direxio-deployer 0.1.7 → 0.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +1 -1
- package/README.md +17 -9
- package/README_zh.md +15 -9
- package/SKILL.md +73 -29
- package/agents/README.md +5 -5
- package/agents/openai.yaml +3 -3
- package/package.json +1 -1
- package/references/agent-targets.md +1 -1
- package/references/architecture.md +4 -4
- package/references/bug-history.md +2 -2
- package/references/deployment-lessons.md +10 -9
- package/references/deployment-optimization-audit.md +14 -10
- package/references/deployment-workflow.md +29 -22
- package/references/iam-policy.json +1 -1
- package/references/runtime-wiring.md +2 -2
- package/references/state-machine.md +1 -1
- package/references/token-refresh.md +3 -1
- package/references/tooling.md +6 -3
- package/references/user-journey.md +1 -1
- package/references/verification-recovery.md +11 -5
- package/references/voip-turn-runbook.md +2 -2
- package/scripts/cloud-init/docker-compose.yml +7 -7
- package/scripts/cloud-init/init-tokens.sh +4 -4
- package/scripts/destroy.ps1 +3 -3
- package/scripts/destroy.sh +9 -9
- package/scripts/json.mjs +2 -0
- package/scripts/lib/paths.sh +1 -3
- package/scripts/lib/state.sh +9 -9
- package/scripts/orchestrate.ps1 +3 -3
- package/scripts/orchestrate.sh +18 -19
- package/scripts/phases/s2_domain.sh +4 -4
- package/scripts/phases/s3_provision.sh +6 -6
- package/scripts/phases/s5_init_tokens.sh +1 -1
- package/scripts/phases/s6_wire_local.sh +23 -1
- package/scripts/reset-app-data.sh +1 -1
- package/scripts/update.sh +2 -10
package/LICENSE
CHANGED
package/README.md
CHANGED
|
@@ -69,9 +69,10 @@ The CLI is implemented in Node and uses native paths for the host it runs on. On
|
|
|
69
69
|
|
|
70
70
|
## Minimal Command
|
|
71
71
|
|
|
72
|
-
Import and verify an AWS deployment profile from an AWS CSV.
|
|
73
|
-
|
|
74
|
-
|
|
72
|
+
Import and verify an AWS deployment profile from an AWS CSV. Root access keys
|
|
73
|
+
are the fastest first-deploy path but are highly privileged; save the CSV
|
|
74
|
+
securely and rotate or delete the key after deployment. A temporary
|
|
75
|
+
`DirexioDeployer` IAM user is safer but takes more AWS console steps:
|
|
75
76
|
|
|
76
77
|
```bash
|
|
77
78
|
bash scripts/aws-credentials.sh import-csv /path/to/accessKeys.csv direxio-deployer us-east-1
|
|
@@ -111,16 +112,15 @@ $env:MESSAGE_SERVER_IMAGE = "direxio/message-server:latest"
|
|
|
111
112
|
.\scripts\orchestrate.ps1
|
|
112
113
|
```
|
|
113
114
|
|
|
114
|
-
Recommendation-only local bridge wiring:
|
|
115
|
+
Recommendation-only local bridge and MCP wiring:
|
|
115
116
|
|
|
116
117
|
```bash
|
|
117
118
|
DIREXIO_AGENT_INSTALL=recommend bash scripts/orchestrate.sh
|
|
118
119
|
```
|
|
119
120
|
|
|
120
|
-
Automatic local bridge install:
|
|
121
|
+
Automatic local bridge and MCP install is the default. Set runtime selectors only when auto-detection is ambiguous:
|
|
121
122
|
|
|
122
123
|
```bash
|
|
123
|
-
DIREXIO_AGENT_INSTALL=auto \
|
|
124
124
|
DIREXIO_AGENT_PLATFORM=auto \
|
|
125
125
|
DIREXIO_CC_CONNECT_AGENT=claudecode \
|
|
126
126
|
DIREXIO_AGENT_INSTALL_MODE=recommended \
|
|
@@ -158,16 +158,23 @@ Update an existing node without deleting data:
|
|
|
158
158
|
|
|
159
159
|
```bash
|
|
160
160
|
DOMAIN=<domain> MESSAGE_SERVER_IMAGE=direxio/message-server:latest bash scripts/update.sh
|
|
161
|
-
P2P_EXISTING_STATE_ACTION=continue DOMAIN=<domain> bash scripts/orchestrate.sh
|
|
162
161
|
```
|
|
163
162
|
|
|
163
|
+
Image refresh restarts the remote service only. It leaves local credentials,
|
|
164
|
+
`direxio-connect`, MCP artifacts, user confirmations, and runtime checks intact.
|
|
165
|
+
|
|
164
166
|
Reset application data while preserving EC2, DNS, fixed IP, and Caddy TLS:
|
|
165
167
|
|
|
166
168
|
```bash
|
|
167
169
|
DIREXIO_RESET_APP_DATA_CONFIRM=1 DOMAIN=<domain> bash scripts/reset-app-data.sh
|
|
168
|
-
|
|
170
|
+
DIREXIO_EXISTING_STATE_ACTION=continue DOMAIN=<domain> bash scripts/orchestrate.sh
|
|
169
171
|
```
|
|
170
172
|
|
|
173
|
+
Application data reset clears server-side app volumes, so the follow-up
|
|
174
|
+
orchestrate run regenerates local credentials/MCP artifacts and automatically
|
|
175
|
+
reinstalls/restarts `direxio-connect` plus `direxio-mcp` unless explicitly
|
|
176
|
+
overridden with `DIREXIO_AGENT_INSTALL=recommend` or `skip`.
|
|
177
|
+
|
|
171
178
|
## Local Bridge
|
|
172
179
|
|
|
173
180
|
S6 writes these service-scoped files under `~/.direxio/nodes/<service_id>/`:
|
|
@@ -193,7 +200,8 @@ direxio-connect daemon install --config ~/.direxio/nodes/<service_id>/cc-connect
|
|
|
193
200
|
direxio-connect daemon status --service-name <service_id>
|
|
194
201
|
```
|
|
195
202
|
|
|
196
|
-
MCP
|
|
203
|
+
MCP is installed automatically during S6 when `DIREXIO_AGENT_INSTALL=auto`.
|
|
204
|
+
Manual recovery command:
|
|
197
205
|
|
|
198
206
|
```bash
|
|
199
207
|
npm install -g direxio-mcp@latest
|
package/README_zh.md
CHANGED
|
@@ -67,8 +67,9 @@ direxio-deployer skill update --agent codex
|
|
|
67
67
|
|
|
68
68
|
## 最小命令
|
|
69
69
|
|
|
70
|
-
从 AWS CSV 导入并验证一个部署 profile
|
|
71
|
-
|
|
70
|
+
从 AWS CSV 导入并验证一个部署 profile。root access key 是首次部署最快路径,
|
|
71
|
+
但权限极高;请安全保存 CSV,部署后轮换或删除密钥。临时
|
|
72
|
+
`DirexioDeployer` IAM 用户更安全,但 AWS 控制台步骤更多:
|
|
72
73
|
|
|
73
74
|
```bash
|
|
74
75
|
bash scripts/aws-credentials.sh import-csv /path/to/accessKeys.csv direxio-deployer us-east-1
|
|
@@ -108,16 +109,15 @@ $env:MESSAGE_SERVER_IMAGE = "direxio/message-server:latest"
|
|
|
108
109
|
.\scripts\orchestrate.ps1
|
|
109
110
|
```
|
|
110
111
|
|
|
111
|
-
仅写入并推荐本地 bridge:
|
|
112
|
+
仅写入并推荐本地 bridge 和 MCP:
|
|
112
113
|
|
|
113
114
|
```bash
|
|
114
115
|
DIREXIO_AGENT_INSTALL=recommend bash scripts/orchestrate.sh
|
|
115
116
|
```
|
|
116
117
|
|
|
117
|
-
|
|
118
|
+
默认会自动安装本地 bridge 和 MCP。只有自动检测不明确时才需要显式设置 runtime:
|
|
118
119
|
|
|
119
120
|
```bash
|
|
120
|
-
DIREXIO_AGENT_INSTALL=auto \
|
|
121
121
|
DIREXIO_AGENT_PLATFORM=auto \
|
|
122
122
|
DIREXIO_CC_CONNECT_AGENT=claudecode \
|
|
123
123
|
DIREXIO_AGENT_INSTALL_MODE=recommended \
|
|
@@ -155,16 +155,22 @@ service 目录。
|
|
|
155
155
|
|
|
156
156
|
```bash
|
|
157
157
|
DOMAIN=<domain> MESSAGE_SERVER_IMAGE=direxio/message-server:latest bash scripts/update.sh
|
|
158
|
-
P2P_EXISTING_STATE_ACTION=continue DOMAIN=<domain> bash scripts/orchestrate.sh
|
|
159
158
|
```
|
|
160
159
|
|
|
160
|
+
镜像刷新只重启远端服务,不重置本地 credentials、`direxio-connect`、MCP
|
|
161
|
+
配置、用户确认和 runtime checks。
|
|
162
|
+
|
|
161
163
|
重置应用数据但保留 EC2、DNS、固定 IP 和 Caddy TLS:
|
|
162
164
|
|
|
163
165
|
```bash
|
|
164
166
|
DIREXIO_RESET_APP_DATA_CONFIRM=1 DOMAIN=<domain> bash scripts/reset-app-data.sh
|
|
165
|
-
|
|
167
|
+
DIREXIO_EXISTING_STATE_ACTION=continue DOMAIN=<domain> bash scripts/orchestrate.sh
|
|
166
168
|
```
|
|
167
169
|
|
|
170
|
+
清理应用数据卷后,后续 orchestrate 会重新生成本地 credentials/MCP 配置,
|
|
171
|
+
并默认自动重新安装/重启 `direxio-connect` 和 `direxio-mcp`;如需只写文件,
|
|
172
|
+
显式设置 `DIREXIO_AGENT_INSTALL=recommend` 或 `skip`。
|
|
173
|
+
|
|
168
174
|
## 本地 Bridge
|
|
169
175
|
|
|
170
176
|
S6 会在 `~/.direxio/nodes/<service_id>/` 下写入:
|
|
@@ -190,10 +196,10 @@ direxio-connect daemon install --config ~/.direxio/nodes/<service_id>/cc-connect
|
|
|
190
196
|
direxio-connect daemon status --service-name <service_id>
|
|
191
197
|
```
|
|
192
198
|
|
|
193
|
-
MCP
|
|
199
|
+
默认 `DIREXIO_AGENT_INSTALL=auto` 时,S6 会自动安装 MCP。手动恢复命令:
|
|
194
200
|
|
|
195
201
|
```bash
|
|
196
|
-
npm install -g direxio-mcp
|
|
202
|
+
npm install -g direxio-mcp@latest
|
|
197
203
|
DIREXIO_CREDENTIALS_FILE=~/.direxio/nodes/<service_id>/credentials.json direxio-mcp doctor --json
|
|
198
204
|
```
|
|
199
205
|
|
package/SKILL.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: direxio-deployer
|
|
3
|
-
description: Deploy, resume, verify, destroy, and locally wire a production
|
|
3
|
+
description: Deploy, resume, verify, destroy, and locally wire a production Direxio message server on AWS for any connent/connect-supported local agent runtime. Use when installing or updating this skill itself; install the versioned npm package `direxio-deployer` and use its CLI to place the skill in the runtime-specific global path from references/agent-targets.md unless the user explicitly asks for a project-local installation.
|
|
4
4
|
---
|
|
5
5
|
|
|
6
6
|
# Direxio Deployer
|
|
@@ -49,7 +49,7 @@ when it is safe and does not overwrite local edits. If the clone has local
|
|
|
49
49
|
changes, do not discard them; report the divergence and continue from the local
|
|
50
50
|
copy unless the user approves a specific update action.
|
|
51
51
|
|
|
52
|
-
Do not fall back to older
|
|
52
|
+
Do not fall back to older pre-Direxio skill repositories or unmanaged copied skill bundles unless the user explicitly asks for one of those repositories. Never print or commit AWS credentials, initialization codes, agent tokens, or local credential files while refreshing the Skill.
|
|
53
53
|
|
|
54
54
|
## Cloud Account And Domain Onboarding
|
|
55
55
|
|
|
@@ -100,17 +100,28 @@ Step-by-step onboarding flow:
|
|
|
100
100
|
deployment?"
|
|
101
101
|
- If yes, ask only for the local CSV path or profile name, then verify it
|
|
102
102
|
with `aws sts get-caller-identity`.
|
|
103
|
-
- If no,
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
-
|
|
103
|
+
- If no, offer two credential paths and ask the user to choose:
|
|
104
|
+
1. **Root access key (default fastest path):** simpler to create for a
|
|
105
|
+
first deployment because it uses the account owner identity directly.
|
|
106
|
+
Explain that it is highly privileged, must be saved securely, must
|
|
107
|
+
never be pasted into chat or committed, and should be rotated or
|
|
108
|
+
deleted after deployment.
|
|
109
|
+
2. **Dedicated IAM deployment user:** safer because it avoids root keys,
|
|
110
|
+
but requires more AWS console steps. Explain in one sentence: "This
|
|
111
|
+
temporary user lets the deployment tool create and later destroy this
|
|
112
|
+
Direxio node; delete or disable it after deployment."
|
|
113
|
+
- If the user chooses the root path, guide only one or two clicks at a time:
|
|
114
|
+
1. Sign in to AWS as the root account owner.
|
|
115
|
+
2. Open the root user's **Security credentials** page.
|
|
116
|
+
3. In **Access keys**, choose **Create access key**.
|
|
117
|
+
4. Select **Command Line Interface (CLI)**, acknowledge AWS's root-key
|
|
118
|
+
warning, and create the key.
|
|
119
|
+
5. Download the `.csv` file, store it securely, and provide only the local
|
|
120
|
+
CSV path to the agent.
|
|
121
|
+
6. After deployment, rotate or delete the root access key unless the user
|
|
122
|
+
has a deliberate reason to keep it.
|
|
123
|
+
- If the user chooses the dedicated IAM deployment user path, guide only one
|
|
124
|
+
or two clicks at a time:
|
|
114
125
|
1. Open `https://console.aws.amazon.com/iam/home#/users/create`.
|
|
115
126
|
2. Create a user named `DirexioDeployer-YYYYMMDD` or `DirexioDeployer`.
|
|
116
127
|
3. Attach the AWS managed policy `AdministratorAccess`. State plainly
|
|
@@ -122,6 +133,10 @@ Step-by-step onboarding flow:
|
|
|
122
133
|
continue.
|
|
123
134
|
7. Choose `Create access key`, download the `.csv` file, and provide only
|
|
124
135
|
the local file path.
|
|
136
|
+
- Root access keys are allowed when the operator explicitly chooses them.
|
|
137
|
+
Do not block deployment only because `aws sts get-caller-identity` returns
|
|
138
|
+
an ARN ending in `:root`; report `root=true`, repeat the security warning
|
|
139
|
+
once, and continue if the user accepts that risk.
|
|
125
140
|
- After credentials are configured, run `aws sts get-caller-identity`,
|
|
126
141
|
report only the account, whether the identity is root, and the redacted
|
|
127
142
|
ARN.
|
|
@@ -342,7 +357,7 @@ Use a Git clone only for development or local patching of this deployer, not as
|
|
|
342
357
|
|
|
343
358
|
## Agent Recognition
|
|
344
359
|
|
|
345
|
-
Use this skill when the user asks to deploy, resume, verify, destroy, repair, or wire a
|
|
360
|
+
Use this skill when the user asks to deploy, resume, verify, destroy, repair, or wire a Direxio message server. The instructions are runtime-neutral and can be followed by any agent that can run shell commands and read files. The local bridge target must be one of the connent/connect agents unless the user explicitly supplies compatible custom TOML. OpenClaw and Hermes are host runtimes that S6 wires through the generic connent/connect `acp` agent.
|
|
346
361
|
|
|
347
362
|
For local agent integration after deployment, S6 writes service-specific credentials and environment files under `~/.direxio/nodes/<service_id>/`, where `service_id` is derived from the deployed domain. It also writes MCP client snippets under `~/.direxio/nodes/<service_id>/mcp/` for MCP-capable hosts such as Codex, OpenClaw, and Hermes. It does not write root-level compatibility credentials, shell profiles, Windows user environment variables, or mutate each host's global MCP config.
|
|
348
363
|
|
|
@@ -361,19 +376,19 @@ DIREXIO_CC_CONNECT_AGENT=<optional connect agent>
|
|
|
361
376
|
DIREXIO_OPENCLAW_ACP_URL=<optional explicit OpenClaw gateway URL>
|
|
362
377
|
DIREXIO_OPENCLAW_ACP_TOKEN_FILE=<optional explicit OpenClaw gateway token file>
|
|
363
378
|
DIREXIO_OPENCLAW_ACP_SESSION=<optional OpenClaw ACP session; defaults to agent:main:main>
|
|
364
|
-
DIREXIO_AGENT_INSTALL=
|
|
379
|
+
DIREXIO_AGENT_INSTALL=auto
|
|
365
380
|
DIREXIO_AGENT_INSTALL_MODE=recommended
|
|
366
381
|
```
|
|
367
382
|
|
|
368
383
|
The only supported local conversation bridge is `direxio-connect`, installed from `direxio-connent@latest` by default or built from `https://github.com/YingSuiAI/direxio-connect.git`. S6 creates a Matrix session for `@agent:<server>`, writes `~/.direxio/nodes/<service_id>/cc-connect/config.toml`, and restricts the bridge to the real `agent_room_id`.
|
|
369
384
|
|
|
370
|
-
The local MCP tool surface is `direxio-mcp`, installed from `direxio-mcp@latest` by default
|
|
385
|
+
The local MCP tool surface is `direxio-mcp`, installed from `direxio-mcp@latest` by default when `DIREXIO_AGENT_INSTALL=auto`. S6 writes `mcp/codex.toml`, `mcp/openclaw.md`, `mcp/openclaw-server.json`, `mcp/hermes.mcp.json`, `mcp/mcp-servers.json`, and `mcp/env`; these artifacts point to `credentials.json` by `DIREXIO_CREDENTIALS_FILE`. OpenClaw must be configured through the generated `openclaw mcp set` command in `mcp/openclaw.md`; do not paste MCP JSON into `~/.openclaw/openclaw.json`. Keep this separate from cc-connect: cc-connect must use its direct Matrix config and must not use `DIREXIO_CREDENTIALS_FILE`.
|
|
371
386
|
|
|
372
387
|
`DIREXIO_CC_CONNECT_AGENT` is the preferred explicit selector. Supported values match connent/connect: `acp`, `antigravity`, `claudecode`, `codex`, `copilot`, `cursor`, `devin`, `gemini`, `iflow`, `kimi`, `opencode`, `pi`, `qoder`, `reasonix`, and `tmux`. Detected OpenClaw and Hermes runtimes map to `cc_connect_agent=acp`; they are not native connect agent types. OpenClaw uses `cmd = "openclaw"` with args `["acp", "--session", "agent:main:main"]` by default, letting `openclaw acp` auto-discover the Gateway from `~/.openclaw/openclaw.json`. If the operator needs to force explicit Gateway settings, S6 requires all three real values from the current OpenClaw runtime after pairing: `DIREXIO_OPENCLAW_ACP_URL`, `DIREXIO_OPENCLAW_ACP_TOKEN_FILE`, and `DIREXIO_OPENCLAW_ACP_SESSION`; do not guess these values or reuse old chat output. Hermes uses `cmd = "direxio-connect"` with `args = ["hermes-acp-adapter", "--", "hermes", "acp"]` so the Direxio compatibility layer can suppress Hermes reasoning text before it reaches the Matrix room. Use `DIREXIO_CC_CONNECT_AGENT_CMD`, `DIREXIO_<AGENT>_COMMAND`, and when needed `DIREXIO_CC_CONNECT_AGENT_OPTIONS_TOML` for agent-specific launch details. OpenClaw and Hermes also accept `DIREXIO_OPENCLAW_COMMAND`, `DIREXIO_HERMES_COMMAND`, `DIREXIO_HERMES_ACP_ADAPTER_COMMAND`, `DIREXIO_OPENCLAW_ACP_ARGS_TOML`, and `DIREXIO_HERMES_ACP_ARGS_TOML`; Hermes custom args are child Hermes args and S6 prefixes the adapter wrapper automatically.
|
|
373
388
|
|
|
374
389
|
`DIREXIO_AGENT_PLATFORM` describes the host runtime following the skill, while `DIREXIO_CC_CONNECT_AGENT` describes the local agent backend that `direxio-connect` should launch. Host runtimes such as Hermes or OpenClaw are not native cc-connect backend types; S6 maps them to the generic ACP backend by default and records `cc_connect_agent=acp`. Override `DIREXIO_CC_CONNECT_AGENT` only when the operator intentionally wants a different local backend.
|
|
375
390
|
|
|
376
|
-
`DIREXIO_AGENT_INSTALL` may be `skip`, `recommend`, or `auto
|
|
391
|
+
`DIREXIO_AGENT_INSTALL` may be `skip`, `recommend`, or `auto`; the default is `auto`. `auto` attempts to run `npm install -g direxio-connent@latest`, `direxio-connect daemon install --config ~/.direxio/nodes/<service_id>/cc-connect/config.toml --service-name <service_id> --force`, and `npm install -g direxio-mcp@latest`. `recommend` records and prints commands without mutating local daemon/package state. A cc-connect automatic install is reported as installed only when `direxio-connect daemon status --service-name <service_id>` returns `Status: Running` and recent daemon logs do not show ACP session initialization failure; otherwise S6 records `agent_install_status=install_failed`. MCP automatic install records `mcp_install_status=installed` only when npm succeeds. S6 calls `agent.matrix_session.create` with `agent_token` and retries transient HTTP 000/404/408/409/425/429/5xx responses before failing, because the Matrix action can become reachable after `/healthz`; defaults are 12 attempts with exponential backoff capped by `DIREXIO_MATRIX_SESSION_RETRY_MAX_INTERVAL`.
|
|
377
392
|
|
|
378
393
|
Voice input is supported through `direxio-connect` speech-to-text. When `DIREXIO_SPEECH_API_KEY` or a provider-specific key such as `DIREXIO_SPEECH_QWEN_API_KEY`, `OPENAI_API_KEY`, `GROQ_API_KEY`, `DASHSCOPE_API_KEY`, `GEMINI_API_KEY`, or `GOOGLE_API_KEY` is present, S6 writes `[speech] enabled = true` into the generated config. Without an STT key, do not claim voice input is enabled.
|
|
379
394
|
|
|
@@ -573,10 +588,10 @@ for the current service before giving advice. The status output includes a
|
|
|
573
588
|
and may still be billing.
|
|
574
589
|
- Resume safety: whether rerunning the same command is safe, or whether the
|
|
575
590
|
operator must preserve `state.json` and continue with
|
|
576
|
-
`
|
|
577
|
-
- Local refresh: if `agent_install_status=refresh_pending`,
|
|
578
|
-
cleared old credentials, user confirmations, runtime checks,
|
|
579
|
-
install proof; the next action is to rerun the deployment workflow to refresh S4-S7, local credentials, MCP snippets, and runtime checks.
|
|
591
|
+
`DIREXIO_EXISTING_STATE_ACTION=continue`.
|
|
592
|
+
- Local refresh: if `agent_install_status=refresh_pending`, reset/redeploy
|
|
593
|
+
cleared old credentials, user confirmations, runtime checks, bridge install
|
|
594
|
+
proof, and MCP install proof; the next action is to rerun the deployment workflow to refresh S4-S7, local credentials, MCP snippets, automatic installs, and runtime checks.
|
|
580
595
|
- Next action: the concrete diagnostic or user action for the current phase.
|
|
581
596
|
- Stop-loss: whether no cloud destroy is needed yet, or how to ask the agent to
|
|
582
597
|
run destroy / run `scripts/destroy.sh` on POSIX or `.\scripts\destroy.ps1` on
|
|
@@ -623,8 +638,10 @@ reminders, `billing.cost_estimate`, destroy read-back evidence when applicable,
|
|
|
623
638
|
`billing.destroy_cleanup_status`, `billing.possible_remaining_billable_resources`,
|
|
624
639
|
and secret-redaction evidence. It also records local refresh state:
|
|
625
640
|
`credentials.status`, `connect.install_status`, and `mcp.status` must show
|
|
626
|
-
`refresh_pending` after
|
|
627
|
-
write fresh evidence.
|
|
641
|
+
`refresh_pending` after reset/redeploy until S5/S6/S7 and runtime verification
|
|
642
|
+
write fresh evidence. Image-only update keeps existing local refresh state and
|
|
643
|
+
does not clear credentials, confirmations, runtime checks, or local install
|
|
644
|
+
evidence. User confirmation evidence is redacted before it is
|
|
628
645
|
written to the operation report, so initialization codes and tokens are not
|
|
629
646
|
copied into handoff artifacts.
|
|
630
647
|
If a destroy report lists possible remaining billable resources, tell the user
|
|
@@ -637,12 +654,39 @@ do next.
|
|
|
637
654
|
|
|
638
655
|
Use `scripts/destroy.sh` for teardown on POSIX shells and `.\scripts\destroy.ps1` from PowerShell on Windows. The Windows wrapper selects Git for Windows Bash for the Bash state machine, sets Windows-compatible local path mode, and converts explicit Windows state paths before invoking `scripts/destroy.sh`. Destroy first checks `direxio-connect daemon status --service-name <service_id>` and stops plus uninstalls only that named daemon when the reported `WorkDir` matches the current service directory, `~/.direxio/nodes/<service_id>/cc-connect`. After AWS resources are terminated and released, destroy reads AWS back and records `destroy.evidence` before removing the corresponding local service directory under `~/.direxio/nodes/<service_id>`. This prevents stale state, credentials, bridge files, and stale local service registrations from blocking or misleading the next deployment while still preserving a reportable AWS cleanup audit trail. It leaves unrelated node credential directories intact.
|
|
639
656
|
|
|
657
|
+
Before running destroy, warn the user that this is not merely "turning off the
|
|
658
|
+
server." Destroy removes the recorded cloud node and its application data. The
|
|
659
|
+
current app account, friends, channels, messages, Agent room/session, and login
|
|
660
|
+
state will no longer be usable. If the user later deploys again, even with the
|
|
661
|
+
same domain, treat it as a new Direxio node that needs a fresh app
|
|
662
|
+
initialization code, new account setup, new friends, and new channels.
|
|
663
|
+
|
|
664
|
+
For ordinary users, distinguish the available destructive levels before asking
|
|
665
|
+
for confirmation:
|
|
666
|
+
|
|
667
|
+
- Update deployment: keep accounts, friends, channels, messages, DNS, TLS, and
|
|
668
|
+
cloud resources; only refresh the service image and local credentials.
|
|
669
|
+
- Reset app data: keep EC2, public IP, DNS, and TLS storage, but delete app
|
|
670
|
+
accounts, friends, channels, messages, and Agent room state.
|
|
671
|
+
- Destroy resources: delete the recorded EC2/EBS/EIP/security group/key pair,
|
|
672
|
+
remove the deployer-managed DNS A record, stop the local bridge, and make the
|
|
673
|
+
current app data unavailable.
|
|
674
|
+
|
|
675
|
+
Require an explicit destructive confirmation before destroy when the user has
|
|
676
|
+
not already clearly confirmed this data loss. A suitable confirmation is:
|
|
677
|
+
|
|
678
|
+
```text
|
|
679
|
+
I confirm destroying this Direxio node and understand the current account,
|
|
680
|
+
friends, channels, messages, and Agent conversation will be lost; redeploying
|
|
681
|
+
later will create a new node/account.
|
|
682
|
+
```
|
|
683
|
+
|
|
640
684
|
Destroy uses the same AWS identity boundary as deployment: root AWS access-key
|
|
641
685
|
identity is allowed when the operator explicitly chose root credentials. Prefer
|
|
642
686
|
using the same temporary `DirexioDeployer` IAM user/profile for teardown when
|
|
643
687
|
that was used for provisioning.
|
|
644
688
|
|
|
645
|
-
If an operator needs to preserve local state files for debugging, run destroy with `
|
|
689
|
+
If an operator needs to preserve local state files for debugging, run destroy with `DIREXIO_KEEP_WORKDIR=1` and explicitly report that the stale service directory remains.
|
|
646
690
|
|
|
647
691
|
### Full reset / "treat me as a brand new user"
|
|
648
692
|
|
|
@@ -657,15 +701,15 @@ When the user asks for a complete fresh start — "destroy everything", "start o
|
|
|
657
701
|
|
|
658
702
|
## Image Refresh And Data Reset
|
|
659
703
|
|
|
660
|
-
When the user only asks to pull a newer image on an existing EC2 instance, do not destroy cloud resources and do not delete application or TLS storage. Run `scripts/update.sh` against the current state. It SSHes to the existing node, optionally updates `MESSAGE_SERVER_IMAGE`, runs Docker Compose pull/up, reruns `/opt/p2p/init-tokens.sh
|
|
704
|
+
When the user only asks to pull a newer image on an existing EC2 instance, do not destroy cloud resources and do not delete application or TLS storage. Run `scripts/update.sh` against the current state. It SSHes to the existing node, optionally updates `MESSAGE_SERVER_IMAGE`, runs Docker Compose pull/up, reruns `/opt/p2p/init-tokens.sh` only when current bootstrap credentials are missing, leaves local credentials, user-confirmation/runtime-check evidence, cc-connect daemon state, MCP artifacts, and S4-S7 phase state unchanged, and writes a redacted `operation-report.json`.
|
|
661
705
|
|
|
662
|
-
When the user asks to reset application data on an existing EC2 instance, do not destroy EC2, public IPv4/EIP, DNS, or Caddy TLS storage. Run `scripts/reset-app-data.sh` only after explicit destructive confirmation with `DIREXIO_RESET_APP_DATA_CONFIRM=1`. It clears only the application volumes (`postgres-data`, `message-config`, `message-data`), generates a new backend password/init-code field, restarts the stack, reruns `/opt/p2p/init-tokens.sh`, clears stale local secret fields, clears old user-confirmation/runtime-check evidence, marks `agent_install_status=refresh_pending`, stops only the matching service-scoped direxio-connect daemon when its `WorkDir` matches this service, marks S4-S7 pending, and writes a redacted `operation-report.json`.
|
|
706
|
+
When the user asks to reset application data on an existing EC2 instance, do not destroy EC2, public IPv4/EIP, DNS, or Caddy TLS storage. Run `scripts/reset-app-data.sh` only after explicit destructive confirmation with `DIREXIO_RESET_APP_DATA_CONFIRM=1`. It clears only the application volumes (`postgres-data`, `message-config`, `message-data`), generates a new backend password/init-code field, restarts the stack, reruns `/opt/p2p/init-tokens.sh`, clears stale local secret fields, clears old user-confirmation/runtime-check evidence, marks `agent_install_status=refresh_pending` and `mcp_install_status=refresh_pending`, stops only the matching service-scoped direxio-connect daemon when its `WorkDir` matches this service, marks S4-S7 pending, and writes a redacted `operation-report.json`. The follow-up orchestrate run regenerates local credentials/MCP artifacts and, by default, reinstalls/restarts cc-connect plus direxio-mcp.
|
|
663
707
|
|
|
664
708
|
Current message-server images require `P2P_PORTAL_PASSWORD` and an explicit `portal.bootstrap`; `init-tokens.sh` owns that cloud-side bootstrap and creates a real Matrix `agent_room_id` when the backend credentials file does not already include one.
|
|
665
709
|
|
|
666
710
|
Do not delete caddy-data or caddy-config during an image-only refresh. Removing Caddy's ACME storage loses the existing production certificate and can trigger CA duplicate-certificate rate limits. Preserve `caddy-data` and `caddy-config`; clear only `postgres-data message-config message-data` when the requested reset needs a clean homeserver/database.
|
|
667
711
|
|
|
668
|
-
For repeated
|
|
712
|
+
For repeated data-reset refreshes, rerun `scripts/orchestrate.sh` normally after reset. S4-S7 will re-run from state, and S6 regenerates local credentials/MCP artifacts and automatically installs/restarts local packages unless `DIREXIO_AGENT_INSTALL=recommend` or `skip` is explicitly set. Image-only update does not require an orchestrate follow-up unless verification shows the service actually regenerated credentials.
|
|
669
713
|
|
|
670
714
|
## Minimal Invocation
|
|
671
715
|
|
|
@@ -679,7 +723,7 @@ MESSAGE_SERVER_IMAGE=direxio/message-server:latest \
|
|
|
679
723
|
bash scripts/orchestrate.sh
|
|
680
724
|
```
|
|
681
725
|
|
|
682
|
-
Use an `AWS_PROFILE` or temporary `AWS_ACCESS_KEY_ID` / `AWS_SECRET_ACCESS_KEY` for the selected AWS identity. Root access keys are allowed when the operator explicitly chooses them;
|
|
726
|
+
Use an `AWS_PROFILE` or temporary `AWS_ACCESS_KEY_ID` / `AWS_SECRET_ACCESS_KEY` for the selected AWS identity. Root access keys are allowed when the operator explicitly chooses them; they are the fastest first-deploy path but highly privileged and must be saved securely, never pasted, and rotated or deleted after deployment. A temporary `DirexioDeployer` IAM user is the safer path but takes more setup steps. Do not write AWS secrets, initialization codes, or agent tokens into skill files or the repository.
|
|
683
727
|
|
|
684
728
|
On Windows, prefer `.\scripts\orchestrate.ps1` and `.\scripts\destroy.ps1` from PowerShell. These wrappers select Git for Windows Bash for the Bash phases and write Windows-compatible local `direxio-connect` paths.
|
|
685
729
|
|
|
@@ -739,7 +783,7 @@ security : delete or disable any temporary DirexioDeployer access key after
|
|
|
739
783
|
report : <operation-report.json path>
|
|
740
784
|
```
|
|
741
785
|
|
|
742
|
-
Mention that AWS resources keep billing until destroyed. User-managed DNS and purchased domains are not removed by destroy. After destroy, report which `~/.direxio/nodes/<service_id>` service directory was removed or, if `
|
|
786
|
+
Mention that AWS resources keep billing until destroyed. User-managed DNS and purchased domains are not removed by destroy. After destroy, report which `~/.direxio/nodes/<service_id>` service directory was removed or, if `DIREXIO_KEEP_WORKDIR=1` was used, which local directory remains.
|
|
743
787
|
|
|
744
788
|
If `DIREXIO_AGENT_INSTALL=auto` was not used, or if it recorded `install_failed`, give the manual command:
|
|
745
789
|
|
package/agents/README.md
CHANGED
|
@@ -10,12 +10,12 @@ When an agent runtime supports skill metadata, point it at `SKILL.md` and use `s
|
|
|
10
10
|
|
|
11
11
|
Recognition keywords:
|
|
12
12
|
|
|
13
|
-
- deploy
|
|
14
|
-
- resume
|
|
15
|
-
- verify
|
|
16
|
-
- destroy
|
|
13
|
+
- deploy Direxio
|
|
14
|
+
- resume Direxio deployment
|
|
15
|
+
- verify Direxio message server
|
|
16
|
+
- destroy Direxio AWS resources
|
|
17
17
|
- wire Direxio MCP/plugin
|
|
18
|
-
- refresh
|
|
18
|
+
- refresh Direxio agent token
|
|
19
19
|
|
|
20
20
|
Required capabilities:
|
|
21
21
|
|
package/agents/openai.yaml
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
display_name: Direxio Deployer
|
|
2
|
-
short_description: Deploy, resume, verify, destroy, and wire Direxio MCP/plugin access for a production
|
|
3
|
-
default_prompt: Deploy a
|
|
2
|
+
short_description: Deploy, resume, verify, destroy, and wire Direxio MCP/plugin access for a production Direxio message server on AWS.
|
|
3
|
+
default_prompt: Deploy a Direxio message server using my production domain, following SKILL.md and scripts/orchestrate.sh.
|
|
4
4
|
entrypoint: ../SKILL.md
|
|
5
5
|
runtime_notes:
|
|
6
6
|
- Read SKILL.md before running deployment commands.
|
|
7
7
|
- When installing or updating this skill itself, read references/agent-targets.md and use the runtime-specific project-local Git clone path before any global fallback.
|
|
8
8
|
- Use scripts/orchestrate.sh from the repository root.
|
|
9
9
|
- Use scripts/destroy.sh for teardown.
|
|
10
|
-
- S6 writes DIREXIO_DOMAIN, DIREXIO_AGENT_TOKEN, and DIREXIO_AGENT_ROOM_ID, then records runtime-specific skill and MCP/config targets for direxio-mcp and
|
|
10
|
+
- S6 writes DIREXIO_DOMAIN, DIREXIO_AGENT_TOKEN, and DIREXIO_AGENT_ROOM_ID, then records runtime-specific skill and MCP/config targets for direxio-mcp and Direxio agent plugins.
|
|
11
11
|
- Ask before mutating the current agent runtime's plugin or MCP configuration.
|
|
12
12
|
- The instructions are compatible with Claude, Codex/OpenAI, Gemini, Cursor, Copilot, OpenClaw, Hermes, and other shell-capable agent runtimes.
|
package/package.json
CHANGED
|
@@ -127,7 +127,7 @@ Use `mcp/codex.toml` for Codex and `mcp/hermes.mcp.json` for Hermes. For OpenCla
|
|
|
127
127
|
|
|
128
128
|
- `DIREXIO_AGENT_INSTALL=skip`: write credentials/env and cc-connect config only.
|
|
129
129
|
- `DIREXIO_AGENT_INSTALL=recommend`: write files, record state, and print the install command.
|
|
130
|
-
- `DIREXIO_AGENT_INSTALL=auto
|
|
130
|
+
- `DIREXIO_AGENT_INSTALL=auto` (default): run `npm install -g direxio-connent@latest`, `direxio-connect daemon install --config ~/.direxio/nodes/<service_id>/cc-connect/config.toml --service-name <service_id> --force`, and `npm install -g direxio-mcp@latest`. S6 records cc-connect as installed only after `direxio-connect daemon status --service-name <service_id>` reports `Status: Running` and recent daemon logs do not show ACP session initialization failure; otherwise it records `agent_install_status=install_failed`. MCP records `mcp_install_status=installed` only when npm succeeds.
|
|
131
131
|
|
|
132
132
|
Prefer `DIREXIO_CC_CONNECT_AGENT=<agent>` to choose the local agent that `direxio-connect` should run. Keep `DIREXIO_AGENT_PLATFORM=<runtime>` for auto-detection overrides and legacy host-runtime naming. Use `DIREXIO_AGENT_INSTALL_MODE=cc-connect` only when overriding the default `recommended` mapping explicitly.
|
|
133
133
|
Use `DIREXIO_CC_CONNECT_AGENT_OPTIONS_TOML` for agent-specific options that cannot be represented by `work_dir` or `cmd`; for example `reasonix` requires `serve_url`, `tmux` requires `session`, and generic `acp` requires a command when `DIREXIO_CC_CONNECT_AGENT_CMD` is not enough.
|
|
@@ -17,7 +17,7 @@ coturn -> TURN 3478 + 49160-49200/udp
|
|
|
17
17
|
```
|
|
18
18
|
|
|
19
19
|
- **message-server**: `direxio/message-server:latest`,同时承载 Matrix homeserver 和 `/_p2p/query`/`/_p2p/command`。
|
|
20
|
-
- **PostgreSQL 18**: Matrix 与
|
|
20
|
+
- **PostgreSQL 18**: Matrix 与 Direxio 业务表共库持久化,compose 使用 `/var/lib/postgresql`。
|
|
21
21
|
- **Caddy**: 唯一 HTTP/TLS 入口,自动签发 Let's Encrypt。
|
|
22
22
|
- **coturn**: WebRTC TURN relay,Direxio message-server 通过 shared-secret 动态签发 TURN 凭证。
|
|
23
23
|
|
|
@@ -25,17 +25,17 @@ coturn -> TURN 3478 + 49160-49200/udp
|
|
|
25
25
|
|
|
26
26
|
1. `postgres` healthy。
|
|
27
27
|
2. `message-init` 生成 `/etc/direxio-message-server/message-server.yaml` 和 signing key,并写入 TURN 配置。
|
|
28
|
-
3. `message-server` 启动,加载 Matrix +
|
|
28
|
+
3. `message-server` 启动,加载 Matrix + Direxio 业务,读取 `P2P_PORTAL_PASSWORD` 和 `P2P_PORTAL_CREDENTIALS_FILE`。
|
|
29
29
|
4. `init-tokens.sh` 调用 `portal.bootstrap`,从容器复制凭据到宿主 `/opt/p2p/bootstrap.json`。如果最新服务端没有写入 `agent_room_id`,脚本会通过 Matrix Client API 创建真实 agent room、邀请并加入 `@agent:<server>`,再把 `agent_room_id` 回写到宿主和容器凭据文件。
|
|
30
30
|
5. `init-tokens.sh` 生成 `/opt/p2p/wellknown/owner.json`。
|
|
31
|
-
6. `caddy` 对外服务 Matrix、
|
|
31
|
+
6. `caddy` 对外服务 Matrix、Direxio API 和 well-known。
|
|
32
32
|
|
|
33
33
|
## 凭据模型
|
|
34
34
|
|
|
35
35
|
`/opt/p2p/bootstrap.json` 会包含:
|
|
36
36
|
|
|
37
37
|
- `password`: 后端字段名;对用户展示时是八位 App 初始化码。
|
|
38
|
-
- `access_token`: 当前用户的统一 bearer token,可用于 Matrix `/_matrix/client/*` 和需要用户身份的
|
|
38
|
+
- `access_token`: 当前用户的统一 bearer token,可用于 Matrix `/_matrix/client/*` 和需要用户身份的 Direxio 调用。
|
|
39
39
|
- `agent_token`: 本地服务凭据中的 agent bearer token;`direxio-connect` 对话桥接使用 S6 创建的 `@agent:<server>` Matrix session。
|
|
40
40
|
- `agent_room_id`: 真实 Matrix 房间 ID。部署脚本拒绝旧式 `!agent:<domain>` 伪房间。
|
|
41
41
|
|
|
@@ -3,12 +3,12 @@
|
|
|
3
3
|
部署链路上所有真实踩过的坑。**已全部修进 `scripts/` 下的部署文件**,新部署不会再撞;
|
|
4
4
|
列在这里是为了:① 理解每个设计决策的来由;② 若有人改坏了哪处,能快速定位回退点。
|
|
5
5
|
|
|
6
|
-
##
|
|
6
|
+
## Legacy pre-Direxio message-server 仓库
|
|
7
7
|
|
|
8
8
|
### AS PR #4 — 镜像多架构
|
|
9
9
|
- **症状**:ARM 架构 EC2(t4g 系列)`docker pull` 后 `exec format error`。
|
|
10
10
|
- **根因**:镜像只 build 了 amd64。
|
|
11
|
-
- **修复**:CI 用 buildx 出 `amd64+arm64`
|
|
11
|
+
- **修复**:CI 用 buildx 出 `amd64+arm64` 多架构镜像。legacy pre-Direxio AS 镜像已是多架构。
|
|
12
12
|
|
|
13
13
|
### AS PR #5 — 容器化体验
|
|
14
14
|
- **卷权限**:命名卷默认 root:700,AS 降权到 asd(UID 10001)后打不开 sqlite → `SQLITE_CANTOPEN`。
|
|
@@ -15,7 +15,7 @@ S5_INIT_TOKENS failed: read bootstrap.json timed out
|
|
|
15
15
|
|
|
16
16
|
Cause:
|
|
17
17
|
|
|
18
|
-
Current
|
|
18
|
+
Current Direxio message-server builds initialize on service startup and write
|
|
19
19
|
`/opt/p2p/bootstrap.json` with the login `password`, `agent_token`, and owner
|
|
20
20
|
metadata. Calling the old bootstrap HTTP endpoint or scraping logs is no longer
|
|
21
21
|
part of the deploy path.
|
|
@@ -80,7 +80,7 @@ Fix now in ops:
|
|
|
80
80
|
the local `timeout` command is available.
|
|
81
81
|
- If a deployment was interrupted, inspect `scripts/orchestrate.sh status`,
|
|
82
82
|
stop only leftover local `orchestrate.sh`/`curl`/`ssh` children for that run,
|
|
83
|
-
and resume with `
|
|
83
|
+
and resume with `DIREXIO_EXISTING_STATE_ACTION=continue`.
|
|
84
84
|
- If SSH to the instance is blocked but AWS access still works, attach a
|
|
85
85
|
temporary SSM role and use SSM Run Command to read `/opt/p2p/bootstrap.json`
|
|
86
86
|
without printing secrets. Remove or audit the temporary role after recovery.
|
|
@@ -94,7 +94,7 @@ resolves correctly. This avoids Caddy and Let's Encrypt racing DNS propagation.
|
|
|
94
94
|
When rerunning after a resource was created, set:
|
|
95
95
|
|
|
96
96
|
```bash
|
|
97
|
-
|
|
97
|
+
DIREXIO_EXISTING_STATE_ACTION=continue
|
|
98
98
|
```
|
|
99
99
|
|
|
100
100
|
This is deliberate. It prevents accidental duplicate EC2/EIP creation or unsafe
|
|
@@ -102,10 +102,11 @@ reuse of an old deployment state.
|
|
|
102
102
|
|
|
103
103
|
## Credential Safety
|
|
104
104
|
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
105
|
+
Offer two credential paths for first-time deployment. Root access keys are the
|
|
106
|
+
fastest path but are highly privileged; report that the identity is root,
|
|
107
|
+
remind the operator to save the CSV securely, and rotate or remove the key when
|
|
108
|
+
it is no longer needed. A temporary `DirexioDeployer` IAM user or dedicated IAM
|
|
109
|
+
role is safer but requires more AWS console steps.
|
|
109
110
|
|
|
110
111
|
Do not store AWS AK/SK in skill files, docs, or committed repo files. Treat
|
|
111
112
|
`state.json`, `outputs.json`, and `~/.direxio/nodes/<service_id>/credentials.json` as local
|
|
@@ -135,7 +136,7 @@ Fix procedure:
|
|
|
135
136
|
2. Delegate those NS servers at the current registrar, or use the provider API
|
|
136
137
|
if credentials are available.
|
|
137
138
|
3. Wait for authoritative NS and A-record propagation.
|
|
138
|
-
4. Re-run `scripts/orchestrate.sh` with `
|
|
139
|
+
4. Re-run `scripts/orchestrate.sh` with `DIREXIO_EXISTING_STATE_ACTION=continue`.
|
|
139
140
|
|
|
140
141
|
DNS propagation of new NS records can take minutes to hours. After the user
|
|
141
142
|
confirms the change, verify with `nslookup -type=NS <DOMAIN>` or
|
|
@@ -185,7 +186,7 @@ Workaround (use when the health check is the only blocker and the rate limit is
|
|
|
185
186
|
|
|
186
187
|
4. Resume orchestrate.sh with:
|
|
187
188
|
```bash
|
|
188
|
-
|
|
189
|
+
DIREXIO_EXISTING_STATE_ACTION=continue bash scripts/orchestrate.sh
|
|
189
190
|
```
|
|
190
191
|
|
|
191
192
|
5. **After deployment completes**, restore the original Caddyfile (remove `tls internal`) and restart Caddy. Caddy will retry the production Let's Encrypt cert when the rate limit resets. The self-signed cert is a temporary bridge; HTTPS will show a browser warning until the production cert is obtained.
|
|
@@ -30,9 +30,10 @@ Current best plan is the stricter plan now encoded in this branch:
|
|
|
30
30
|
whether to send a real message in the Agent chat box.
|
|
31
31
|
6. Keep update/reset/destroy as separate operations with separate receipts;
|
|
32
32
|
update/reset are now first-class scripts, not runbook-only manual actions.
|
|
33
|
-
7. Treat
|
|
34
|
-
old credentials, user confirmations, runtime checks,
|
|
35
|
-
proof, so the next action is to rerun S4-S7 and
|
|
33
|
+
7. Treat reset/redeploy follow-up as a Local refresh state: reset/redeploy
|
|
34
|
+
clears old credentials, user confirmations, runtime checks, bridge install
|
|
35
|
+
proof, and MCP install proof, so the next action is to rerun S4-S7 and
|
|
36
|
+
runtime checks. Image-only update keeps local state intact.
|
|
36
37
|
8. Keep Lightsail out of the current user-facing path. Lightsail remains
|
|
37
38
|
deferred until it has an independent resource model, pricing, state,
|
|
38
39
|
destroy, and test matrix.
|
|
@@ -132,14 +133,17 @@ Status: Deployer-side implemented.
|
|
|
132
133
|
|
|
133
134
|
Current evidence:
|
|
134
135
|
- `scripts/aws-credentials.sh import-csv|verify` imports local CSV credentials,
|
|
135
|
-
tightens file permissions,
|
|
136
|
-
|
|
136
|
+
tightens file permissions, allows root identity only with explicit operator
|
|
137
|
+
choice, and redacts identity output.
|
|
138
|
+
- `SKILL.md` documents both the fast root access-key path with security
|
|
139
|
+
warnings and the safer temporary `DirexioDeployer` IAM user path with
|
|
137
140
|
temporary `AdministratorAccess`, then cleanup.
|
|
138
141
|
- Reports and tests assert secrets are redacted and not written to reports.
|
|
139
142
|
|
|
140
143
|
Difference from the checklist:
|
|
141
|
-
- The current branch chooses the practical MVP path:
|
|
142
|
-
|
|
144
|
+
- The current branch chooses the practical MVP path: let the operator choose
|
|
145
|
+
fast root credentials or a safer temporary IAM admin user, with cleanup
|
|
146
|
+
guidance after deployment.
|
|
143
147
|
|
|
144
148
|
Remaining evidence:
|
|
145
149
|
- Long-term least-privilege IAM generation is still a future hardening task.
|
|
@@ -226,11 +230,11 @@ Current evidence:
|
|
|
226
230
|
- S5 refreshes bootstrap credentials from the server.
|
|
227
231
|
- S6 rewrites service-scoped `credentials.json`, `env`, cc-connect config, and
|
|
228
232
|
MCP snippets.
|
|
229
|
-
-
|
|
230
|
-
-
|
|
233
|
+
- Reset/redeploy mark S4-S7 pending and report refresh-pending status.
|
|
234
|
+
- Reset/redeploy stops only the matching service-scoped direxio-connect daemon
|
|
231
235
|
when its `WorkDir` matches the current service, so stale local bridge
|
|
232
236
|
processes do not keep using old credentials.
|
|
233
|
-
- `status` reports Local refresh when
|
|
237
|
+
- `status` reports Local refresh when reset/redeploy cleared old credentials, user confirmations, runtime checks, bridge install proof, and MCP install proof.
|
|
234
238
|
- Runtime checks fail closed when a stale service directory or wrong WorkDir is
|
|
235
239
|
detected.
|
|
236
240
|
|