Add Phase 3 Spark Control integration spec; mark Phase 2 done
docs/spark-control-integration.md: the SSH command contract (status via docker inspect; restart via docker restart; update via git fetch + reset --hard origin/master + docker compose up -d --build) plus the one-time conversion of the Spark's ~/matrix-bridge to a Gitea clone. No bot code change. Update source = git-pull-from-Gitea; rides Spark Control's existing SSH into spark-32d0 (no new key). Corrected the infra note: Spark is on the LAN with the Start9/Gitea host, so Spark->Gitea resolves directly.
This commit is contained in:
Keysat
@@ -70,6 +70,9 @@ the full answer back into the room (ask mode, D12).
|
||||
- `AGENTS.md` — this file (canonical; `CLAUDE.md` is a relative symlink to it).
|
||||
- `ROADMAP.md` — Phases 1–4+ with falsifiable exits, plus deferred/future directions.
|
||||
- `README.md` — human-facing intro.
|
||||
- `docs/spark-control-integration.md` — Phase 3 spec for the Spark Control dev: the SSH
|
||||
command contract (status / restart / git-pull update) the dashboard drives, plus the one-time
|
||||
conversion of the Spark's `~/matrix-bridge` to a Gitea clone. matrix-bridge needs no code change.
|
||||
- `scripts/launch-claude.sh` — the Mac-side launch wrapper (the only seam that knows the
|
||||
Mac's environment).
|
||||
- `config.example.toml` — room→repo mapping template; the real `config.toml` is gitignored.
|
||||
@@ -164,12 +167,16 @@ once" is not done.
|
||||
|
||||
## Infra facts (proven — stable reference)
|
||||
|
||||
- **WireGuard (`starttunnel`), not LAN:** Mac `10.59.211.5`; Spark (`spark-32d0`, user `modelo`)
|
||||
`10.59.211.6`. The Spark is not on the Mac's LAN subnet.
|
||||
- **WireGuard (`starttunnel`) for Mac↔Spark:** Mac `10.59.211.5`; Spark (`spark-32d0`, user `modelo`)
|
||||
`10.59.211.6`. The Mac↔Spark seam runs over WireGuard (not the Mac's LAN subnet). The Spark *is*
|
||||
on the LAN, same as the Start9 host (`immense-voyage`) — so Spark→Gitea (`immense-voyage.local:59916`)
|
||||
resolves and works directly.
|
||||
- **Spark → Mac:** SSH alias `mac-bridge` → the Mac as user `macpro`, dedicated key
|
||||
(`~/.ssh/id_ed25519` on the Spark, in the Mac's `authorized_keys`). The Spark host's `~/.ssh/config` needs `IdentitiesOnly yes` because a
|
||||
`Host *` rule shadows the default key; the container regenerates a clean config from `config.toml [mac]`.
|
||||
- **Mac → Spark:** no authorized key — Spark-side ops (deploy/restart) are owner-run until Phase 3.
|
||||
- **Mac → Spark:** no authorized key — direct Mac-initiated Spark ops stay owner-run. (This is *not*
|
||||
what Phase 3 closes: Spark Control already has its own SSH channel into `spark-32d0`, so its
|
||||
status/update/restart buttons ride that, not a Mac→Spark key.)
|
||||
- **Matrix:** homeserver `https://matrix.gilliam.ai` (StartOS Synapse), bot `@agent:matrix.gilliam.ai`,
|
||||
device `matrix-bridge-bot`. The bot reuses the stored access token (`.env`) — never re-logs in
|
||||
(avoids device churn). No E2EE (D9); bot↔Synapse is clearnet TLS, softening D9's WireGuard-only rationale.
|
||||
@@ -190,12 +197,19 @@ once" is not done.
|
||||
drivable session on the phone via Remote Control.
|
||||
- **Ask mode** (`?`-prefixed message): `ssh mac-bridge → ask-claude.sh → claude -p`, full answer posted
|
||||
back into the room (chunked, no truncation). See D12.
|
||||
- **Phase 2 (multi-room routing)** is effectively satisfied — the bot is built multi-room and routes by
|
||||
`room_id`; only a formal N=3 confirmation pass remains.
|
||||
- **Next — Phase 3 (deferred to next session by owner):** Spark Control integration — bot container
|
||||
status + one-click update/restart on the dashboard; also closes the Mac-has-no-key-into-Spark gap.
|
||||
- **Open / risks:** (a) a `?`-ask in a repo `claude` has never opened may stall on the folder-trust gate
|
||||
— add a trust flag to `ask-claude.sh` if/when hit, not preemptively; (b) owner TODO: clean up the
|
||||
accidental MacBook docker deploy (`docker compose down` + `docker image rm matrix-bridge-bot`).
|
||||
- **Repo:** tree clean; `master` == `phase-1` == `8ad1cd8`, pushed to Gitea. No test suite (pre-existing);
|
||||
this session's changes were syntax/unit-checked locally, fresh-eyes reviewed, and proven live.
|
||||
- **Phase 2 (multi-room routing) — DONE.** Owner confirmed the N=3 pass: routes by `room_id`,
|
||||
correct repo, zero wrong-directory launches.
|
||||
- **Phase 3 (Spark Control integration) — spec drafted, handed to the Spark Control dev (2026-06-15).**
|
||||
See `docs/spark-control-integration.md`: the SSH command contract (status via `docker inspect`;
|
||||
restart via `docker restart`; update via `git fetch && git reset --hard origin/master &&
|
||||
docker compose up -d --build`) plus a one-time conversion of the Spark's `~/matrix-bridge` from
|
||||
scp'd loose files to a Gitea clone (secrets are gitignored, so `reset --hard` preserves them).
|
||||
Decisions this session: update source = git-pull-from-Gitea (not scp-from-Mac); Spark Control
|
||||
already SSHes into `spark-32d0`, so no new key. **matrix-bridge needs no code change** — the work
|
||||
is now Spark Control-side (status tile + buttons) + the one-time Spark migration. Awaiting the dev.
|
||||
- **Open / risks:** a `?`-ask in a repo `claude` has never opened may stall on the folder-trust gate
|
||||
— add a trust flag to `ask-claude.sh` if/when hit, not preemptively. (Resolved this session: the
|
||||
accidental MacBook docker deploy was cleaned up by the owner.)
|
||||
- **Repo:** `master` == `phase-1` == `ee8408d` pushed to Gitea; this session adds the Phase 3 spec
|
||||
doc + these AGENTS.md edits on top (uncommitted — propose committing as the handoff). No test suite
|
||||
(pre-existing); the doc is a spec, no code changed.
|
||||
|
||||
Reference in New Issue
Block a user