@rubytech/create-realagent 1.0.861 → 1.0.862

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rubytech/create-realagent",
-  "version": "1.0.861",
+  "version": "1.0.862",
   "description": "Install Real Agent — Built for agents. By agents.",
   "bin": {
     "create-realagent": "./dist/index.js"

package/payload/platform/scripts/redact-install-logs.sh

@@ -2,18 +2,20 @@
 # Existing-pi install-log redaction (Task 744).
 #
 # Idempotent one-shot remediation for Pis that completed installation BEFORE
-# the install-log redaction landed at index.ts:152 / setup.sh:94. Scans every
-# `install-*.log` in the configured logs directory and replaces every literal
-# `set-initial-password ...<secret>` payload with `set-initial-password
-# [REDACTED]`. Re-running the script is safe — already-redacted lines do not
-# match the source pattern, so no further edits occur.
+# the install-log redaction landed at packages/create-maxy/src/index.ts:152.
+# Scans every `install-*.log` in the configured logs directory and replaces
+# every literal `set-initial-password ...<secret>` payload with
+# `set-initial-password [REDACTED]`. Re-running the script is safe —
+# already-redacted lines do not match the source pattern, so no further
+# edits occur.
 #
 # Source patterns covered:
 #   1. TS installer (packages/create-maxy/src/index.ts:152) — "[ISO] > sudo
 #      neo4j-admin dbms set-initial-password -- <secret>" or any args after
 #      "set-initial-password" (positional or "--" delimited).
-#   2. Shell installer (platform/scripts/setup.sh, pre-fix variant) — "+ sudo
-#      neo4j-admin dbms set-initial-password <secret>" if bash -x had been on.
+#   2. Legacy bash installer (removed) — "+ sudo neo4j-admin dbms
+#      set-initial-password <secret>" if bash -x had been on. Pattern kept
+#      for historical install logs from before the bash installer's removal.
 #
 # A trailing marker line `[redact-install-logs] redacted=<n> file=<path>` is
 # appended to each modified log so subsequent reads can identify which logs

package/payload/platform/scripts/setup.sh

@@ -1,195 +0,0 @@
-#!/usr/bin/env bash
-# Maxy Phase 0 — Pi Setup Script
-# Run on a fresh Raspberry Pi 5 (16GB) with Raspberry Pi OS (64-bit)
-#
-# Usage: curl -fsSL https://raw.githubusercontent.com/aeon-neo/getmaxy/main/platform/scripts/setup.sh | bash
-#    or: git clone git@github.com:aeon-neo/getmaxy.git && cd getmaxy && bash platform/scripts/setup.sh
-
-set -euo pipefail
-
-REPO_URL="https://github.com/aeon-neo/getmaxy.git"
-INSTALL_DIR="$HOME/maxy"
-
-echo "================================================================"
-echo "  Maxy Phase 0 — Setup"
-echo "  AI for Productive People"
-echo "================================================================"
-echo ""
-
-# ------------------------------------------------------------------
-# 1. System dependencies + hostname + Avahi (mDNS)
-# ------------------------------------------------------------------
-echo "[1/8] Updating system packages and configuring network..."
-sudo apt-get update -qq
-sudo apt-get install -y -qq curl git unzip avahi-daemon avahi-utils bind9-dnsutils
-
-# Set hostname to 'maxy' so device is reachable at maxy.local
-CURRENT_HOSTNAME=$(hostname)
-if [ "$CURRENT_HOSTNAME" != "maxy" ]; then
-  echo "  Setting hostname to 'maxy' (was '$CURRENT_HOSTNAME')..."
-  sudo hostnamectl set-hostname maxy
-  # Update /etc/hosts
-  sudo sed -i "s/127\.0\.1\.1.*$/127.0.1.1\tmaxy/" /etc/hosts
-fi
-
-# Create Avahi service file for LAN discovery
-sudo tee /etc/avahi/services/maxy.service > /dev/null <<AVAHI
-<?xml version="1.0" standalone='no'?>
-<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
-<service-group>
-  <name replace-wildcards="yes">Maxy on %h</name>
-  <service>
-    <type>_http._tcp</type>
-    <port>19200</port>
-    <txt-record>role=maxy</txt-record>
-    <txt-record>path=/</txt-record>
-  </service>
-</service-group>
-AVAHI
-
-# Ensure Avahi is running
-sudo systemctl enable avahi-daemon
-sudo systemctl restart avahi-daemon
-echo "  Device reachable at http://maxy.local:19200"
-
-# ------------------------------------------------------------------
-# 2. Node.js 20+
-# ------------------------------------------------------------------
-if command -v node &>/dev/null && [[ "$(node -v | cut -d. -f1 | tr -d v)" -ge 20 ]]; then
-  echo "[2/8] Node.js $(node -v) already installed."
-else
-  echo "[2/8] Installing Node.js 22..."
-  curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -
-  sudo apt-get install -y -qq nodejs
-fi
-
-# ------------------------------------------------------------------
-# 3. Neo4j Community Edition 5.x
-# ------------------------------------------------------------------
-if command -v neo4j &>/dev/null; then
-  echo "[3/8] Neo4j already installed."
-else
-  echo "[3/8] Installing Neo4j Community Edition 5..."
-
-  # Neo4j 5.x requires Java 17+
-  if ! java -version 2>&1 | grep -q '"17\.\|"21\.\|"22\.\|"23\.'; then
-    echo "  Installing OpenJDK 17..."
-    sudo apt-get install -y -qq openjdk-17-jre-headless
-  fi
-
-  # Add Neo4j repository
-  curl -fsSL https://debian.neo4j.com/neotechnology.gpg.key | sudo gpg --yes --dearmor -o /usr/share/keyrings/neo4j.gpg 2>/dev/null
-  echo "deb [signed-by=/usr/share/keyrings/neo4j.gpg] https://debian.neo4j.com stable 5" | sudo tee /etc/apt/sources.list.d/neo4j.list
-  sudo apt-get update -qq
-  sudo apt-get install -y -qq neo4j
-
-  # Configure Neo4j for local use
-  sudo sed -i 's/#server.default_listen_address=0.0.0.0/server.default_listen_address=127.0.0.1/' /etc/neo4j/neo4j.conf
-
-  # Generate a strong random password and store it.
-  # Password handling block is set +x bracketed so even bash -x setup.sh
-  # cannot print the substituted secret. The password is written to
-  # platform/config/.neo4j-password (chmod 600) — the only readable source.
-  # set-initial-password reads the secret via $(cat ...) so the literal
-  # never appears on the parent shell's command line, and stdout is
-  # discarded so neo4j-admin's own echo cannot leak it either (Task 744).
-  { set +x; } 2>/dev/null
-  NEO4J_GENERATED_PASSWORD=$(openssl rand -base64 32 | tr -d '/+=' | head -c 32)
-  mkdir -p "$INSTALL_DIR/platform/config"
-  printf '%s' "$NEO4J_GENERATED_PASSWORD" > "$INSTALL_DIR/platform/config/.neo4j-password"
-  chmod 600 "$INSTALL_DIR/platform/config/.neo4j-password"
-  unset NEO4J_GENERATED_PASSWORD
-  sudo neo4j-admin dbms set-initial-password "$(cat "$INSTALL_DIR/platform/config/.neo4j-password")" >/dev/null 2>&1
-
-  # Start and enable
-  sudo systemctl enable neo4j
-  sudo systemctl start neo4j
-  echo "  Neo4j started. Password stored in platform/config/.neo4j-password"
-fi
-
-# ------------------------------------------------------------------
-# 4. Ollama (local embeddings)
-# ------------------------------------------------------------------
-if command -v ollama &>/dev/null; then
-  echo "[4/8] Ollama already installed."
-else
-  echo "[4/8] Installing Ollama..."
-  curl -fsSL https://ollama.ai/install.sh | sh
-fi
-
-# Pull the embedding model (configurable via EMBED_MODEL env var)
-EMBED_MODEL="${EMBED_MODEL:-nomic-embed-text}"
-echo "  Pulling ${EMBED_MODEL} embedding model..."
-ollama pull "$EMBED_MODEL"
-
-# ------------------------------------------------------------------
-# 5. Cloudflared (Cloudflare Tunnel)
-# ------------------------------------------------------------------
-if command -v cloudflared &>/dev/null; then
-  echo "[5/8] Cloudflared already installed."
-else
-  echo "[5/8] Installing cloudflared..."
-  curl -fsSL https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-arm64.deb -o /tmp/cloudflared.deb
-  sudo dpkg -i /tmp/cloudflared.deb
-  rm /tmp/cloudflared.deb
-fi
-
-# ------------------------------------------------------------------
-# 6. Clone or update Maxy
-# ------------------------------------------------------------------
-if [ -d "$INSTALL_DIR/.git" ]; then
-  echo "[6/8] Updating Maxy..."
-  cd "$INSTALL_DIR"
-  git pull --ff-only
-else
-  echo "[6/8] Cloning Maxy..."
-  git clone "$REPO_URL" "$INSTALL_DIR"
-  cd "$INSTALL_DIR"
-fi
-
-# ------------------------------------------------------------------
-# 6.5. Redact install-log credential leaks (Task 744 — idempotent).
-# Pre-fix logs may contain plaintext neo4j passwords; this script scrubs
-# every install-*.log to "[REDACTED]". Safe on already-clean logs.
-# ------------------------------------------------------------------
-if [ -x "$INSTALL_DIR/platform/scripts/redact-install-logs.sh" ]; then
-  bash "$INSTALL_DIR/platform/scripts/redact-install-logs.sh" || true
-fi
-
-# ------------------------------------------------------------------
-# 7. Install dependencies and build
-# ------------------------------------------------------------------
-echo "[7/8] Installing dependencies and building..."
-
-# Platform MCP servers
-cd "$INSTALL_DIR/platform"
-npm install --quiet
-npm run build
-
-# Web app
-cd "$INSTALL_DIR/maxy"
-npm install --quiet
-npm run build
-
-# ------------------------------------------------------------------
-# 8. Create account and apply schema
-# ------------------------------------------------------------------
-cd "$INSTALL_DIR"
-if [ ! -f "$INSTALL_DIR/.seeded" ]; then
-  echo "[8/8] Creating account and applying schema..."
-  bash platform/scripts/seed-neo4j.sh
-  touch "$INSTALL_DIR/.seeded"
-fi
-
-# ------------------------------------------------------------------
-# Done
-# ------------------------------------------------------------------
-echo ""
-echo "================================================================"
-echo "  Maxy is installed."
-echo ""
-echo "  Open in your browser:"
-echo "    http://maxy.local:19200"
-echo ""
-echo "  Everything from here happens through conversation."
-echo "================================================================"