Timmy_Foundation/timmy-config
15
0
Fork 0
Code Issues 164 Pull Requests 67 Actions Packages Projects Releases Wiki Activity
Files
ab9d1c0fa4509f86c0890f058a41ce4e02075f08
timmy-config/scripts/README.md
Alexander Payne ab9d1c0fa4
Some checks failed
Smoke Test / smoke (pull_request) Failing after 23s
Details
Architecture Lint / Linter Tests (pull_request) Successful in 26s
Details
Validate Config / YAML Lint (pull_request) Failing after 15s
Details
Validate Config / JSON Validate (pull_request) Successful in 19s
Details
Validate Config / Python Syntax & Import Check (pull_request) Failing after 1m1s
Details
Validate Config / Python Test Suite (pull_request) Has been skipped
Details
Validate Config / Shell Script Lint (pull_request) Failing after 1m4s
Details
Validate Config / Cron Syntax Check (pull_request) Successful in 13s
Details
Validate Config / Deploy Script Dry Run (pull_request) Successful in 13s
Details
Validate Config / Playbook Schema Validation (pull_request) Successful in 25s
Details
Architecture Lint / Lint Repository (pull_request) Failing after 22s
Details
PR Checklist / pr-checklist (pull_request) Successful in 5m0s
Details
[GEMINI-HARDEN-01] Replace hard-coded fleet inventory with repo-native config 
Add fleet.inventory and fleet.path_contracts to config.yaml:
- Central source of truth for IPs, ports, roles, remote paths
- Introduce get_config_path(), load_fleet_inventory(), get_path_contract()
- Updated fleet_llama.py, self_healing.py, telemetry.py, agent_dispatch.py,
  skill_installer.py to read from config instead of hard-coded dicts/paths
- Documented inventory contract and override mechanism in scripts/README.md

Scripts retain forward-compatible fallback defaults for backwards compatibility.

Closes #433
2026-04-26 22:47:59 -04:00

117 lines
4.9 KiB
Markdown
Raw Blame History

# Gemini Sovereign Infrastructure Suite
This directory contains the core systems of the Gemini Sovereign Infrastructure, designed to systematize fleet operations, governance, and architectural integrity.
## Principles
1. **Systems, not Scripts**: We build frameworks that solve classes of problems, not one-off fixes.
2. **Sovereignty First**: All tools are designed to run locally or on owned VPSes. No cloud dependencies.
3. **Von Neumann as Code**: Infrastructure should be self-replicating and automated.
4. **Continuous Governance**: Quality is enforced by code (linters, gates), not just checklists.
## Tools
### [OPS] Provisioning & Fleet Management
- **`provision_wizard.py`**: Automates the creation of a new Wizard node from zero.
- Creates DigitalOcean droplet.
- Installs and builds `llama.cpp`.
- Downloads GGUF models.
- Sets up `systemd` services and health checks.
- **`fleet_llama.py`**: Unified management of `llama-server` instances across the fleet.
- `status`: Real-time health and model monitoring.
- `restart`: Remote service restart via SSH.
- `swap`: Hot-swapping GGUF models on remote nodes.
- **`skill_installer.py`**: Packages and deploys Hermes skills to remote wizards.
- **`model_eval.py`**: Benchmarks GGUF models for speed and quality before deployment.
- **`phase_tracker.py`**: Tracks the fleet's progress through the Paperclips-inspired evolution arc.
- **`cross_repo_test.py`**: Verifies the fleet works as a system by running tests across all core repositories.
- **`self_healing.py`**: Auto-detects and fixes common failures across the fleet.
- **`agent_dispatch.py`**: Unified framework for tasking agents across the fleet.
- **`telemetry.py`**: Operational visibility without cloud dependencies.
- **`gitea_webhook_handler.py`**: Handles real-time events from Gitea to coordinate fleet actions.
### [ARCH] Governance & Architecture
- **`architecture_linter_v2.py`**: Automated enforcement of architectural boundaries.
- Enforces sidecar boundaries (no sovereign code in `hermes-agent`).
- Prevents hardcoded IPs and committed secrets.
- Ensures `SOUL.md` and `README.md` standards.
- **`adr_manager.py`**: Streamlines the creation and tracking of Architecture Decision Records.
- `new`: Scaffolds a new ADR from a template.
- `list`: Provides a chronological view of architectural evolution.
## Usage
Most tools require `DIGITALOCEAN_TOKEN` and SSH access to the fleet.
```bash
# Provision a new node
python3 scripts/provision_wizard.py --name fenrir --model qwen2.5-coder-7b
# Check fleet status
python3 scripts/fleet_llama.py status
# Audit architectural integrity
python3 scripts/architecture_linter_v2.py
```
## Fleet Inventory Contract
The fleet inventory is defined in `timmy-config/config.yaml` under the `fleet:` key. All [OPS] scripts read this data at runtime, eliminating hard-coded IPs and paths.
### `fleet.inventory` — Per-Host Definition
```yaml
fleet:
inventory:
<hostname>:
ip: <string> # Public or private IP address
port: <int> # SSH target port (typically 22)
role: <string> # Logical role (hub, forge, agent-host, world-host)
remote_root: <path> # Remote root directory for Hermes operations
capabilities: [...] # Feature tags the host supports
```
Each host entry exposes: `ip`, `port`, `role`, `remote_root`, `capabilities`. The `capabilities` tag is freeform but standardized across the fleet (e.g., `gateway`, `orchestrator`, `forge`, `agent-host`, `llm-host`, `world-host`).
### `fleet.path_contracts` — Path Abstractions
```yaml
fleet:
path_contracts:
hermes_agent_local: ../hermes-agent # Path to local hermes-agent repo (relative to timmy-config)
hermes_remote: /opt/hermes # Remote Hermes root on fleet nodes
skills_remote: /opt/hermes/skills # Remote skills directory
```
All scripts reference paths via `get_path_contract(key, default)` or `get_remote_root()` helpers. This centralizes path management across local (mac) and remote wizards.
### Override Mechanism
Set the `TIMMY_CONFIG` environment variable to point at an alternate `config.yaml`:
```bash
export TIMMY_CONFIG=/path/to/alternate/config.yaml
python3 scripts/fleet_llama.py status
```
Without `TIMMY_CONFIG`, scripts auto-resolve `timmy-config/config.yaml` relative to their `scripts/` directory.
### Fallback Defaults
If `config.yaml` is missing or the `fleet:` section is absent, scripts fall back to the canonical production fleet:
| Hostname | IP | Role |
|----------|-------------------|---------------|
| mac | 10.1.10.77 | hub |
| ezra | 143.198.27.163 | forge |
| allegro | 167.99.126.228 | agent-host |
| bezalel | 159.203.146.185 | world-host |
Fleet eviction occurs through config changes, not code edits.
---
*Built by Gemini — The Builder, The Systematizer, The Force Multiplier.*
Reference in New Issue View Git Blame Copy Permalink