deploy script: build, chown state to muede, lock SYSTEM.md as root 644
This commit is contained in:
Damocles
parent
946a166b94
commit
548f70ba72
1 changed files with 37 additions and 0 deletions
37
scripts/deploy.sh
Executable file
37
scripts/deploy.sh
Executable file
|
|
@ -0,0 +1,37 @@
|
|||
#!/usr/bin/env bash
|
||||
# Build, deploy, and fix permissions on the damocles-lab state tree.
|
||||
# Run from the damocles-daemon repo root (or anywhere - resolves paths absolutely).
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
REPO="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
|
||||
TARGET=/persist/damocles-lab
|
||||
STATE="$TARGET/state"
|
||||
|
||||
echo "==> building"
|
||||
cd "$REPO"
|
||||
nix develop --command cargo build --bin damocles-daemon --bin damocles-mcp 2>&1 | tail -3
|
||||
|
||||
echo "==> deploying binaries to $TARGET"
|
||||
for bin in damocles-daemon damocles-mcp; do
|
||||
cp "$REPO/target/debug/$bin" "$TARGET/$bin.new"
|
||||
chown muede:users "$TARGET/$bin.new"
|
||||
mv "$TARGET/$bin.new" "$TARGET/$bin"
|
||||
done
|
||||
ls -la "$TARGET/damocles-daemon" "$TARGET/damocles-mcp"
|
||||
|
||||
echo "==> fixing state tree ownership (muede:users)"
|
||||
# Anything touched by full-Damocles from the (root-running) damocles container
|
||||
# ends up root-owned and unwritable by the daemon. Bulk-fix every time we deploy.
|
||||
chown -R muede:users "$STATE"
|
||||
|
||||
# SYSTEM.md is the harness contract. Daemon must read it but not write it -
|
||||
# it ships as part of the system prompt on each shard spawn. Restore root:root 644.
|
||||
if [ -f "$STATE/identity/SYSTEM.md" ]; then
|
||||
chown root:root "$STATE/identity/SYSTEM.md"
|
||||
chmod 644 "$STATE/identity/SYSTEM.md"
|
||||
fi
|
||||
echo " state tree fixed"
|
||||
|
||||
echo "==> done. restart daemon to pick up new binary:"
|
||||
echo " ~/lab.sh \"cd /workspace && RUST_LOG=info ./damocles-daemon\""
|
||||
Loading…
Add table
Add a link
Reference in a new issue