Viktor wanted a web UI on the claude service to act as his breakglass when
the devvm is down: open it, have Claude SSH in to diagnose/repair, and
power-cycle the VM via the Proxmox host if needed. This is the app half
(the infra stack + host bootstrap live in the infra repo).
New, ISOLATED ASGI app under app/breakglass/ (never imports app.main, so the
untrusted-input agents — recruiter-triage, nextcloud-todos — can't share a
process with the root-on-devvm / PVE-reset SSH key):
- pve.py: the LLM-independent power-verb path (status|forensics|reset|stop|
start|cycle on VM 102), whitelist-validated client-side, executed over the
forced-command SSH key (list argv, no shell).
- agent_session.py: multi-turn streamed chat — claude -p --session-id /
--resume with --output-format stream-json, translated to a small SSE
vocabulary (session/text/tool/result/error/done).
- auth.py: edge Authentik header OR bearer; fail-closed.
- server.py: FastAPI (session/chat-SSE/pve-verb routes) + serves the Svelte UI.
- Svelte SPA (frontend/, built into app/breakglass/static/ and committed — no
in-cluster build, per ADR-0002): streamed chat + danger-styled manual VM
controls with confirm-on-mutate.
- agents/breakglass.md: narrow tools (Bash/Read/Grep/Glob, no web), taught the
ssh devvm / ssh pve aliases and cycle-vs-reset.
- docker-entrypoint-breakglass.sh: ssh-agent bootstrap from the mounted key +
ssh aliases, then uvicorn app.breakglass.server. The breakglass Deployment
overrides the image CMD with this; the existing service is untouched.
26 new tests (verb whitelist incl. injection attempts, stream-json→SSE
translation, auth gating, route behaviour); full suite 58 green.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Add the read-only planner and full-powers exec agent definitions for the
nextcloud-todos service (Phase 3, tasks 3.1/3.2). COPY both into
/usr/share/agent-seed/ so the seed-beads-agent init-container can drop them
into ~/.claude/agents/ at pod start (task 3.3).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Web-first deep-research agent that recruiter-responder calls on demand.
Output is a structured markdown report (≤800 words): comp vs Viktor's
£600k floor, culture/retention signals, remote policy, recent news,
bottom-line verdict. No DB writes, no phone-call suggestions, no file
writes. Tools: WebSearch, WebFetch, Read, Grep, Glob, Bash (read-only
use).
Wired through Dockerfile (COPY to /usr/share/agent-seed/) and the
seed-beads-agent init container in infra/stacks/claude-agent-service/
(cp into /home/agent/.claude/agents/recruiter-triage.md).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
The 495MB vault binary is in .gitignore so it doesn't ship to
Forgejo, breaking 'COPY vault /usr/local/bin/vault'. Switch to
the standard download-zip-then-unzip pattern used for terraform
and sops in this same Dockerfile.
