disinto

Author	SHA1	Message	Date
dev-qwen2	7f1f8fa01c	fix: vision(#623 ): scope Claude chat working directory to project staging checkout (#1027 ) All checks were successful ci/woodpecker/push/ci Pipeline was successful Details ci/woodpecker/push/nomad-validate Pipeline was successful Details ci/woodpecker/pr/ci Pipeline was successful Details ci/woodpecker/pr/edge-subpath Pipeline was successful Details ci/woodpecker/pr/nomad-validate Pipeline was successful Details ci/woodpecker/pr/secret-scan Pipeline was successful Details ci/woodpecker/pr/smoke-init Pipeline was successful Details - server.py: add CHAT_WORKSPACE_DIR env var, set cwd to workspace and use --permission-mode acceptEdits + append message in Claude invocations - lib/generators.sh: add workspace bind mount and env var to compose generator - nomad/jobs/chat.hcl: add workspace host volume (static source "chat-workspace"), meta block + NOMAD_META_ env var, volume_mount — Nomad-compatible pattern Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-20 18:11:33 +00:00
dev-qwen2	f28c8000bb	fix: feat: drop chat rate-limiting — remove per-user hour/day request caps and token cap (reverts #711 ) (#1084 ) All checks were successful ci/woodpecker/push/ci Pipeline was successful Details ci/woodpecker/push/nomad-validate Pipeline was successful Details ci/woodpecker/pr/ci Pipeline was successful Details ci/woodpecker/pr/edge-subpath Pipeline was successful Details ci/woodpecker/pr/nomad-validate Pipeline was successful Details ci/woodpecker/pr/secret-scan Pipeline was successful Details ci/woodpecker/pr/smoke-init Pipeline was successful Details	2026-04-20 16:12:11 +00:00
Claude	31e2f63f1b	fix: [nomad-step-5] S5-fix-5 — chat.hcl tmpfs syntax: use mount block not tmpfs argument (#1012 ) All checks were successful ci/woodpecker/push/ci Pipeline was successful Details ci/woodpecker/push/nomad-validate Pipeline was successful Details ci/woodpecker/pr/ci Pipeline was successful Details ci/woodpecker/pr/nomad-validate Pipeline was successful Details ci/woodpecker/pr/secret-scan Pipeline was successful Details Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-18 12:43:08 +00:00
Claude	da93748fee	fix: [nomad-step-5] S5.2 — nomad/jobs/staging.hcl + chat.hcl (#989 ) All checks were successful ci/woodpecker/push/ci Pipeline was successful Details ci/woodpecker/push/nomad-validate Pipeline was successful Details ci/woodpecker/pr/ci Pipeline was successful Details ci/woodpecker/pr/nomad-validate Pipeline was successful Details ci/woodpecker/pr/secret-scan Pipeline was successful Details ci/woodpecker/pr/smoke-init Pipeline was successful Details Add lightweight Nomad service jobs for the staging file server and Claude chat UI. Key changes: - nomad/jobs/staging.hcl: caddy:alpine file-server mounting docker/ as /srv/site (read-only), no Vault integration needed - nomad/jobs/chat.hcl: custom disinto/chat:local image with sandbox hardening (cap_drop ALL, tmpfs, pids_limit 128, security_opt), Vault-templated OAuth secrets from kv/disinto/shared/chat - nomad/client.hcl: add site-content host volume for staging - vault/policies/service-chat.hcl + vault/roles.yaml: read-only access to chat secrets via workload identity - bin/disinto: wire staging+chat into build, deploy order, seed mapping, summary, and service validation - tests/disinto-init-nomad.bats: update known-services assertion Fixes prior art issue where security_opt and pids_limit were placed at task level instead of inside docker driver config block. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-18 08:01:48 +00:00

4 commits