline: mother infra
|
||||
46|lives in one place.
|
||||
47|
|
||||
48|→ [naming-decisions §Structural](./naming-decisions.md#structural-decisions) ("Single home" row)
|
||||
49|
|
||||
50|### `hive_nodes` — not `usb_nodes`
|
||||
51|
|
||||
52|The original table name assumed only USB-booted nodes would register. But a
|
||||
53|node is any host that joins the hive — USB, NVMe, a jail. Renamed to
|
||||
54|`hive_nodes` with a `node_type` column (colibri #161). The `derive_capabilities()`
|
||||
55|trigger is table-agnostic and auto-computes `has_gpu`, `gpu_vendor`,
|
||||
56|`can_run_local_llm`, `has_wifi`, `max_model` on INSERT.
|
||||
57|
|
||||
58|→ [`mother_schema.sql`](../../packaging/mother/mother_schema.sql),
|
||||
59|[naming-decisions](./naming-decisions.md) (`usb_nodes → hive_nodes` row)
|
||||
60|
|
||||
61|### PostgreSQL peer auth (no passwords)
|
||||
62|
|
||||
63|The `colibri` OS user connects to `mother_hive` via peer authentication — the
|
||||
64|kernel attests the Unix user, no password needed. `node-register-mcp` runs as
|
||||
65|this user and inherits the trust. No pgpass files, no env vars, no credential
|
||||
66|rotation. One moving part: the `pg_hba.conf` peer rule must precede any
|
||||
67|catch-all `local all all` line (first-match).
|
||||
68|
|
||||
69|**Why not a password or certificate**: passwords rotate and leak; certificates
|
||||
70|need a CA. Peer auth is built into PostgreSQL on every Unix and works for a
|
||||
71|localhost connection with zero configuration beyond one `pg_hba.conf` line.
|
||||
72|
|
||||
73|→ [`MOTHER-SETUP.md` §Setup step 6](../../packaging/mother/MOTHER-SETUP.md#setup-one-time)
|
||||
74|
|
||||
75|### Key on seed partition, not in the image
|
||||
76|
|
||||
77|The `mother-mcp` private key is placed on the CLAWDIESEED partition, not baked
|
||||
78|into the ISO. The build script has a release guard that **refuses** to bake it
|
||||
79|into a release image. The seed importer (`clawdie-live-seed`) installs it at
|
||||
80|boot time.
|
||||
81|
|
||||
82|**Why**: a release ISO is a downloadable artifact. Baking a private key into it
|
||||
83|would give every downloader access to the mother MCP. The seed partition is a
|
||||
84|separate physical medium that the operator controls. Even without a seed, the
|
||||
85|ISO boots and runs — the daemon's external MCP connection to mother fails
|
||||
86|gracefully (SSH: "config file not found"), and the node operates standalone.
|
||||
87|
|
||||
88|→ [naming-decisions](./naming-decisions.md) ("Known residue"), clawdie-iso #133
|
||||
89|
|
||||
90|### Daemon user, not operator
|
||||
91|
|
||||
92|The colibri daemon runs as the `colibri` user (`/var/db/colibri`), not as the
|
||||
93|operator (`clawdie`, `/home/clawdie`). The external MCP SSH connection to mother
|
||||
94|is spawned by the daemon — so the SSH key, config, and known_hosts must be in
|
||||
95|the daemon's home. The seed importer installs SSH material to **both** homes
|
||||
96|(operator + daemon).
|
||||
97|
|
||||
98|**Why not just put it in clawdie's home and `sudo`**: the daemon is not the
|
||||
99|operator. Running as a separate user means the blast radius of a daemon
|
||||
100|compromise is limited to what the `colibri` user can do — MCP calls to mother,
|
||||
101|not operator files or `sudo`.
|
||||
102|
|
||||
103|→ [`clawdie-live-seed` (clawdie-iso)](https://code.smilepowered.org/clawdie/clawdie-iso/src/branch/main/live/operator-session/clawdie-live-seed),
|
||||
104|[`MOTHER-SETUP.md` §Key management](../../packaging/mother/MOTHER-SETUP.md#key-management)
|
||||
105|
|
||||
106|## See also
|
||||
107|
|
||||
108|- [agent-harness](./agent-harness.md) — the zot/Colibri split; autospawn
|
||||
109|- [naming-decisions](./naming-decisions.md) — `usb_nodes → hive_nodes`, autospawn flag rename
|
||||
110|- [quality-gates](./quality-gates.md) — the gate that should catch drift at PR time
|
||||
111|
|
||||
|
|
@ -1,119 +1,120 @@
|
|||
---
|
||||
title: Matični hive
|
||||
description: "Kako matično vozlišče (OSA) usklajuje USB-operaterska vozlišča prek MCP prek SSH → PostgreSQL."
|
||||
---
|
||||
|
||||
← [kazalo](./index.md)
|
||||
|
||||
## Kaj je to
|
||||
|
||||
Matično vozlišče (OSA) usklajuje USB-operaterska vozlišča prek MCP prek SSH →
|
||||
PostgreSQL. USB-vozlišča pošiljajo profile strojne opreme; mati izpelje
|
||||
zmožnosti in vzdržuje hive register. Ta stran beleži **odločitve**, ki stojijo
|
||||
za izvedbo — utemeljitve, ki jih koda ne more izraziti. Za navodila za
|
||||
namestitev, arhitekturne diagrame in kontrolni seznam prvega zagona glejte
|
||||
[`packaging/mother/MOTHER-SETUP.md`](../packaging/mother/MOTHER-SETUP.md).
|
||||
|
||||
## Odločitve
|
||||
|
||||
### Meja SSH s prisiljenim ukazom (ne poslušajoči ozadnji proces)
|
||||
|
||||
USB-vozlišča dosežejo mater tako, da zaženejo `ssh colibri@mother` (brez
|
||||
oddaljenega ukaza). Na materini strani `authorized_keys` vsili
|
||||
`command="/usr/local/bin/colibri-mcp-ssh",restrict,...` — povezava **ne more**
|
||||
zagnati interaktivne lupine ali kateregakoli ukaza razen ovoja.
|
||||
|
||||
Ovoj (`colibri-mcp-ssh`) dodatno dovoli `SSH_ORIGINAL_COMMAND` samo kot `""`
|
||||
(stdio MCP način) ali `"tools"` (enkratno odkritje). Vsaka druga vrednost je
|
||||
zavrnjena.
|
||||
|
||||
**Zakaj ne poslušajoči ozadnji proces** (HTTP, gRPC, surovi TCP): Tailscale šifrira
|
||||
prenos, zato plast SSH doda avtentikacijo in omejitev brez dodatne
|
||||
infrastrukture (brez TLS certifikatov, brez avtentikacijskih žetonov, brez
|
||||
odprtih vrat). Meja s prisiljenim ukazom je druga ključavnica poleg SSH
|
||||
ključa — tudi ogroženi USB, ki drži ključ, lahko samo pokliče ovoj, ovoj pa
|
||||
samo delegira colibri-mcp. Obramba v globino, nameščena kot ena funkcija
|
||||
OpenSSH.
|
||||
|
||||
→ [`colibri-mcp-ssh`](../packaging/mother/colibri-mcp-ssh),
|
||||
[`MOTHER-SETUP.md` §Varnost](../packaging/mother/MOTHER-SETUP.md#varnostne-lastnosti)
|
||||
|
||||
### En sam dom za matično infrastrukturo (colibri, ne clawdie-iso)
|
||||
|
||||
Matični MCP skripti (`node-register-mcp`, `geodesic-dome-mcp` itd.) so bili
|
||||
prvotno kopirani v oba repozitorija. Kopija v clawdie-iso je odnesla — njen
|
||||
`node-register-mcp` je uporabljal interpolacijo nizov `E'${...}'` (dovzetno
|
||||
za SQL-injekcijo), medtem ko je kopija v colibri uporabljala parametrizirani
|
||||
`psql -v :'variable'`. Kopija v iso je bila odstranjena v clawdie-iso PR #129.
|
||||
|
||||
**Nauk**: skripta v dveh repozitorijih **bo** odnesla. Wiki lint je
|
||||
enorepozitorijski in ne vidi podvojenih skript med repozitoriji. Zmanjšanje
|
||||
tveganja je disciplina: matična infrastruktura živi na enem mestu.
|
||||
|
||||
→ [naming-decisions §Strukturne](./naming-decisions.md#strukturne-odločitve)
|
||||
(vrstica "En sam dom")
|
||||
|
||||
### `hive_nodes` — ne `usb_nodes`
|
||||
|
||||
Prvotno ime tabele je predpostavljalo, da se bodo registrirala samo
|
||||
USB-zagnana vozlišča. Toda vozlišče je vsak gostitelj, ki se pridruži hive —
|
||||
USB, NVMe, ječa. Preimenovano v `hive_nodes` s stolpcem `node_type` (colibri
|
||||
#161). Sprožilec `derive_capabilities()` je agnostičen glede tabele in ob
|
||||
INSERT samodejno izračuna `has_gpu`, `gpu_vendor`, `can_run_local_llm`,
|
||||
`has_wifi`, `max_model`.
|
||||
|
||||
→ [`mother_schema.sql`](../packaging/mother/mother_schema.sql),
|
||||
[naming-decisions](./naming-decisions.md) (vrstica `usb_nodes → hive_nodes`)
|
||||
|
||||
### PostgreSQL peer avtentikacija (brez gesel)
|
||||
|
||||
Uporabnik OS `colibri` se poveže na `mother_hive` prek peer avtentikacije —
|
||||
jedro potrdi Unix uporabnika, geslo ni potrebno. `node-register-mcp` teče kot
|
||||
ta uporabnik in podeduje zaupanje. Brez datotek pgpass, brez spremenljivk
|
||||
okolja, brez vrtenja poverilnic. En gibljivi del: pravilo `peer` v
|
||||
`pg_hba.conf` mora biti pred morebitno vrstico `local all all` (prvo
|
||||
ujemanje).
|
||||
|
||||
**Zakaj ne geslo ali certifikat**: gesla se vrtijo in uhajajo; certifikati
|
||||
potrebujejo CA. Peer avtentikacija je vgrajena v PostgreSQL na vsakem Unixu
|
||||
in deluje za povezavo localhost z nič konfiguracije razen ene vrstice v
|
||||
`pg_hba.conf`.
|
||||
|
||||
→ [`MOTHER-SETUP.md` §Namestitev, 6. korak](../packaging/mother/MOTHER-SETUP.md#enkratna-namestitev)
|
||||
|
||||
### Ključ na semenski particiji, ne v sliki
|
||||
|
||||
Zasebni ključ `mother-mcp` je nameščen na particijo CLAWDIESEED, ne zapečen v
|
||||
ISO. Gradbeni skript ima varovalko za izdajo, ki **zavrne** vgradnjo ključa v
|
||||
sliko za izdajo. Uvoznik semena (`clawdie-live-seed`) ga namesti ob zagonu.
|
||||
|
||||
**Zakaj**: ISO za izdajo je prenosljiv artefakt. Vgradnja zasebnega ključa
|
||||
vanj bi vsakemu prenašalcu dala dostop do materinega MCP. Semenska particija
|
||||
je ločen fizični medij, ki ga nadzoruje operater. Tudi brez semena se ISO
|
||||
zažene in deluje — zunanja MCP povezava ozadnjega procesa do matere odpove elegantno
|
||||
(SSH: "config file not found"), vozlišče pa deluje samostojno.
|
||||
|
||||
→ [naming-decisions](./naming-decisions.md) ("Znani ostanek"), clawdie-iso #133
|
||||
|
||||
### Demonov uporabnik, ne operater
|
||||
|
||||
Colibri ozadnji proces teče kot uporabnik `colibri` (`/var/db/colibri`), ne kot
|
||||
operater (`clawdie`, `/home/clawdie`). Zunanjo MCP SSH povezavo do matere
|
||||
zažene ozadnji proces — zato morajo biti SSH ključ, konfiguracija in known_hosts v
|
||||
v domu ozadnjega procesa. Uvoznik semena namesti SSH gradivo v **oba** domova (operater
|
||||
|
||||
- ozadnji proces).
|
||||
|
||||
**Zakaj ne preprosto v clawdiejev dom in `sudo`**: ozadnji proces ni operater. Tek kot
|
||||
ločen uporabnik pomeni, da je domet ogroženega ozadnjega procesa omejen na tisto, kar
|
||||
uporabnik `colibri` lahko počne — MCP klici do matere, ne operaterske
|
||||
datoteke ali `sudo`.
|
||||
|
||||
→ [`clawdie-live-seed` (clawdie-iso)](https://code.smilepowered.org/clawdie/clawdie-iso/src/branch/main/live/operator-session/clawdie-live-seed),
|
||||
[`MOTHER-SETUP.md` §Upravljanje ključev](../packaging/mother/MOTHER-SETUP.md#upravljanje-ključev)
|
||||
|
||||
## Glej tudi
|
||||
|
||||
- [agent-harness](./agent-harness.md) — razcep zot/Colibri; samodejni zagon
|
||||
- [naming-decisions](./naming-decisions.md) — `usb_nodes → hive_nodes`, preimenovanje zastavice autospawn
|
||||
- [quality-gates](./quality-gates.md) — preverjanje, ki bi moralo ujeti odmik ob času PR
|
||||
1|---
|
||||
2|title: Matični hive
|
||||
3|description: "Kako matično vozlišče (OSA) usklajuje USB-operaterska vozlišča prek MCP prek SSH → PostgreSQL."
|
||||
4|---
|
||||
5|
|
||||
6|← [kazalo](./index.md)
|
||||
7|
|
||||
8|## Kaj je to
|
||||
9|
|
||||
10|Matično vozlišče (OSA) usklajuje USB-operaterska vozlišča prek MCP prek SSH →
|
||||
11|PostgreSQL. USB-vozlišča pošiljajo profile strojne opreme; mati izpelje
|
||||
12|zmožnosti in vzdržuje hive register. Ta stran beleži **odločitve**, ki stojijo
|
||||
13|za izvedbo — utemeljitve, ki jih koda ne more izraziti. Za navodila za
|
||||
14|namestitev, arhitekturne diagrame in kontrolni seznam prvega zagona glejte
|
||||
15|[`packaging/mother/MOTHER-SETUP.md`](../../packaging/mother/MOTHER-SETUP.md).
|
||||
16|
|
||||
17|## Odločitve
|
||||
18|
|
||||
19|### Meja SSH s prisiljenim ukazom (ne poslušajoči ozadnji proces)
|
||||
20|
|
||||
21|USB-vozlišča dosežejo mater tako, da zaženejo `ssh colibri@mother` (brez
|
||||
22|oddaljenega ukaza). Na materini strani `authorized_keys` vsili
|
||||
23|`command="/usr/local/bin/colibri-mcp-ssh",restrict,...` — povezava **ne more**
|
||||
24|zagnati interaktivne lupine ali kateregakoli ukaza razen ovoja.
|
||||
25|
|
||||
26|Ovoj (`colibri-mcp-ssh`) dodatno dovoli `SSH_ORIGINAL_COMMAND` samo kot `""`
|
||||
27|(stdio MCP način) ali `"tools"` (enkratno odkritje). Vsaka druga vrednost je
|
||||
28|zavrnjena.
|
||||
29|
|
||||
30|**Zakaj ne poslušajoči ozadnji proces** (HTTP, gRPC, surovi TCP): Tailscale šifrira
|
||||
31|prenos, zato plast SSH doda avtentikacijo in omejitev brez dodatne
|
||||
32|infrastrukture (brez TLS certifikatov, brez avtentikacijskih žetonov, brez
|
||||
33|odprtih vrat). Meja s prisiljenim ukazom je druga ključavnica poleg SSH
|
||||
34|ključa — tudi ogroženi USB, ki drži ključ, lahko samo pokliče ovoj, ovoj pa
|
||||
35|samo delegira colibri-mcp. Obramba v globino, nameščena kot ena funkcija
|
||||
36|OpenSSH.
|
||||
37|
|
||||
38|→ [`colibri-mcp-ssh`](../../packaging/mother/colibri-mcp-ssh),
|
||||
39|[`MOTHER-SETUP.md` §Varnost](../../packaging/mother/MOTHER-SETUP.md#varnostne-lastnosti)
|
||||
40|
|
||||
41|### En sam dom za matično infrastrukturo (colibri, ne clawdie-iso)
|
||||
42|
|
||||
43|Matični MCP skripti (`node-register-mcp`, `geodesic-dome-mcp` itd.) so bili
|
||||
44|prvotno kopirani v oba repozitorija. Kopija v clawdie-iso je odnesla — njen
|
||||
45|`node-register-mcp` je uporabljal interpolacijo nizov `E'${...}'` (dovzetno
|
||||
46|za SQL-injekcijo), medtem ko je kopija v colibri uporabljala parametrizirani
|
||||
47|`psql -v :'variable'`. Kopija v iso je bila odstranjena v clawdie-iso PR #129.
|
||||
48|
|
||||
49|**Nauk**: skripta v dveh repozitorijih **bo** odnesla. Wiki lint je
|
||||
50|enorepozitorijski in ne vidi podvojenih skript med repozitoriji. Zmanjšanje
|
||||
51|tveganja je disciplina: matična infrastruktura živi na enem mestu.
|
||||
52|
|
||||
53|→ [naming-decisions §Strukturne](./naming-decisions.md#strukturne-odločitve)
|
||||
54|(vrstica "En sam dom")
|
||||
55|
|
||||
56|### `hive_nodes` — ne `usb_nodes`
|
||||
57|
|
||||
58|Prvotno ime tabele je predpostavljalo, da se bodo registrirala samo
|
||||
59|USB-zagnana vozlišča. Toda vozlišče je vsak gostitelj, ki se pridruži hive —
|
||||
60|USB, NVMe, ječa. Preimenovano v `hive_nodes` s stolpcem `node_type` (colibri
|
||||
61|#161). Sprožilec `derive_capabilities()` je agnostičen glede tabele in ob
|
||||
62|INSERT samodejno izračuna `has_gpu`, `gpu_vendor`, `can_run_local_llm`,
|
||||
63|`has_wifi`, `max_model`.
|
||||
64|
|
||||
65|→ [`mother_schema.sql`](../../packaging/mother/mother_schema.sql),
|
||||
66|[naming-decisions](./naming-decisions.md) (vrstica `usb_nodes → hive_nodes`)
|
||||
67|
|
||||
68|### PostgreSQL peer avtentikacija (brez gesel)
|
||||
69|
|
||||
70|Uporabnik OS `colibri` se poveže na `mother_hive` prek peer avtentikacije —
|
||||
71|jedro potrdi Unix uporabnika, geslo ni potrebno. `node-register-mcp` teče kot
|
||||
72|ta uporabnik in podeduje zaupanje. Brez datotek pgpass, brez spremenljivk
|
||||
73|okolja, brez vrtenja poverilnic. En gibljivi del: pravilo `peer` v
|
||||
74|`pg_hba.conf` mora biti pred morebitno vrstico `local all all` (prvo
|
||||
75|ujemanje).
|
||||
76|
|
||||
77|**Zakaj ne geslo ali certifikat**: gesla se vrtijo in uhajajo; certifikati
|
||||
78|potrebujejo CA. Peer avtentikacija je vgrajena v PostgreSQL na vsakem Unixu
|
||||
79|in deluje za povezavo localhost z nič konfiguracije razen ene vrstice v
|
||||
80|`pg_hba.conf`.
|
||||
81|
|
||||
82|→ [`MOTHER-SETUP.md` §Namestitev, 6. korak](../../packaging/mother/MOTHER-SETUP.md#enkratna-namestitev)
|
||||
83|
|
||||
84|### Ključ na semenski particiji, ne v sliki
|
||||
85|
|
||||
86|Zasebni ključ `mother-mcp` je nameščen na particijo CLAWDIESEED, ne zapečen v
|
||||
87|ISO. Gradbeni skript ima varovalko za izdajo, ki **zavrne** vgradnjo ključa v
|
||||
88|sliko za izdajo. Uvoznik semena (`clawdie-live-seed`) ga namesti ob zagonu.
|
||||
89|
|
||||
90|**Zakaj**: ISO za izdajo je prenosljiv artefakt. Vgradnja zasebnega ključa
|
||||
91|vanj bi vsakemu prenašalcu dala dostop do materinega MCP. Semenska particija
|
||||
92|je ločen fizični medij, ki ga nadzoruje operater. Tudi brez semena se ISO
|
||||
93|zažene in deluje — zunanja MCP povezava ozadnjega procesa do matere odpove elegantno
|
||||
94|(SSH: "config file not found"), vozlišče pa deluje samostojno.
|
||||
95|
|
||||
96|→ [naming-decisions](./naming-decisions.md) ("Znani ostanek"), clawdie-iso #133
|
||||
97|
|
||||
98|### Demonov uporabnik, ne operater
|
||||
99|
|
||||
100|Colibri ozadnji proces teče kot uporabnik `colibri` (`/var/db/colibri`), ne kot
|
||||
101|operater (`clawdie`, `/home/clawdie`). Zunanjo MCP SSH povezavo do matere
|
||||
102|zažene ozadnji proces — zato morajo biti SSH ključ, konfiguracija in known_hosts v
|
||||
103|v domu ozadnjega procesa. Uvoznik semena namesti SSH gradivo v **oba** domova (operater
|
||||
104|
|
||||
105|- ozadnji proces).
|
||||
106|
|
||||
107|**Zakaj ne preprosto v clawdiejev dom in `sudo`**: ozadnji proces ni operater. Tek kot
|
||||
108|ločen uporabnik pomeni, da je domet ogroženega ozadnjega procesa omejen na tisto, kar
|
||||
109|uporabnik `colibri` lahko počne — MCP klici do matere, ne operaterske
|
||||
110|datoteke ali `sudo`.
|
||||
111|
|
||||
112|→ [`clawdie-live-seed` (clawdie-iso)](https://code.smilepowered.org/clawdie/clawdie-iso/src/branch/main/live/operator-session/clawdie-live-seed),
|
||||
113|[`MOTHER-SETUP.md` §Upravljanje ključev](../../packaging/mother/MOTHER-SETUP.md#upravljanje-ključev)
|
||||
114|
|
||||
115|## Glej tudi
|
||||
116|
|
||||
117|- [agent-harness](./agent-harness.md) — razcep zot/Colibri; samodejni zagon
|
||||
118|- [naming-decisions](./naming-decisions.md) — `usb_nodes → hive_nodes`, preimenovanje zastavice autospawn
|
||||
119|- [quality-gates](./quality-gates.md) — preverjanje, ki bi moralo ujeti odmik ob času PR
|
||||
120|
|
||||
Loading…
Add table
Reference in a new issue