diff --git a/docs/PRIORITY-HANDOFF-ISO-SPAWN-COST.md b/docs/PRIORITY-HANDOFF-ISO-SPAWN-COST.md index fdbf89b..4481cda 100644 --- a/docs/PRIORITY-HANDOFF-ISO-SPAWN-COST.md +++ b/docs/PRIORITY-HANDOFF-ISO-SPAWN-COST.md @@ -27,17 +27,17 @@ Gate 1 (passive service) is unproven. ### What's done (build wiring) -| Artifact / step | Location | Status | -| -------------------- | ------------------------------------------------ | ---------------------------------------------------------------------------------------------- | -| staging script | `scripts/stage-colibri-iso.sh` | done — copies `colibri-daemon`, `colibri`, `colibri-test-agent`, rc.d, newsyslog, creates dirs | -| rc.d script | `packaging/freebsd/colibri_daemon.in` | done — `start_precmd`, pidfile, daemon(8) wrapper, `COLIBRI_COST_MODE` propagation | -| newsyslog config | `packaging/freebsd/newsyslog-colibri.conf` | done | -| rc.conf.sample | generated by staging script | done | -| acceptance runbook | `docs/ISO-ACCEPTANCE-RUNBOOK.md` | done | -| build integration | clawdie-iso `build.sh::install_colibri_service` | done — calls `stage-colibri-iso.sh` against the image root | -| `colibri` user/group | clawdie-iso `build.sh` (`pw useradd colibri`) | done — created in the image during build | -| service enable | clawdie-iso `build.sh` (`colibri_daemon_enable`) | done — written into image rc.conf | -| prebuilt binaries | build-host Rust toolchain (preflight-gated) | done — `build.sh` stages prebuilt release binaries and fails preflight if missing | +| Artifact / step | Location | Status | +| -------------------- | ------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------- | +| staging script | clawdie-iso `scripts/stage-colibri-iso.sh` | done — copies `colibri-daemon`, `colibri`, `colibri-test-agent`, rc.d, newsyslog, creates dirs (canonical; lives in clawdie-iso) | +| rc.d script | `packaging/freebsd/colibri_daemon.in` | done — `start_precmd`, pidfile, daemon(8) wrapper, `COLIBRI_COST_MODE` propagation | +| newsyslog config | `packaging/freebsd/newsyslog-colibri.conf` | done | +| rc.conf.sample | generated by staging script | done | +| acceptance runbook | `docs/ISO-ACCEPTANCE-RUNBOOK.md` | done | +| build integration | clawdie-iso `build.sh::install_colibri_service` | done — calls `stage-colibri-iso.sh` against the image root | +| `colibri` user/group | clawdie-iso `build.sh` (`pw useradd colibri`) | done — created in the image during build | +| service enable | clawdie-iso `build.sh` (`colibri_daemon_enable`) | done — written into image rc.conf | +| prebuilt binaries | build-host Rust toolchain (preflight-gated) | done — `build.sh` stages prebuilt release binaries and fails preflight if missing | ### What's missing (boot/runtime validation) @@ -81,7 +81,7 @@ Gate 1 (passive service) is unproven. ### Key files -- `scripts/stage-colibri-iso.sh` — the staging script (dir creation, bin copy, rc.d install, rc.conf.sample generation) +- clawdie-iso `scripts/stage-colibri-iso.sh` — the staging script (dir creation, bin copy, rc.d install, rc.conf.sample generation). Canonical copy lives in clawdie-iso; the colibri repo no longer keeps a duplicate. - `packaging/freebsd/colibri_daemon.in` — rc.d script - `docs/ISO-ACCEPTANCE-RUNBOOK.md` — acceptance commands to run on the booted image - `docs/FREEBSD-BUILD-LANE-HANDOFF.md` — step-by-step build/boot/validate handoff for the FreeBSD agent diff --git a/scripts/stage-colibri-iso.sh b/scripts/stage-colibri-iso.sh deleted file mode 100755 index 11978b2..0000000 --- a/scripts/stage-colibri-iso.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/sh -# Stage Colibri FreeBSD service files into an ISO/image root. -# -# Usage: -# cargo build --workspace --release -# scripts/stage-colibri-iso.sh /path/to/image-root -# -# Optional env: -# COLIBRI_STAGE_CHOWN=1 # chown service dirs to colibri:colibri (requires root) -# COLIBRI_STAGE_INCLUDE_TUI=0 # skip colibri-tui even when built -# COLIBRI_STAGE_ENABLE=YES # value written in rc.conf sample (default: NO) - -set -eu - -if [ "${1:-}" = "" ]; then - echo "usage: $0 DESTDIR" >&2 - exit 64 -fi - -DESTDIR=$1 -ROOT=$(CDPATH= cd -- "$(dirname -- "$0")/.." && pwd) -TARGET=${CARGO_TARGET_DIR:-"$ROOT/target"}/release - -BIN_DIR="$DESTDIR/usr/local/bin" -RC_DIR="$DESTDIR/usr/local/etc/rc.d" -ETC_DIR="$DESTDIR/usr/local/etc/colibri" -NEWSYSLOG_DIR="$DESTDIR/usr/local/etc/newsyslog.conf.d" -DB_DIR="$DESTDIR/var/db/colibri" -RUN_DIR="$DESTDIR/var/run/colibri" -LOG_DIR="$DESTDIR/var/log/colibri" - -require_bin() { - if [ ! -x "$TARGET/$1" ]; then - echo "missing $TARGET/$1; run: cargo build --workspace --release" >&2 - exit 66 - fi -} - -copy_bin() { - require_bin "$1" - install -m 0555 "$TARGET/$1" "$BIN_DIR/$1" -} - -mkdir -p "$BIN_DIR" "$RC_DIR" "$ETC_DIR" "$NEWSYSLOG_DIR" "$DB_DIR" "$RUN_DIR" "$LOG_DIR" - -copy_bin colibri-daemon -copy_bin colibri -copy_bin colibri-test-agent - -if [ "${COLIBRI_STAGE_INCLUDE_TUI:-1}" != "0" ] && [ -x "$TARGET/colibri-tui" ]; then - copy_bin colibri-tui -fi - -install -m 0555 "$ROOT/packaging/freebsd/colibri_daemon.in" \ - "$RC_DIR/colibri_daemon" - -install -m 0644 "$ROOT/packaging/freebsd/newsyslog-colibri.conf" \ - "$NEWSYSLOG_DIR/colibri.conf" - -cat > "$ETC_DIR/rc.conf.sample" < "$ETC_DIR/README.iso" <<'EOF' -Colibri ISO staging notes -========================= - -Required service account on the target system: - - pw groupadd colibri - pw useradd colibri -g colibri -d /var/db/colibri -s /usr/sbin/nologin - -Runtime validation: - - service colibri_daemon start - colibri status - colibri create-task --title "iso check" - colibri list-tasks --status queued - service colibri_daemon stop -EOF - -chmod 0750 "$DB_DIR" "$RUN_DIR" "$LOG_DIR" - -if [ "${COLIBRI_STAGE_CHOWN:-0}" = "1" ]; then - chown colibri:colibri "$DB_DIR" "$RUN_DIR" "$LOG_DIR" -fi - -cat <