clawdie/colibri
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 31
colibri/packaging
History
Sam & Claude 116277ba7a
Some checks failed
CI / rust (pull_request) Has been cancelled
Details
CI / markdown (pull_request) Has been cancelled
Details
CI / port (pull_request) Has been cancelled
Details
CI / agent-jail-pkgs (pull_request) Has been cancelled
Details
docs(mother): add osa first-run verification checklist 
An ordered first-run checklist for deploying on osa (or any new mother),
covering the things that can only be validated against a live PostgreSQL +
FreeBSD host:

- build 0.12 on FreeBSD from current main + ci-checks (Linux binaries won't run)
- record any pre-existing node-register before install
- post-install integrity: installed node-register is the hardened hive_nodes
  version (grep -c "E'" == 0; grep hive_nodes > 0) — not the injectable copy
- schema migrated in place (usb_nodes renamed, not duplicated; node_type present)
- peer auth works; pg_hba peer rule present AND precedes generic local rules
- external-mcp has all three servers (jq-merge preserved existing)
- SSH forced-command wrapper rejects non-allowlisted commands
- daemon env + service live; key hygiene (private key → seed only)

Captures the operational risks flagged during the mother-infra review.
2026-06-24 10:56:56 +02:00
..
freebsd Merge pull request 'fix(bootstrap): chown jail /home/clawdie so daemon can write staging files' (#150) from fix/jail-home-chown into main 2026-06-23 08:13:28 +02:00
mother docs(mother): add osa first-run verification checklist 2026-06-24 10:56:56 +02:00