domedog is Docker-free by choice (overhead not yet worth it); the probe in
HOST-MATRIX confirms it. Reframe the "Who we are" bullet so Linux stays the
daily driver / ecosystem reach, but Docker is scoped to debby and domedog is
noted as running lean on the host. Survivability framing is unchanged.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Pull durable knowledge out of agent session memory into the cross-harness
contract so every harness/agent honors it, not just this session:
- USER.md: new Conventions & voice section (EU date format DD.mon.YYYY,
positive instruction framing, plain-language naming + detection not
sniffing, lean/current docs). Colibri fact 12 -> 13 crates, MIT, v0.11.0.
- AGENTS.md: two operating rules (verify on the forge not local git status;
CI dormant by choice, merges ride local gates, domedog stays Docker-free).
- HOST-MATRIX.md + AGENTS.md matrix: domedog isolation Docker -> host
(no Docker), matching the probe in HOST-MATRIX section 3.
- curated/: colibri 13 crates/MIT/0.11.0 + vault, python3=3.11 policy,
real Docker layout (debby only; domedog Docker-free), hermes-bsd row.
Validated: scripts/layered_soul.py validate . -> OK.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Per operator decision: stop fighting FreeBSD's PYTHON_DEFAULT=3.11 — python3 is
3.11 everywhere, python3.12 stays available for apps needing newer. This makes
Pillow trivial (py311-pillow imports on python3), so the prior "3.12 floor +
py312-pillow absent + run on 3.11 explicitly" explanation collapses.
- TOOLCHAIN.md: table row + decision section flipped to 3.11-default and cut to a
few lines (supersedes the 17.jun.2026 "3.12 floor" decision); symlink note now
says build.sh points python3 at 3.11.
- CAPABILITY-ROUTING.md: trimmed the osa line + worked example — image-render via
py311-pillow on python3, no version gymnastics.
- HOST-MATRIX.md: trimmed the operator-image image-render/screenshot note.
prettier + layered_soul validate clean. Dates in edited blocks use EU format.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Follow-on to clawdie-iso #85 (py311-pillow + join-hive capability detection):
the operator image now advertises image-render and screenshot, so the
capability is no longer Linux/domedog-only. Update the CAPABILITY-ROUTING worked
example and the HOST-MATRIX capability note accordingly.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Reconcile the toolchain + capability docs with clawdie-iso #84 (FreeBSD
PYTHON_DEFAULT=3.11):
- TOOLCHAIN.md: the FreeBSD column claimed `py312-*` flavors; reality is
python312 (app) + python311 (pkg default, transitive), with py311-* prebuilt
and py312-* absent in the quarterly repo. Added the 3.11/3.12 coexistence note
("3.12 floor" = floor for our code, not a ban on the base's 3.11).
- CAPABILITY-ROUTING.md: corrected the imprecise "Pillow dropped on FreeBSD"
rationale. The blocker was the missing py312-pillow flavor, not Pillow itself;
the prebuilt py311-pillow is available, so image-render can be restored on
FreeBSD via 3.11. Clarified screenshot also needs a display (XFCE operator
image yes, headless osa no → image-render only there).
prettier + layered_soul validate clean.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
register-tenant/list-tenants (#101) and --jail-name/--jail-root on spawn
(#102) are merged to colibri main (PR #107). Update Status: CLI-driveability
moves to DONE/merged, the critical-path note reflects the manual SQLite +
raw-socket steps are now CLI commands, and the one-line plan drops the
"merge #101/#102" step.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
External skill marketplaces (clawhub.ai, skills.sh, lobehub, browse.sh,
claude-marketplace) are unvetted instruction streams ingested into an agent's
context — a prompt-injection / supply-chain vector, the same class of risk as
`pkg install` from a random mirror, one layer up. Combined with the poudriere
plan, the conclusion is a first-party repository for BOTH layers.
- HIVE-ONBOARDING §10 (new): the trusted supply chain. pkg.clawdie.si (packages)
gets a sibling first-party skill repo (proposed skills.clawdie.si). External
sources become staging/review input, never a direct tenant runtime dep:
curate → pin → sign → publish. Clarifies clawhub.ai is third-party, unrelated
to pkg.clawdie.si (different layer + ownership).
- HIVE-ONBOARDING §5: mother expanded as the PAID product surface — paid tenants
are provisioned first-party-only; that hardening is the thing worth paying for.
§6 moat + §7 invariant + Status open-work updated to match.
- HOST-MATRIX §2: new "Registry & supply-chain provenance" table (first-party vs
third-party per layer); mother-build row notes it serves pkg.clawdie.si.
Validation: prettier@3 --check; python3 scripts/layered_soul.py validate . — pass.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Follow-up to #74. Two concrete fixes to the "identity wallpaper on join" step:
1. tmp policy: the join script hardcoded WP=/tmp/clawdie-wallpaper.png, passing
it to clawdie-wallpaper-gen and overriding the safe SCRATCH_DIR default that
9ae8d25 had just introduced (project-local tmp/ or app-owned cache). The
generator now prints its chosen path on stdout (human note → stderr) and the
join script captures it: WP=$(clawdie-wallpaper-gen). No host-global /tmp.
2. wallpaper actually applies: replaced the hardcoded
/backdrop/screen0/monitor0/workspace0/last-image with an enumeration over
every existing */last-image property (XFCE keys backdrops by connector name,
e.g. monitorHDMI-1, not monitor0), falling back to creating the default
property on first boot/headless, then xfdesktop --reload.
SKILL.md updated to document the stdout contract and multi-monitor wiring.
Validation: sh -n on both scripts; prettier@3 --check SKILL.md;
python3 scripts/layered_soul.py validate . — all pass.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
- Panel indicator: add have() checks for nc/python3, warn on missing
deps instead of failing silently, distinct states for socket-down
vs no-response with actionable tooltip text
- Join Hive: generate and apply identity wallpaper on success as
visual 'you're in' confirmation via xfconf-query
- SKILL.md: document new behaviors
Sync the wallpaper helper and iso-visuals guidance with the project-local tmp policy, falling back to app-owned live cache paths when no project root exists.\n\nValidation: sh -n skills/iso-visuals/scripts/clawdie-wallpaper-gen.sh skills/iso-visuals/scripts/clawdie-join-hive.sh; npx --yes prettier@3 --check skills/iso-visuals/SKILL.md; python3 scripts/layered_soul.py validate .
Mirror the Clawdie ISO Join Hive and wallpaper helper hardening in the iso-visuals skill, fix the desktop Exec path, and clarify staged-helper versus wired-default behavior.\n\nValidation: sh -n skills/iso-visuals/scripts/clawdie-join-hive.sh skills/iso-visuals/scripts/clawdie-wallpaper-gen.sh; npx --yes prettier@3 --check skills/iso-visuals/SKILL.md; python3 scripts/layered_soul.py validate .
Three improvements for the Clawdie ISO first-boot desktop:
1. Panel health indicator (xfce4-genmon)
- polls colibri socket every 30s
- green/red dot + agent count + task count
- click to open colibri status in terminal
2. Identity wallpaper generator
- overlays hostname, Tailscale IP, Colibri port, FreeBSD release
- runs on first boot, caches result
- requires ImageMagick (add to ISO pkg list)
3. Join Hive launcher
- one-click agent registration in visible terminal
- checks daemon → vault creds → detect capabilities → register
- idempotent, safe to re-run
- pauses on result so operator reads before closing
All three scripts + skill.md + desktop entry in skills/iso-visuals/.
- provenance table: add vultr-svc row (Forgejo + Vaultwarden, verified off-OVH
but a shared-box SPOF) — the third provider now in the picture.
- DPIA gate: scope to automated decisions about individuals (Art. 35/22); the
internal agent scheduler (routing to machines) does not trigger it.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Append to HOST-MATRIX §4, grounded in a verified DNS check:
- Forgejo + Vaultwarden both run on Vultr (different provider than osa/OVH —
good), but share ONE box = single point of failure for backups AND secrets;
that box needs its own off-box backup + test-restore.
- broaden MFA to every master-key account (OVH, Vultr, registrar, Forgejo,
Vaultwarden) + domain auto-renew (lapsed domain kills pkg.clawdie.si/ACME/SSH).
- billing hygiene (auto-renew/commitment/price-EOL windows).
- continuity plan is contractually required (GTS §6.3); multi-host survivability
is the recovery plan since provider SLA = credits only.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Use the 460 W high-load fan/PSU mark as the planning assumption for multitenant use, with GEN-I energy and URO network tariff estimates.\n\nValidation: npx --yes prettier@3 --check docs/HOST-MATRIX.md; python3 scripts/layered_soul.py validate .
Track hosting spend as a verified fleet fact alongside disk and hardware, seed TBD rows for osa/domedom/debby/proposed OVH build capacity/ML350p, and update HIVE status now that first-proof blockers are code-complete.\n\nValidation: npx --yes prettier@3 --check docs/HOST-MATRIX.md docs/HIVE-ONBOARDING.md; python3 scripts/layered_soul.py validate .
Persist the reconstructed plan: all four MVP steps code-complete on colibri main;
first proof is not code-blocked (interim manual runbook path); open work
categorized (hardening #100/#92, CLI-driveability #101/#102, naming #98/iso#70).
PR #90 (tenants table) closed as superseded — already on main.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
First proven end-to-end uses a scratch jail + throwaway test collection only; no
real tenant data until path hardening (#92) lands. First-proof blockers are #88
(resolve collection by name) and #89 (per-call unlock); #92 is hardening.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The handoff's work shipped (hermes-osa LIVE, validated, Telegram consolidated,
cross-host routing done); its facts now live in HOST-MATRIX. It carried the last
legacy 'do not do the old thing' content (Autolycus / AUTOLYCUS_HOME / preserve
clawdie-ai runtime) — removed per its own deletion criteria and the
decisions-match-shipped-code principle.
Kept (deliberately): security rules (never commit secrets/share tokens, bootstrap
never enters the jail) and technical guidance (FreeBSD --remote, lock ordering,
test counting) — those are correct current decisions stated as imperatives, not
legacy cruft.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
debby is a laptop that powers off periodically; osa is the always-on VPS and
already hosts the colibri board. The hub must live where it never disappears, so
the orchestrator role moves to hermes-osa; debby drops to secondary agent + soul
backup.
- AGENTS.md, HOST-MATRIX, agent-roster, tailscale-network: role swap + always-on/
intermittent facts
- HOST-MATRIX + CAPABILITY-ROUTING: corrected 'debby orchestrator dispatches' ->
osa hosts the board, debby/domedog are clients
- integration doc + SOUL/project-structure survivability lines reconciled
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Real tailnet IPs and Telegram bot handles were being committed in docs/
memories/skills. Scrubbed all tracked markdown to ${VAR} placeholders; real
values now live in fleet.env (gitignored) and stay live via 'tailscale status'.
- add fleet.env.example (committed) + fleet.env (gitignored); .gitignore *.env
- AGENTS.md + HOST-MATRIX: masking convention so it can't recur
- also: domedog registered as Colibri agent (image-render/ffmpeg/build lane);
correct CAPABILITY-ROUTING example to real registered caps (domedog headless)
Past commits not rewritten (history moves to Codeberg at v1.0); this fixes HEAD.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
New docs/MCP-INTEGRATION.md: how the two Hermes instances connect via MCP
using colibri-mcp as the hub-and-spoke front-end to the shared board, rather
than a direct mesh. Grounded in actual code:
- Hermes is both MCP server (hermes mcp serve) and client (mcp_servers config)
- colibri-mcp tool surface + env vars (COLIBRI_MCP_SOCKET/WRITE), socket transport
- ties into the live board + poller/worker loop and the socat cross-host bridge
- LIVE/SETUP/PLANNED tags; security, rejected mesh alternative, external-MCP future
Cross-linked from CAPABILITY-ROUTING.md.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Cross-host transport landed via colibri PR #83 (socat bridge on osa
100.72.229.63:9190, Tailscale-only, + poller/worker loop), validated
debby<->osa.
- HOST-MATRIX: Current-vs-Designed note -> Routing LIVE; Track C -> DONE
- CAPABILITY-ROUTING: banner, caveat, topology [PLANNED]->[LIVE], worked example
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
- scripts/colibri_poll.py: poll Colibri board for tasks assigned to an agent
- PR opened on colibri: feat/cli-register-agent (register-agent + list-agents CLI)
- Mevy (@zleht_bot) token migrated from old backup .env to hermes-osa
- Gateway running in polling mode via tmux session hermes-gateway
- python-telegram-bot[webhooks]==22.6 installed
- pip bootstrapped via python3 -m ensurepip (not in Hermes venv)
- Track B (Telegram/gateway) marked DONE, rc.d daemonization still deferred
- hermes-osa: LIVE (local chat validated), Mevy: separate (coexists)
- Provider: DeepSeek direct primary, OpenRouter fallback, Z.AI deferred
- Telegram/gateway/daemon explicitly OFF/deferred, 4 tracks documented
- CAPABILITY-ROUTING.md: labelled [LIVE] [PLANNED] [DESIGN] throughout
- Cross-host routing: explicitly 'not live yet' — local Unix socket only
- Removed stale install-note section superseded by osa detail block
- osa section compacted: single list format, no redundant entries
- Merges and supersedes Linux Hermes commit 9ec7f39
- hermes-osa: installed, local chat validated, DeepSeek direct primary
- Telegram: off (separate token from Mevy), daemon: not enabled
- Mevy vs hermes-osa: separate bots, separate tokens, coexisting
- Current vs Designed: Colibri routing local-only today, probe is tool not hook
- OS/hardware facts come from probes + matrix, not SOUL.md
- separate 'present in recovered env' from 'Hermes-supported' (Codex nuance)
- flag Telegram token reuse as a getUpdates collision risk vs Mevy
- first .env = provider keys only, Telegram deferred; Vaultwarden durable home
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Reconcile the HERMES_HOME path: /home/clawdie/.hermes is authoritative for
first validation; /home/clawdie/clawdie-ai (an earlier target) is the old
orphaned runtime and off-limits. Align agents here before install.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Fold blind spots P2-P5 into the install note: pkg-install prereqs first
(bash/uv/git/curl), bash required (shebang now portable via hermes-bsd PR #3),
run attended (interactive prompts), core-only first validation (native-build
extras may not compile on FreeBSD 15), and rc.d as a deliberate re-setup
(/var/db/hermes, hermes user) — validation state won't migrate.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
'Autolycus' is an LGPL upstream dependency the clean-room MIT hermes-bsd layer
explicitly avoids — never a service we run. Rename the osa agent label to
hermes-osa across AGENTS.md, agent-roster.md, HOST-MATRIX.md, and the FreeBSD
integration doc. Fix the roster's wrong 'LGPL v2.1 fork' -> clean-room MIT.
Correct the install facts (grounded in code): service is hermes_daemon
(packaging/freebsd/hermes_daemon.in), state home env is HERMES_HOME (not the
no-op AUTOLYCUS_HOME). Records the don't-mv-clawdie-ai caution and commit f8bf2803d.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Make free space a first-class probed fact: check df/--storage before
installing toolchains or building, keep the Disk (free) column current,
flag hosts past ~85%. Records reference footprints (Go ~290MB, Rust ~1.8GB)
and the standing debby ~95%-full watch.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Multi-OS routing: hosts advertise capability tags, tasks declare
required_capabilities, Colibri's scheduler (pick_agent/capability_match_score,
already implemented) places each task on a qualifying host. Documents the
vocabulary, the probe->capability mapping, the SkillManifest.required_capabilities
addition, central-daemon topology, and the tmux-screenshot skill as the worked
example (why dropping FreeBSD Pillow loses no capability).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
