loopat 0.1.13 → 0.1.15

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "loopat",
-  "version": "0.1.13",
+  "version": "0.1.15",
   "description": "Self-hosted AI workspace built around context management — works solo, scales to teams",
   "license": "Apache-2.0",
   "homepage": "https://github.com/simpx/loopat",

package/server/src/bootstrap.ts

@@ -7,7 +7,7 @@ import { existsSync } from "node:fs"
 import { execFileSync } from "node:child_process"
 import { join } from "node:path"
 import { resolveClaudeBinary } from "./claude-binary"
-import { configPath, type WorkspaceConfig } from "./config"
+import { configPath, loadKnowledgeConfig, type WorkspaceConfig, type KnowledgeConfig } from "./config"
 import {
   WORKSPACE,
   usersPath,
@@ -104,8 +104,8 @@ function describeRemote(dir: string, url: string | undefined): string {
   return "local-only (no remote)"
 }
 
-function describeRepos(cfg: WorkspaceConfig): Check {
-  const specs = cfg.repos ?? []
+function describeRepos(kcfg: KnowledgeConfig): Check {
+  const specs = kcfg.repos ?? []
   if (specs.length === 0) return { ok: true, label: `repos:     (none configured)` }
   // Repos are clone-on-demand (cloned only when a loop selects one), so a repo
   // that isn't cloned yet is NORMAL, not a failure. Report cloned vs on-demand;
@@ -132,12 +132,14 @@ async function checkUsers(): Promise<Check> {
 }
 
 export async function printBootstrapBanner(cfg: WorkspaceConfig) {
+  // notes + repos are declared inside the knowledge repo's .loopat/config.json.
+  const kcfg = await loadKnowledgeConfig()
   const checks: Check[] = [
     { ok: true, label: `workspace: ${workspaceDir()}` },
     { ok: true, label: `team .claude/CLAUDE.md (${existsSync(workspaceTeamClaudeMdPath()) ? "present" : "absent"})` },
     { ok: existsSync(workspaceKnowledgeDir()), label: `knowledge: ${describeRemote(workspaceKnowledgeDir(), cfg.knowledge?.git || undefined)}` },
-    { ok: existsSync(workspaceNotesDir()), label: `notes:     ${describeRemote(workspaceNotesDir(), cfg.notes?.git || undefined)}` },
-    describeRepos(cfg),
+    { ok: existsSync(workspaceNotesDir()), label: `notes:     ${describeRemote(workspaceNotesDir(), kcfg.notes?.git || undefined)}` },
+    describeRepos(kcfg),
     await checkUsers(),
     { ok: existsSync(configPath()), label: `config: ${configPath()}` },
     checkPodman(),

package/server/src/config.ts

@@ -9,6 +9,8 @@ import {
   personalVaultEnvPath,
   personalVaultEnvsDir,
   workspaceDir,
+  workspaceLoopatRoot,
+  personalKnowledgeLoopatRoot,
   personalSettingsPath,
 } from "./paths"
 import { DEFAULT_VAULT, loadVaultEnvs } from "./vaults"
@@ -109,6 +111,55 @@ export type RepoSpec = {
   git: string
 }
 
+/**
+ * Config living INSIDE the knowledge repo at <knowledge>/.loopat/config.json.
+ * The knowledge repo is the SoT for the team's notes remote + the repo roster;
+ * workspace/personal config only hold the `knowledge` entry pointer. To read
+ * it the knowledge repo must already be cloned (its url comes from
+ * personal/workspace config), so this is loaded AFTER the knowledge clone.
+ */
+export type KnowledgeConfig = {
+  notes?: RemoteSpec
+  repos?: RepoSpec[]
+}
+
+const KNOWLEDGE_CONFIG_TEMPLATE: KnowledgeConfig = { notes: { git: "" }, repos: [] }
+
+/** The .loopat root holding the knowledge config. With a user → that user's
+ *  per-user knowledge repo; without → the workspace-default knowledge repo
+ *  (used only for the bootstrap banner, never to drive a loop). */
+function knowledgeLoopatRoot(user?: string): string {
+  return user ? personalKnowledgeLoopatRoot(user) : workspaceLoopatRoot()
+}
+
+/** Read the knowledge repo's .loopat/config.json. Missing/malformed → empty.
+ *  Pass `user` for the per-user knowledge repo (what a loop uses); omit for the
+ *  workspace-default (bootstrap display only). */
+export async function loadKnowledgeConfig(user?: string): Promise<KnowledgeConfig> {
+  const path = join(knowledgeLoopatRoot(user), "config.json")
+  if (!existsSync(path)) return JSON.parse(JSON.stringify(KNOWLEDGE_CONFIG_TEMPLATE))
+  try {
+    const disk = JSON.parse(await readFile(path, "utf8")) as KnowledgeConfig
+    return { notes: disk.notes, repos: Array.isArray(disk.repos) ? disk.repos : [] }
+  } catch (e: any) {
+    console.warn(`[loopat] knowledge config: ${path} malformed (${e?.message ?? e}), treating as empty`)
+    return JSON.parse(JSON.stringify(KNOWLEDGE_CONFIG_TEMPLATE))
+  }
+}
+
+/** Merge-write a knowledge repo's .loopat/config.json. Caller is responsible
+ *  for committing/promoting the change (knowledge is gated). */
+export async function saveKnowledgeConfig(user: string | undefined, patch: KnowledgeConfig): Promise<void> {
+  const cur = await loadKnowledgeConfig(user)
+  const next: KnowledgeConfig = {
+    notes: patch.notes !== undefined ? patch.notes : cur.notes,
+    repos: patch.repos !== undefined ? patch.repos : cur.repos,
+  }
+  const dir = knowledgeLoopatRoot(user)
+  await mkdir(dir, { recursive: true })
+  await writeFile(join(dir, "config.json"), JSON.stringify(next, null, 2) + "\n")
+}
+
 /** Operator-side mount (workspace config). src is always a literal host path.
  *  Operator owns the host, so any path under `~/...`, `$HOME/...`, or `/...`
  *  is allowed (modulo `..` traversal). Used for cross-user shared caches
@@ -128,9 +179,11 @@ export type OperatorMount = {
  * personal/<user>/.loopat/config.json — see PersonalConfig.
  */
 export type WorkspaceConfig = {
+  /** Workspace-default entry pointer to the knowledge repo. The notes remote
+   *  and the repo roster now live INSIDE the knowledge repo's
+   *  .loopat/config.json (KnowledgeConfig) — see loadKnowledgeConfig. A
+   *  per-user override lives in personal config. */
   knowledge?: RemoteSpec
-  notes?: RemoteSpec
-  repos?: RepoSpec[]
   providers?: Record<string, ProviderConfig>
   default?: string
   /** Platform-level git host for personal onboarding. `provider` is a
@@ -192,11 +245,10 @@ export type WorkspaceConfig = {
 export type PersonalConfigDisk = {
   /** Mixed: "default" key is a string, all other keys are providers. */
   providers: Record<string, ProviderConfigDisk | string>
-  /** Authoritative kn/notes remotes — the personal repo is self-describing.
-   *  host config.json's knowledge/notes are a display mirror; these are what a
-   *  loop actually connects to (with the user's vault key). */
+  /** Per-user entry pointer to the knowledge repo (authoritative over the
+   *  workspace default). The notes remote + repo roster live inside the
+   *  knowledge repo's own .loopat/config.json, not here. */
   knowledge?: RemoteSpec
-  notes?: RemoteSpec
 }
 
 export type PersonalConfig = {
@@ -209,9 +261,9 @@ export type PersonalConfig = {
    * in mcpServers works, and (b) substitute `${VAR}` in provider.apiKey.
    */
   vaultEnvs: Record<string, string>
-  /** Authoritative kn/notes remotes (self-describing personal repo). */
+  /** Per-user entry pointer to the knowledge repo (notes/repos live in the
+   *  knowledge repo's own .loopat/config.json). */
   knowledge?: RemoteSpec
-  notes?: RemoteSpec
 }
 
 /**
@@ -252,10 +304,6 @@ function buildPresetProviders(): Record<string, ProviderConfig> {
 
 const WORKSPACE_TEMPLATE: WorkspaceConfig = {
   knowledge: { git: "" },
-  notes: { git: "" },
-  repos: [
-    { name: "loopat", git: "git@github.com:simpx/loopat.git" },
-  ],
   providers: buildPresetProviders(),
 }
 
@@ -430,7 +478,6 @@ export async function loadPersonalConfig(
     providers,
     vaultEnvs,
     ...(disk.knowledge ? { knowledge: disk.knowledge } : {}),
-    ...(disk.notes ? { notes: disk.notes } : {}),
   }
   personalCache.set(cacheKey, { cfg, configMtimeMs, envsDirMtimeMs })
   return cfg
@@ -747,8 +794,6 @@ export async function saveWorkspaceConfig(cfg: Partial<WorkspaceConfig>): Promis
   }
   if (cfg.default !== undefined) merged.default = cfg.default
   if (cfg.knowledge !== undefined) merged.knowledge = cfg.knowledge
-  if (cfg.notes !== undefined) merged.notes = cfg.notes
-  if (cfg.repos !== undefined) merged.repos = cfg.repos
   if (cfg.serveDomain !== undefined) merged.serveDomain = cfg.serveDomain
   if (cfg.serveWithPort !== undefined) merged.serveWithPort = cfg.serveWithPort
   if (cfg.serveHttps !== undefined) merged.serveHttps = cfg.serveHttps

package/server/src/index.ts

@@ -49,6 +49,10 @@ import {
   workspaceNotesDir,
   workspaceRepoDir,
   workspaceReposDir,
+  personalKnowledgeDir,
+  personalNotesDir,
+  personalRepoDir,
+  personalReposDir,
   loopsDir,
 } from "./paths"
 import { loadConfig, loadPersonalConfig, savePersonalConfig, saveWorkspaceConfig, loadTokenUsage, getActiveProvider, readPersonalDiskRaw, savePersonalDisk, describeApiKeyRef, writeVaultEnv, deleteVaultEnv, type ProviderConfig, type ModelEntry } from "./config"
@@ -1373,45 +1377,50 @@ app.post("/api/personal/push", requireAuth, async (c) => {
 // All ff-only. Any authenticated user may sync. Push to repos/<name> is
 // not supported — code flows through PRs upstream, never from primary.
 
-function syncDirFor(resource: string, name?: string): string | null {
-  if (resource === "knowledge") return workspaceKnowledgeDir()
-  if (resource === "notes") return workspaceNotesDir()
+function syncDirFor(user: string, resource: string, name?: string): string | null {
+  if (resource === "knowledge") return personalKnowledgeDir(user)
+  if (resource === "notes") return personalNotesDir(user)
   if (resource === "repos" && name) {
-    const dir = workspaceRepoDir(name)
+    const dir = personalRepoDir(user, name)
     return existsSync(dir) ? dir : null
   }
   return null
 }
 
-app.get("/api/sync/knowledge/status", requireAuth, async (c) => c.json(await inspectRepoSync(workspaceKnowledgeDir(), c.get("userId") as string)))
+app.get("/api/sync/knowledge/status", requireAuth, async (c) => { const u = c.get("userId") as string; return c.json(await inspectRepoSync(personalKnowledgeDir(u), u)) })
 app.post("/api/sync/knowledge/pull", requireAuth, async (c) => {
-  const r = await pullRepoFromRemote(workspaceKnowledgeDir(), c.get("userId") as string)
+  const u = c.get("userId") as string
+  const r = await pullRepoFromRemote(personalKnowledgeDir(u), u)
   return r.ok ? c.json(r) : c.json({ error: r.error }, 400)
 })
 app.post("/api/sync/knowledge/push", requireAuth, async (c) => {
-  const r = await pushRepoToRemote(workspaceKnowledgeDir(), c.get("userId") as string)
+  const u = c.get("userId") as string
+  const r = await pushRepoToRemote(personalKnowledgeDir(u), u)
   return r.ok ? c.json(r) : c.json({ error: r.error }, 400)
 })
 
-app.get("/api/sync/notes/status", requireAuth, async (c) => c.json(await inspectRepoSync(workspaceNotesDir(), c.get("userId") as string)))
+app.get("/api/sync/notes/status", requireAuth, async (c) => { const u = c.get("userId") as string; return c.json(await inspectRepoSync(personalNotesDir(u), u)) })
 app.post("/api/sync/notes/pull", requireAuth, async (c) => {
-  const r = await pullRepoFromRemote(workspaceNotesDir(), c.get("userId") as string)
+  const u = c.get("userId") as string
+  const r = await pullRepoFromRemote(personalNotesDir(u), u)
   return r.ok ? c.json(r) : c.json({ error: r.error }, 400)
 })
 app.post("/api/sync/notes/push", requireAuth, async (c) => {
-  const r = await pushRepoToRemote(workspaceNotesDir(), c.get("userId") as string)
+  const u = c.get("userId") as string
+  const r = await pushRepoToRemote(personalNotesDir(u), u)
   return r.ok ? c.json(r) : c.json({ error: r.error }, 400)
 })
 
 app.get("/api/sync/repos", requireAuth, async (c) => {
-  // List repos available for sync (just names of subdirs of workspaceReposDir).
+  // List the user's per-user repos available for sync (subdirs of their repos dir).
+  const u = c.get("userId") as string
   try {
     const { readdir } = await import("node:fs/promises")
-    const entries = await readdir(workspaceReposDir())
+    const entries = await readdir(personalReposDir(u))
     const repos: string[] = []
     for (const e of entries) {
       if (e.startsWith(".")) continue
-      if (existsSync(workspaceRepoDir(e) + "/.git")) repos.push(e)
+      if (existsSync(personalRepoDir(u, e) + "/.git")) repos.push(e)
     }
     return c.json({ repos })
   } catch {
@@ -1419,14 +1428,16 @@ app.get("/api/sync/repos", requireAuth, async (c) => {
   }
 })
 app.get("/api/sync/repos/:name/status", requireAuth, async (c) => {
-  const dir = syncDirFor("repos", c.req.param("name"))
+  const u = c.get("userId") as string
+  const dir = syncDirFor(u, "repos", c.req.param("name"))
   if (!dir) return c.json({ error: "repo not found" }, 404)
-  return c.json(await inspectRepoSync(dir, c.get("userId") as string))
+  return c.json(await inspectRepoSync(dir, u))
 })
 app.post("/api/sync/repos/:name/pull", requireAuth, async (c) => {
-  const dir = syncDirFor("repos", c.req.param("name"))
+  const u = c.get("userId") as string
+  const dir = syncDirFor(u, "repos", c.req.param("name"))
   if (!dir) return c.json({ error: "repo not found" }, 404)
-  const r = await pullRepoFromRemote(dir, c.get("userId") as string)
+  const r = await pullRepoFromRemote(dir, u)
   return r.ok ? c.json(r) : c.json({ error: r.error }, 400)
 })
 
@@ -3103,13 +3114,26 @@ app.get("*", async (c, next) => {
   // Try to serve the exact file
   const file = Bun.file(join(webDist, path === "/" ? "index.html" : path))
   if (await file.exists()) {
+    // Hashed build assets are content-addressed → cache hard. HTML must always
+    // revalidate so a version swap (new chunk names) is picked up immediately.
+    const isAsset = path.startsWith("/assets/")
     return new Response(file, {
-      headers: { "content-type": file.type },
+      headers: {
+        "content-type": file.type,
+        "cache-control": isAsset ? "public, max-age=31536000, immutable" : "no-cache",
+      },
     })
   }
-  // SPA fallback
+  // A missing build asset (a stale chunk after a deploy, e.g. when a browser
+  // still holds an old index.html) must 404 — NOT fall through to index.html,
+  // or the browser loads HTML as a JS module and throws "Failed to fetch
+  // dynamically imported module". Only extensionless paths are real SPA routes.
+  if (path.startsWith("/assets/") || /\.[a-zA-Z0-9]+$/.test(path)) {
+    return c.notFound()
+  }
+  // SPA fallback (real client-side routes) — always revalidate.
   return new Response(Bun.file(indexHtml), {
-    headers: { "content-type": "text/html" },
+    headers: { "content-type": "text/html", "cache-control": "no-cache" },
   })
 })
 

package/server/src/loops.ts

@@ -24,6 +24,10 @@ import {
   workspaceOriginsDir,
   workspaceOriginPath,
   personalDir,
+  personalKnowledgeDir,
+  personalNotesDir,
+  personalReposDir,
+  personalRepoDir,
   personalVaultDir,
   uiNotesDir,
   personalMemoryDir,
@@ -36,7 +40,7 @@ import {
 } from "./paths"
 import type { RepoSpec } from "./config"
 import { existsSync as existsSyncBase } from "node:fs"
-import { loadConfig, loadPersonalConfig } from "./config"
+import { loadConfig, loadPersonalConfig, loadKnowledgeConfig } from "./config"
 import { ensurePersonalKeypair } from "./personal-keys"
 import { composeLoopClaudeConfig, writeLoopSettings } from "./compose"
 import { getProvider } from "./git-host"
@@ -84,6 +88,13 @@ export type LoopMeta = {
   pendingDriverNote?: { from: string; to: string; at: string }
   repo?: string
   branch?: string
+  /**
+   * Context-setup problems captured at loop creation (e.g. the per-user
+   * knowledge/notes clone failed — bad/again-missing key, no access). Surfaced
+   * as a banner in the loop UI so the user isn't left with a silently-empty
+   * context. Empty/absent = context set up cleanly.
+   */
+  contextWarnings?: string[]
   config?: {
     default_model?: string
     default_model_source?: "personal" | "workspace"
@@ -332,31 +343,57 @@ async function ensureContextRepo(dir: string, name: string, url?: string): Promi
  * interactive host-key prompt. Host-side git overrides that config via
  * GIT_SSH_COMMAND (env beats config), so the sandbox path is never used here.
  */
-export async function ensureUserContext(user: string, vault: string = "default"): Promise<void> {
+export async function ensureUserContext(user: string, vault: string = "default"): Promise<string[]> {
+  const errors: string[] = []
   const cfg = await loadPersonalConfig(user, vault)
   const sshEnv = { ...process.env, GIT_SSH_COMMAND: sshCommandForUser(user, vault) }
-  const layers: Array<[string, string | undefined]> = [
-    [workspaceKnowledgeDir(), cfg.knowledge?.git],
-    [workspaceNotesDir(), cfg.notes?.git],
-  ]
-  for (const [dir, url] of layers) {
-    if (!url) continue // personal didn't declare one → keep the host/local origin
-    if (!existsSyncBase(join(dir, ".git"))) continue // not initialized yet (startup hasn't run)
-    const has = await execFileP("git", ["-C", dir, "remote", "get-url", "origin"]).then(() => true).catch(() => false)
-    await execFileP("git", ["-C", dir, "remote", has ? "set-url" : "add", "origin", url]).catch(() => {})
-    // Sandbox-side promote: persist core.sshCommand pointing at the vault key's
-    // SANDBOX path (/loopat/home/<user>/.ssh/id, where the vault home-mount
-    // lands) with accept-new, so the AI's `git push` inside the sandbox
-    // authenticates as the user without an interactive host-key prompt. Host-
-    // side ops override this with GIT_SSH_COMMAND (env beats config), so the
-    // sandbox path is never used server-side.
-    const sandboxKey = `/loopat/home/${user}/.ssh/id`
+  // Sandbox-side promote: core.sshCommand points at the vault key's SANDBOX path
+  // (/loopat/home/<user>/.ssh/id, where the vault home-mount lands) with
+  // accept-new, so the AI's `git push` inside the sandbox authenticates as the
+  // user without an interactive host-key prompt. Host-side ops override this
+  // with GIT_SSH_COMMAND (env beats config), so the sandbox path is never used
+  // server-side.
+  const sandboxKey = `/loopat/home/${user}/.ssh/id`
+  // Clone-or-sync a PER-USER context main repo from `url` with the vault key.
+  // STRICT, per the context model: personal wins even when empty — an empty url
+  // means the dir is REMOVED so the loop sees nothing (no fallback to any
+  // workspace default). Returns whether the repo exists afterwards.
+  const ensurePerUserRepo = async (dir: string, url: string | undefined, label: string): Promise<boolean> => {
+    if (!url) {
+      try { await rm(dir, { recursive: true, force: true }) } catch {}
+      return false
+    }
+    if (existsSyncBase(join(dir, ".git"))) {
+      const has = await execFileP("git", ["-C", dir, "remote", "get-url", "origin"]).then(() => true).catch(() => false)
+      await execFileP("git", ["-C", dir, "remote", has ? "set-url" : "add", "origin", url]).catch(() => {})
+    } else {
+      try { await rm(dir, { recursive: true, force: true }) } catch {}
+      await mkdir(join(dir, ".."), { recursive: true })
+      try {
+        await execFileP("git", ["clone", "--", url, dir], { env: sshEnv, timeout: 60_000 })
+        console.log(`[loopat] cloned per-user context ${url} → ${dir}`)
+      } catch (e: any) {
+        // Concise reason (last non-empty stderr line — e.g. "Permission denied
+        // (publickey)") for the loop-creation warning surfaced in the UI.
+        const reason = (e?.stderr ?? e?.message ?? String(e)).toString().trim().split("\n").filter(Boolean).pop() ?? "clone failed"
+        console.warn(`[loopat] per-user context clone failed (${url}): ${e?.stderr ?? e?.message ?? e}`)
+        errors.push(`${label}: couldn't clone ${url} — ${reason}`)
+        return false
+      }
+    }
     await execFileP("git", ["-C", dir, "config", "core.sshCommand",
       `ssh -i ${sandboxKey} -o IdentitiesOnly=yes -o StrictHostKeyChecking=accept-new -o UserKnownHostsFile=/dev/null`]).catch(() => {})
-    // validate connectivity + populate origin/* with the user's key (transient,
-    // server-side only).
-    await execFileP("git", ["-C", dir, "fetch", "--quiet", "origin"], { env: sshEnv, timeout: 20_000 }).catch(() => {})
+    await execFileP("git", ["-C", dir, "fetch", "--quiet", "origin"], { env: sshEnv, timeout: 30_000 }).catch(() => {})
+    return true
   }
+  // knowledge is the entry pointer (personal-declared url); clone it first, then
+  // read ITS .loopat/config.json for the notes remote + repo roster — notes and
+  // repos now live inside the per-user knowledge repo, not in personal config.
+  const hasKnowledge = await ensurePerUserRepo(personalKnowledgeDir(user), cfg.knowledge?.git, "knowledge")
+  const kcfg = hasKnowledge ? await loadKnowledgeConfig(user) : { notes: undefined, repos: [] as RepoSpec[] }
+  await ensurePerUserRepo(personalNotesDir(user), kcfg.notes?.git, "notes")
+  await writeReposManifest(personalReposDir(user), kcfg.repos ?? [])
+  return errors
 }
 
 /**
@@ -365,8 +402,8 @@ export async function ensureUserContext(user: string, vault: string = "default")
  * clone a repo only when it's actually needed. Per docs/context-flow.md the AI
  * can also clone any listed repo by hand into context/repos/<name>.
  */
-async function writeReposManifest(specs: RepoSpec[]) {
-  await mkdir(workspaceReposDir(), { recursive: true })
+async function writeReposManifest(reposDir: string, specs: RepoSpec[]) {
+  await mkdir(reposDir, { recursive: true })
   const body = [
     "# repos — clone on demand",
     "",
@@ -376,21 +413,22 @@ async function writeReposManifest(specs: RepoSpec[]) {
     ...specs.filter((r) => r?.name && r?.git).map((r) => `- **${r.name}** — \`${r.git}\``),
     "",
   ].join("\n")
-  await writeFile(join(workspaceReposDir(), "REPOS.md"), body)
+  await writeFile(join(reposDir, "REPOS.md"), body)
 }
 
 /**
  * Clone a single registered repo if it isn't present yet. Returns whether the
  * repo dir exists afterwards. Used by loop creation and any on-demand path.
  */
-async function ensureRepoCloned(name: string, sshCommand?: string): Promise<boolean> {
-  const dir = workspaceRepoDir(name)
+async function ensureRepoCloned(user: string, name: string, sshCommand?: string): Promise<boolean> {
+  const dir = personalRepoDir(user, name)
   if (existsSyncBase(dir)) return true
-  const cfg = await loadConfig()
-  const spec = cfg.repos?.find((r) => r.name === name)
+  // The roster lives in the user's OWN knowledge repo (per-user, no fallback).
+  const kcfg = await loadKnowledgeConfig(user)
+  const spec = kcfg.repos?.find((r) => r.name === name)
   if (!spec?.git) return false
   try {
-    await mkdir(workspaceReposDir(), { recursive: true })
+    await mkdir(personalReposDir(user), { recursive: true })
     const env = sshCommand ? { ...process.env, GIT_SSH_COMMAND: sshCommand } : process.env
     await execFileP("git", ["clone", "--", spec.git, dir], { env })
     console.log(`[loopat] cloned on demand ${spec.git} → ${dir}`)
@@ -406,11 +444,14 @@ export async function ensureWorkspaceDirs() {
   await mkdir(loopsDir(), { recursive: true })
   await mkdir(workspaceReposDir(), { recursive: true })
 
-  // knowledge / notes / repos: clone from config'd remote if present
+  // WORKSPACE-DEFAULT clone (bootstrap display + seed source only — loops use the
+  // per-user knowledge/notes, see ensureUserContext). knowledge is the entry
+  // pointer; clone it, then read its .loopat/config.json for notes + repo roster.
   const cfg = await loadConfig()
   await ensureContextRepo(workspaceKnowledgeDir(), "knowledge", cfg.knowledge?.git || undefined)
-  await ensureContextRepo(workspaceNotesDir(), "notes", cfg.notes?.git || undefined)
-  await writeReposManifest(cfg.repos ?? [])
+  const kcfg = await loadKnowledgeConfig()
+  await ensureContextRepo(workspaceNotesDir(), "notes", kcfg.notes?.git || undefined)
+  await writeReposManifest(workspaceReposDir(), kcfg.repos ?? [])
 
   // workspace memory dir + stub
   const tm = workspaceMemoryDir()
@@ -1327,7 +1368,10 @@ export async function pushPersonalToRemote(
  * rebuilt from origin if missing.
  */
 export async function ensureUiNotesWorktree(user: string): Promise<void> {
-  await ensureContextWorktree(workspaceNotesDir(), uiNotesDir(user), `ui/${user}`)
+  // Ensure the user's per-user notes main repo is cloned from their declared
+  // remote first (notes is per-user now), then open the UI worktree from it.
+  await ensureUserContext(user).catch(() => {})
+  await ensurePerUserContextWorktree(personalNotesDir(user), uiNotesDir(user), `ui/${user}`)
 }
 
 /**
@@ -1803,15 +1847,34 @@ async function remoteStartPoint(repo: string, sshCommand?: string): Promise<stri
   }
 }
 
+/**
+ * Worktree from a PER-USER context main repo. When the main repo is absent (the
+ * user declared no remote for this context — see ensureUserContext's strict
+ * rule), the loop gets an EMPTY dir, never a fallback to a workspace default.
+ */
+async function ensurePerUserContextWorktree(repo: string, path: string, branch: string) {
+  if (!existsSyncBase(join(repo, ".git"))) {
+    try { await rm(path, { recursive: true, force: true }) } catch {}
+    await mkdir(path, { recursive: true })
+    return
+  }
+  await ensureContextWorktree(repo, path, branch)
+}
+
 export async function ensureContextMounts(id: string, createdBy: string) {
   await mkdir(loopContextDir(id), { recursive: true })
-  await ensureContextWorktree(workspaceKnowledgeDir(), loopContextKnowledge(id), `loop/${id}`)
-  await ensureContextWorktree(workspaceNotesDir(), loopContextNotes(id), `loop/${id}`)
-  // personal is also a per-loop worktree (docs/context-flow.md) — same shape as
-  // notes, just wired to the user's private remote. ensureContextWorktree falls
-  // back to a symlink when personal/ isn't a git repo yet.
+  // knowledge / notes are per-user (cloned by ensureUserContext from the user's
+  // personal-declared remotes). Each worktree opens from origin/main — a fresh
+  // pull of consensus; the local main repo is just the fetch cache + worktree
+  // host (docs/context-flow.md). Empty when the user declared no remote.
+  await ensurePerUserContextWorktree(personalKnowledgeDir(createdBy), loopContextKnowledge(id), `loop/${id}`)
+  await ensurePerUserContextWorktree(personalNotesDir(createdBy), loopContextNotes(id), `loop/${id}`)
+  // personal is also a per-loop worktree — same shape, wired to the user's
+  // private remote. ensureContextWorktree falls back to a symlink when
+  // personal/ isn't a git repo yet.
   await ensureContextWorktree(personalDir(createdBy), loopContextPersonal(id), `loop/${id}`)
-  await ensureSymlink(loopContextRepos(id), workspaceReposDir())
+  await mkdir(personalReposDir(createdBy), { recursive: true })
+  await ensureSymlink(loopContextRepos(id), personalReposDir(createdBy))
 }
 
 export async function listLoops(): Promise<LoopMeta[]> {
@@ -1886,15 +1949,25 @@ export async function createLoop(opts: {
   await composeLoopClaudeConfig(id, opts.createdBy, opts.profiles)
   await writeLoopSettings(id)
 
+  // Pull the per-user knowledge/notes FIRST: clones the user's knowledge repo
+  // (from personal.knowledge) and reads its .loopat/config.json for the notes
+  // remote + repo roster — which the workdir clone-on-demand below depends on.
+  // Surface any clone failures (bad key / no access) as a loop banner so the
+  // user isn't left with a silently-empty context.
+  const ctxWarnings = await ensureUserContext(opts.createdBy, opts.vault ?? "default").catch(
+    (e: any) => { console.warn(`[loopat] ensureUserContext(${opts.createdBy}): ${e?.message ?? e}`); return [`context init failed: ${e?.message ?? e}`] },
+  )
+  if (ctxWarnings.length) meta.contextWarnings = ctxWarnings
+
   // workdir = git worktree add (if repo selected) OR plain mkdir
   if (opts.repo) {
     // clone + fetch as the user (their vault key), not the host's ssh.
     const userSsh = sshCommandForUser(opts.createdBy, opts.vault ?? "default")
     // clone-on-demand: pull the repo down only now that a loop actually needs it
-    if (!(await ensureRepoCloned(opts.repo, userSsh))) {
+    if (!(await ensureRepoCloned(opts.createdBy, opts.repo, userSsh))) {
       throw new Error(`repo "${opts.repo}" not found / clone failed`)
     }
-    const repoPath = workspaceRepoDir(opts.repo)
+    const repoPath = personalRepoDir(opts.createdBy, opts.repo)
     const branch = `loop/${(await shortBranchSlug(meta.title))}-${id.slice(0, 6)}`
     try {
       // ① pull (docs/context-flow.md): base the workdir branch on origin/main
@@ -1915,11 +1988,7 @@ export async function createLoop(opts: {
     await mkdir(loopWorkdir(id), { recursive: true })
   }
 
-  // Point the context repos at the personal-declared kn/notes remotes and
-  // connect with the user's vault key (personal repo is self-describing).
-  await ensureUserContext(opts.createdBy, opts.vault ?? "default").catch(
-    (e: any) => console.warn(`[loopat] ensureUserContext(${opts.createdBy}): ${e?.message ?? e}`),
-  )
+  // (ensureUserContext already ran above, before the workdir clone.)
   await ensureContextMounts(id, effectiveDriver(meta))
   await writeFile(loopMetaPath(id), JSON.stringify(meta, null, 2))
   return meta

package/server/src/paths.ts

@@ -35,6 +35,21 @@ export const workspaceOriginPath = (name: string) => join(workspaceOriginsDir(),
 export const extensionsProvidersDir = () => join(LOOPAT_HOME, "extensions", "providers")
 export const personalDir = (user: string) => join(LOOPAT_HOME, "personal", user)
 
+// Per-user context main repos. knowledge/notes/repos are NOT workspace-shared:
+// each user's loop sees ONLY what their personal.knowledge points at (no
+// fallback to the workspace default). These are the main repos the loop's
+// context worktrees are derived from — the per-user analogue of the shared
+// workspaceKnowledgeDir()/workspaceNotesDir(). Live under context/users/<user>/
+// so they never collide with the workspace-default context/knowledge.
+export const userContextDir = (user: string) => join(workspaceContextDir(), "users", user)
+export const personalKnowledgeDir = (user: string) => join(userContextDir(user), "knowledge")
+export const personalNotesDir = (user: string) => join(userContextDir(user), "notes")
+export const personalReposDir = (user: string) => join(userContextDir(user), "repos")
+export const personalRepoDir = (user: string, name: string) => join(personalReposDir(user), name)
+// The per-user knowledge repo's .loopat root (holds its config.json = notes +
+// repo roster). Workspace-default equivalent is workspaceLoopatRoot().
+export const personalKnowledgeLoopatRoot = (user: string) => join(personalKnowledgeDir(user), ".loopat")
+
 export const loopDir = (id: string) => join(loopsDir(), id)
 export const loopWorkdir = (id: string) => join(loopDir(id), "workdir")
 export const loopClaudeDir = (id: string) => join(loopDir(id), ".claude")

package/server/src/podman.ts

@@ -46,12 +46,12 @@ import {
   loopClaudeDir,
   loopsDir,
   loopContextChatDir,
-  workspaceKnowledgeDir,
-  workspaceNotesDir,
-  workspaceReposDir,
   loopContextKnowledge,
   loopContextNotes,
   personalDir,
+  personalKnowledgeDir,
+  personalNotesDir,
+  personalReposDir,
   LOOPAT_INSTALL_DIR,
   loopHomeUpper,
   workspaceHomeSkelDir,
@@ -250,20 +250,22 @@ export async function buildVolumeMounts(opts: ContainerOptions): Promise<VolumeM
   }
 
   // Repos: bind at virtual path AND host-absolute path (git worktree internals
-  // store absolute gitdir paths). Both RW.
-  const reposDir = workspaceReposDir()
+  // store absolute gitdir paths). Both RW. PER-USER (the loop's own roster).
+  const reposDir = personalReposDir(createdBy)
   if (existsSync(reposDir)) {
     mounts.push({ src: reposDir, dst: V_CONTEXT_REPOS })
     mounts.push({ src: reposDir, dst: reposDir })
   }
 
-  // notes/knowledge main repos: re-bind at host-absolute path so per-loop
-  // worktree `.git` files resolve.
-  const notesRepo = workspaceNotesDir()
+  // notes/knowledge main repos: re-bind at host-absolute path so the per-loop
+  // worktree `.git` files resolve. PER-USER — the worktrees are derived from
+  // personalKnowledgeDir/personalNotesDir(createdBy), so the main repos bound
+  // here must match (same as personalDir above).
+  const notesRepo = personalNotesDir(createdBy)
   if (existsSync(notesRepo)) {
     mounts.push({ src: notesRepo, dst: notesRepo })
   }
-  const knowledgeRepo = workspaceKnowledgeDir()
+  const knowledgeRepo = personalKnowledgeDir(createdBy)
   if (existsSync(knowledgeRepo)) {
     mounts.push({ src: knowledgeRepo, dst: knowledgeRepo, ro: !knowledgeRw })
   }