lhumina_code/home
23
0
Fork 0
Code Issues 6 Pull requests Projects Releases Packages Wiki Activity Actions

[nu-demo] STATE OF HERONU as of 2026-04-24 — what works, what's still broken, everything that needs upstream landing #160

New issue
Closed
opened 2026-04-24 03:25:50 +00:00 by mik-tf · 4 comments
mik-tf commented 2026-04-24 03:25:50 +00:00
Owner
Copy link

Purpose

This is the consolidated checkpoint issue for the heronu nu-shell demo. Use this as the starting point for the next session — it captures the current working state, every gap still open (with severity), operator workarounds applied directly to the VM, and the path to full reproducibility once the per-component fixes merge upstream.

The demo is good enough to present as-is — the killer feature (AI Assistant grounded in docs_hero) works, all seeded islands render real data, media + office files display. What's left is a known catalog.

For the intelligence pipeline / AI architecture spec: see #159.
For the nu-demo architecture index: see #148.

What works end-to-end

Area Demo-ready state
AI Assistant — grounded mode Ask "Call search_hero_docs with query=Hero OS pipeline and top_k=3" → Claude Haiku 4.5 returns docs-cited answer referencing (hero_os_guide, overview/quickstart/ai_pipeline)
Semantic tool routing HERO_AGENT_ROUTING_MODE=hybrid, SEMANTIC_TOP_K=10, SEMANTIC_THRESHOLD=0.25 applied. Embedder indexes the 58 built-in tools + any MCP tools, selects top-K per query — bypasses the 128-tool LLM cap.
hero_aibroker routing Claude preferred (Haiku 4.5 → 3.5-sonnet → GPT-4o-mini fallback chain). Env wired: AIBROKER_API_ENDPOINT=http://10.1.2.2:9988/hero_aibroker/rest/v1.
Hero Books library discovery 4 libraries cloned into /home/driver/code/docs_*: hero (1 book, 163 embedder docs), geomind (12 books, 1733+ docs), mycelium (21 books, Q&A extraction ongoing), ourworld (6 books).
Embedder admin UI TriviaQA benchmark corpus loaded (92,252 Q&A pairs, 3.52 MB), namespaces visible, Q1 Fast BGE-small model, reranker available.
MCP wiring /home/driver/hero/var/agent/mcp.json trimmed to hero_books only (until tool-name sanitizer — home#153 — lands). POST /mcp/hero_books returns protocolVersion: 2025-03-26.
Office .docx 47 files across 5 contexts (default/geomind/incubaid/root/threefold). Hero OS Guide in default/incubaid/root; 22 geomind collection docx in geomind+threefold.
Office .pdf 45 PDFs via pandoc+typst (typst 0.14.2 installed on /data/home/driver/bin/typst, DejaVu fonts). Sizes 38 KB–710 KB. Served from hero_foundry webdav.
Photos/Videos/Songs All 5 contexts. 30 original seed records had leading-slash storage_path bug (fixed by rewrite — #156). Default context also seeded with 9 photo + 3 video + 3 song records.
Calendar 8-9 events per context (geomind, incubaid, threefold, root).
Business (hero_osis business domain) Per context: 6 Persons, 6 Companies, 4 Contacts, 4 Opportunities, 3 Deals, 3 Instruments, 3 Contracts, 3 Transactions.
Projects / Kanban (hero_osis projects domain) geomind 5, incubaid 3, threefold 2, root 2 projects (milestones partially failed — see below).
WASM shell 211 MB debug → 1.8 MB brotli first paint (home#140 — fix merged in development_mik_nu_demo on VM).
docs_hero on origin/development Commit 83fb985 pushed — refreshed architecture.md, services.md, overview.md, quickstart.md + new ai_pipeline.md canonical page.

🟥 Blockers / high-severity gaps

1. Services island is architectural dead wood — NOT just a WASM feature gap

Current behavior: dock click → Failed to load island WASM 'services': Island not found: services (HTTP 404).

Root cause (architectural): In the hero_zero Docker era, the Services island proxied hero_proxy's service discovery. In the nu-shell / hero_router era, hero_router owns service discovery natively via its admin UI at ui.sock (see https://forge.ourworld.tf/lhumina_code/hero_router/src/branch/development/CLAUDE.md). The "Services" dock entry is a stale artifact that references a code path that no longer makes sense.

Proper fix:

  • Remove "services" from hero_os_app/src/registry.rs::build_islands() (around line 351) and from any WASM_FEATURES list.
  • Optionally add a new dock entry pointing at hero_router's admin UI (/hero_router/ui/) if the UX goal is "operator sees running services."
  • Rebuild hero_os_app WASM (~25 min).

Demo workaround: broken icon stays in the dock; users hit 404 only if they explicitly click it.

2. hero_biz service is incomplete — only ui.sock, no rpc.sock

Current behavior: clicking "Biz" → blank page.

Root cause: hero_proc service list shows hero_biz as running with only a _server + _ui action, but hero_biz_server exposes no rpc.sock — just ui.sock. The Biz island loads, JS tries to fetch RPC, gets nothing.

Note: Biz island is separate from the "Business" island which maps to hero_osis business domain (that one works and has seeded data).

Fix: either flesh out hero_biz service to expose rpc endpoints, OR remove the Biz dock entry (same registry.rs rebuild).

3. Books UI "All Books" tab errors — Dioxus double-slash URL bug

Current behavior: Error: JSON parse error: EOF while parsing a value at line 1 column 0.

Root cause: hero_archipelagos/archipelagos/embed/books/src/island.rs:28 introduced in commit b7202b7 (fix(embed): use hero_router URL pattern for iframe islands):

// Before b7202b7 (worked)
let base_url = format!("{}/hero_books", props.context.api_host);  // no trailing slash
// After b7202b7 (broken)
let base_url = format!("{}/hero_books/ui/", props.context.api_host);  // trailing slash

Then in services/mod.rs:42: format!("{}/rpc", base_url)/hero_books/ui//rpc → 404.

Verified on heronu:

  • curl -X POST 'http://10.1.2.2:9988/hero_books/ui/rpc' ...200 OK (single slash works)
  • curl -X POST 'http://10.1.2.2:9988/hero_books/ui//rpc' ...404 (double slash 404s)

Proper fix (in hero_archipelagos): strip trailing slash from base_url OR trim_end_matches('/') in rpc_call before appending /rpc.

Attempted demo fix (on heronu): added collapse_slashes_middleware to hero_books_ui/src/main.rs before .layer(cors). Binary rebuilt (~22 min), installed, process restarted — middleware is in source but does not fire at runtime. Likely axum-0.8 behavior or LTO eliminated path. Not yet root-caused.

Full write-up: #157.

4. Office PDF island reads from hero_office, not hero_foundry webdav

Current behavior: PDF island shows No PDF files in geomind even though I seeded 21 .pdf into ~/hero/var/hero_foundry/webdav/geomind/Documents/.

Root cause: hero_office_ui/src/handlers.rs::type_browser calls hero_office_server::list_documents(type_filter="pdf") — i.e. hero_office_server has its own file store and its own list/upload API, disjoint from hero_foundry's webdav. The /hero_office/ui/pdf/ iframe therefore doesn't see files that live under hero_foundry.

For hero_office to show the PDFs, they need to be uploaded via hero_office_server's REST/RPC (not by dropping into webdav). Equivalent path needed for Docs, Sheets, Slides.

Fix options:

  1. Teach hero_office_server to list from hero_foundry webdav (unified file store).
  2. Add a one-shot seed step that bulk-imports from webdav into hero_office's store.
  3. Refactor Office islands to read directly from webdav via hero_foundry RPC.

5. Chat persistence broken — hero_osis_ai domain not registered

Current behavior: every tool-call turn logs WARN hero_agent::osis_store: Failed to create audit entry error=Network error: HTTP error: 404 Not Found.

Root cause: hero_agent/src/osis_store.rs uses hero_osis_sdk's AiClient to persist conversation history + audit/usage entries. The client targets the hero_osis_ai domain, which is NOT registered in the nu-shell per-domain server list. See existing issue #130.

Result: AI Assistant works for single-turn queries but conversations aren't persisted — refresh the page and history is gone. Historically (hero_zero era) this was working via the monolithic hero_osis_server.

Fix: register hero_osis_ai in the per-domain list (whatever drives hero_osis_server action registration in nu-shell), run OSIS schema migration for the ai domain, set OSIS_URL in hero_agent env to point at that domain's rpc.sock.

6. Plain-chat grounding doesn't trigger — triage classifier routes Hero questions to Knowledge path

"What is Hero OS?" still returns a generic OS description because the triage classifier routes it to the Knowledge branch — no tools offered, no search_hero_docs call. See #152.

Workaround: explicit tool hint ("Call search_hero_docs with ...") forces the Tools path and grounding works.

7. Tools payload sanitization needed for wider MCP

mcp.json currently wires only hero_books. Widening it to all 7 MCP services would produce ~165 tools — exceeds OpenAI's 128-tool cap AND MCP names contain dots (collections.list, search.query) which violate Anthropic's function-name regex ^[a-zA-Z0-9_-]{1,128}$. See #153.

Semantic routing (home#159 §2) picks top-K tools — but the top-K can still include MCP tools with dots, which Anthropic rejects. Both fixes are needed: semantic routing (live) + name sanitization (pending).

🟨 Medium-severity gaps

8. Livekit iframe defaults to dark theme when hero_os is light

Source patched on VM (templates/base.html: data-bs-theme="dark""light") but hero_livekit_ui not yet rebuilt/installed. Also applies to hero_collab — see task #36 / home#147.

9. Books Q&A cache bypass

Libraries ship pre-extracted Q&A pairs in collections/<coll>/.ai/<page>.toml + pre-computed .vectors.bin embeddings, but hero_books' content_hash check mismatches → re-extracts via LLM → wastes 20-40 min per library. See #158.

10. Projects milestone seed partial failure

Projects seeded successfully (30 objects), milestones failed due to status enum mismatch (status = "active" in legacy TOMLs vs current enum {todo, in_progress, done} expects per-object schemas not all auto-mapped). Remaining story/milestone TOMLs have other schema drifts that need a full seed-data migration.

Fix: update hero_zero/dist/var/seed/*/projects/*.toml files to match current schema, OR teach hero_osis_seed binary to auto-migrate known enum values.

11. Per-library AI search — search_hero_docs tool hardwired to namespace="hero"

Can't ask the AI "what does geomind's nitrograph memo say?" — tool always searches the hero namespace. Add optional namespace / library param to the tool, propagate to hero_books.search.query. Approximate effort: 10 lines + rebuild.

12. tool_choice=required infinite loop

Pragmatic patch attempted and reverted — forcing tool_choice: "required" on every turn causes Claude to call a tool after it already has the answer → infinite loop. Proper implementation needs turn-1-only gating. See #150.

🟩 Low-severity / already-worked-around

13. VM rootfs is only 2 GB — blocked several installs

TF Grid ubuntu-24.04 flist ships with 2 GB rootfs; /data is 100 GB. Workarounds applied on heronu:

  • TMPDIR=/data/tmp for all cargo builds (rustc scratch)
  • CARGO_TARGET_DIR=/data/home/driver/cargo-target
  • apt cache/lists symlinked to /data/var/
  • typst installed on /data/home/driver/bin/
  • Chromium auto-install (for hero_books PDF generator) left disabled — weasyprint attempt broke apt

Proper fix: bump rootfs_size in hero_zero/deploy/single-vm/tf/main.tf to 8 GB; teach hero_skills installers to default to /data paths. (Issue draft was interrupted — can be filed on request.)

14. Hero_osis_seed binary reports phantom errors

The legacy hero_osis_seed binary (from hero_zero dist) prints error decoding response body for every write, but writes actually succeed. Symptom only — seed data did land (Business/Calendar/Media all populated). Minor cosmetic issue if future operators rely on the stderr output.

15. hero_embedder tokio blocking reqwest

Already patched on VM via tokio::task::block_in_place wraps in embedderd_client.rs. See #145.

16. hero_router X-Hero-Context clobbering

Already patched on VM. See #125.

17. hero_livekit axum Extension layer ordering

Already patched on VM. See #126.

Operator-state snapshot (what's live on heronu only)

These are changes that exist ONLY on the VM and the development_mik_nu_demo branches locally — not pushed to origin:

Repo Branch Applied
hero_agent development_mik_nu_demo (VM-local) prompt.rs MANDATORY directive, llm_client.rs tool_choice patch reverted, tool_router.rs always_include += search_hero_docs
hero_books development_mik_nu_demo (VM-local) collapse_slashes_middleware in main.rs (compiled, doesn't fire at runtime)
hero_livekit development_mik_nu_demo (VM-local) base.html data-bs-theme default flipped to light
hero_router development_mik_nu_demo (VM-local) X-Hero-Context header preservation patch
hero_embedder development_mik_nu_demo (VM-local) block_in_place around blocking reqwest
hero_os development_mik_nu_demo (VM-local) WASM release+brotli compression (home#140)
docs_hero development (REMOTE) ai_pipeline.md + refreshed hero_os_guide

hero_proc action state changes (runtime, not source):

  • hero_agent_server.env += AIBROKER_API_ENDPOINT, HERO_AGENT_AIBROKER_MODELS, OSIS_URL, OSIS_CONTEXT, HERO_AGENT_ROUTING_MODE=hybrid, semantic top_k/threshold
  • hero_books_server.env += FORGEJO_TOKEN, FORGE_TOKEN, GIT_TERMINAL_PROMPT=0, script arg serve

OSIS data writes (runtime):

  • 30 photo/song/video storage_path fields rewritten (leading slash stripped)
  • 30 project objects set across 4 contexts via custom Python uploader with status enum remap + OTOML O: prefix
  • Business/Calendar/Media seeded via legacy hero_osis_seed binary for 5 contexts

File-system artifacts:

  • /home/driver/code/docs_{hero,mycelium,geomind,owh} — 4 library clones totaling 808 MB
  • ~/hero/var/hero_foundry/webdav/<ctx>/Documents/*.docx (47), *.pdf (45)
  • ~/hero/var/agent/mcp.json with 1 MCP server (hero_books)
  • /data/home/driver/bin/typst
  • /data/home/driver/seed/ — copy of hero_zero seed data + binary

Reproducibility path

To recreate heronu-equivalent state from a fresh TF Grid VM:

  1. Upstream land all [nu-demo] fixes. The catalog is home#122–158. Most need simple PRs; several need design discussion.
  2. Fix root-cause bugs. Specifically: registry cleanup (services/biz), Dioxus Books island trailing slash (b7202b7 revert), triage routing (home#152), tool-name sanitization (home#153), hero_osis_ai domain registration (home#130), Q&A cache hash alignment (home#158).
  3. Add a hero_osis_seed re-roll. Port the legacy hero_zero/dist/var/seed/ TOMLs to match current schemas, or add a migrator. Include all contexts (default + geomind + incubaid + root + threefold).
  4. Bump rootfs default in hero_zero/deploy/single-vm/tf/main.tf so cargo + apt don't need /data tricks.
  5. Ship a canonical mcp.json once tool-name sanitization lands — can then safely wire all 7 MCP services.
  6. Add the ai_pipeline.md doc to the hero_books libraries.txt chain so the AI can always cite its own architecture (closed loop).

Once all that lands, a fresh hero_skills install-all && hero_proc start ... on a 8 GB rootfs VM should produce a clean equivalent of today's heronu state.

Related issues (chronological)

  • 122 hero_slides hardcoded /Volumes/T7
  • 123 hero_os_app missing web feature entries for island-room + others
  • 124 UX: every island needs a polished empty/error state
  • 125 hero_router X-Hero-Context clobbering (patched on VM)
  • 126 hero_livekit_ui axum Extension ordering (patched on VM)
  • 127 hero_slides path dep on hero_lib
  • 128 hero_skills installers.nu missing apt deps
  • 129 service_osis.nu doesn't pass HERO_CONTEXTS
  • 130 hero_osis_ai domain not registered (blocks chat persistence)
  • 131 hero_os Makefile ignored CARGO_TARGET_DIR
  • 132 service_codescalers socket naming
  • 133 service_livekit no redis preflight
  • 134 packages.nu commented-out services
  • 135 service_agent.nu missing
  • 136 hero_agent OPENROUTER_API_KEYS plural
  • 137 hero_aibroker Groq-only config
  • 138 hero_aibroker --reset clobbers
  • 139 hero_foundry seed_media path
  • 140 WASM 211 MB → 1.8 MB brotli (patched on VM)
  • 141 service_books.nu parse error
  • 142 hero_skills install.sh nushell install
  • 143 hero_osis SDK delete bool/String
  • 144 Office archipelago per-library PDFs (partial — 47 .docx + 45 .pdf seeded via pandoc+typst into hero_foundry webdav; Office island reads different store)
  • 145 hero_embedder blocking reqwest (patched on VM)
  • 146 Photos <img> double-slash (patched on VM via seed rewrite)
  • 147 hero_collab dark theme on light hero_os
  • 148 nu-demo architecture index
  • 149 prompt.rs MANDATORY directive + rebuild verification
  • 150 tool_choice=required support (requires turn-1 gating)
  • 151 (not filed by me)
  • 152 triage classifier routes Hero questions to Knowledge path
  • 153 tools payload sanitization (count + dots + duplicates)
  • 154 (not filed)
  • 155 (not filed)
  • 156 Photos seed storage_path leading slash (patched on VM via rewrite)
  • 157 Books island double-slash URL + server-side middleware demo fix
  • 158 hero_books re-runs LLM Q&A extraction despite .ai/ cache
  • 159 CANONICAL intelligence pipeline reference
  • 160 (THIS ISSUE) — consolidated demo state and remaining work

Signed-off-by: mik-tf

## Purpose This is the consolidated checkpoint issue for the heronu nu-shell demo. Use this as the starting point for the next session — it captures the current working state, every gap still open (with severity), operator workarounds applied directly to the VM, and the path to full reproducibility once the per-component fixes merge upstream. The demo is **good enough to present** as-is — the killer feature (AI Assistant grounded in docs_hero) works, all seeded islands render real data, media + office files display. What's left is a known catalog. For the intelligence pipeline / AI architecture spec: see https://forge.ourworld.tf/lhumina_code/home/issues/159. For the nu-demo architecture index: see https://forge.ourworld.tf/lhumina_code/home/issues/148. --- ## ✅ What works end-to-end | Area | Demo-ready state | |---|---| | AI Assistant — grounded mode | Ask "Call search_hero_docs with query=Hero OS pipeline and top_k=3" → Claude Haiku 4.5 returns docs-cited answer referencing `(hero_os_guide, overview/quickstart/ai_pipeline)` | | Semantic tool routing | `HERO_AGENT_ROUTING_MODE=hybrid`, `SEMANTIC_TOP_K=10`, `SEMANTIC_THRESHOLD=0.25` applied. Embedder indexes the 58 built-in tools + any MCP tools, selects top-K per query — bypasses the 128-tool LLM cap. | | hero_aibroker routing | Claude preferred (Haiku 4.5 → 3.5-sonnet → GPT-4o-mini fallback chain). Env wired: `AIBROKER_API_ENDPOINT=http://10.1.2.2:9988/hero_aibroker/rest/v1`. | | Hero Books library discovery | 4 libraries cloned into `/home/driver/code/docs_*`: hero (1 book, 163 embedder docs), geomind (12 books, 1733+ docs), mycelium (21 books, Q&A extraction ongoing), ourworld (6 books). | | Embedder admin UI | TriviaQA benchmark corpus loaded (92,252 Q&A pairs, 3.52 MB), namespaces visible, Q1 Fast BGE-small model, reranker available. | | MCP wiring | `/home/driver/hero/var/agent/mcp.json` trimmed to hero_books only (until tool-name sanitizer — home#153 — lands). `POST /mcp/hero_books` returns `protocolVersion: 2025-03-26`. | | Office .docx | 47 files across 5 contexts (default/geomind/incubaid/root/threefold). Hero OS Guide in default/incubaid/root; 22 geomind collection docx in geomind+threefold. | | Office .pdf | 45 PDFs via pandoc+typst (typst 0.14.2 installed on `/data/home/driver/bin/typst`, DejaVu fonts). Sizes 38 KB–710 KB. Served from hero_foundry webdav. | | Photos/Videos/Songs | All 5 contexts. 30 original seed records had leading-slash `storage_path` bug (fixed by rewrite — https://forge.ourworld.tf/lhumina_code/home/issues/156). Default context also seeded with 9 photo + 3 video + 3 song records. | | Calendar | 8-9 events per context (geomind, incubaid, threefold, root). | | Business (hero_osis business domain) | Per context: 6 Persons, 6 Companies, 4 Contacts, 4 Opportunities, 3 Deals, 3 Instruments, 3 Contracts, 3 Transactions. | | Projects / Kanban (hero_osis projects domain) | geomind 5, incubaid 3, threefold 2, root 2 projects (milestones partially failed — see below). | | WASM shell | 211 MB debug → **1.8 MB brotli first paint** (home#140 — fix merged in `development_mik_nu_demo` on VM). | | docs_hero on origin/development | Commit `83fb985` pushed — refreshed architecture.md, services.md, overview.md, quickstart.md + new `ai_pipeline.md` canonical page. | ## 🟥 Blockers / high-severity gaps ### 1. Services island is architectural dead wood — NOT just a WASM feature gap Current behavior: dock click → `Failed to load island WASM 'services': Island not found: services (HTTP 404)`. Root cause (architectural): In the hero_zero Docker era, the Services island proxied hero_proxy's service discovery. In the nu-shell / hero_router era, **hero_router owns service discovery natively** via its admin UI at `ui.sock` (see https://forge.ourworld.tf/lhumina_code/hero_router/src/branch/development/CLAUDE.md). The "Services" dock entry is a stale artifact that references a code path that no longer makes sense. Proper fix: - Remove `"services"` from `hero_os_app/src/registry.rs::build_islands()` (around line 351) and from any `WASM_FEATURES` list. - Optionally add a new dock entry pointing at hero_router's admin UI (`/hero_router/ui/`) if the UX goal is "operator sees running services." - Rebuild hero_os_app WASM (~25 min). Demo workaround: broken icon stays in the dock; users hit 404 only if they explicitly click it. ### 2. hero_biz service is incomplete — only ui.sock, no rpc.sock Current behavior: clicking "Biz" → blank page. Root cause: `hero_proc service list` shows `hero_biz` as running with only a `_server` + `_ui` action, but `hero_biz_server` exposes no rpc.sock — just ui.sock. The Biz island loads, JS tries to fetch RPC, gets nothing. Note: Biz island is **separate from** the "Business" island which maps to hero_osis business domain (that one works and has seeded data). Fix: either flesh out hero_biz service to expose rpc endpoints, OR remove the Biz dock entry (same registry.rs rebuild). ### 3. Books UI "All Books" tab errors — Dioxus double-slash URL bug Current behavior: `Error: JSON parse error: EOF while parsing a value at line 1 column 0`. Root cause: `hero_archipelagos/archipelagos/embed/books/src/island.rs:28` introduced in commit `b7202b7 (fix(embed): use hero_router URL pattern for iframe islands)`: ```rust // Before b7202b7 (worked) let base_url = format!("{}/hero_books", props.context.api_host); // no trailing slash // After b7202b7 (broken) let base_url = format!("{}/hero_books/ui/", props.context.api_host); // trailing slash ``` Then in `services/mod.rs:42`: `format!("{}/rpc", base_url)` → `/hero_books/ui//rpc` → 404. Verified on heronu: - `curl -X POST 'http://10.1.2.2:9988/hero_books/ui/rpc' ...` → **200 OK** (single slash works) - `curl -X POST 'http://10.1.2.2:9988/hero_books/ui//rpc' ...` → **404** (double slash 404s) Proper fix (in `hero_archipelagos`): strip trailing slash from `base_url` OR `trim_end_matches('/')` in `rpc_call` before appending `/rpc`. Attempted demo fix (on heronu): added `collapse_slashes_middleware` to `hero_books_ui/src/main.rs` before `.layer(cors)`. Binary rebuilt (~22 min), installed, process restarted — middleware is in source but does not fire at runtime. Likely axum-0.8 behavior or LTO eliminated path. Not yet root-caused. Full write-up: https://forge.ourworld.tf/lhumina_code/home/issues/157. ### 4. Office PDF island reads from hero_office, not hero_foundry webdav Current behavior: PDF island shows `No PDF files in geomind` even though I seeded 21 .pdf into `~/hero/var/hero_foundry/webdav/geomind/Documents/`. Root cause: `hero_office_ui/src/handlers.rs::type_browser` calls `hero_office_server::list_documents(type_filter="pdf")` — i.e. hero_office_server has its own file store and its own list/upload API, disjoint from hero_foundry's webdav. The `/hero_office/ui/pdf/` iframe therefore doesn't see files that live under hero_foundry. For hero_office to show the PDFs, they need to be uploaded via `hero_office_server`'s REST/RPC (not by dropping into webdav). Equivalent path needed for Docs, Sheets, Slides. Fix options: 1. Teach hero_office_server to **list from hero_foundry webdav** (unified file store). 2. Add a one-shot seed step that bulk-imports from webdav into hero_office's store. 3. Refactor Office islands to read directly from webdav via hero_foundry RPC. ### 5. Chat persistence broken — hero_osis_ai domain not registered Current behavior: every tool-call turn logs `WARN hero_agent::osis_store: Failed to create audit entry error=Network error: HTTP error: 404 Not Found`. Root cause: `hero_agent/src/osis_store.rs` uses `hero_osis_sdk`'s `AiClient` to persist conversation history + audit/usage entries. The client targets the `hero_osis_ai` domain, which is NOT registered in the nu-shell per-domain server list. See existing issue https://forge.ourworld.tf/lhumina_code/home/issues/130. Result: AI Assistant works for single-turn queries but conversations aren't persisted — refresh the page and history is gone. Historically (hero_zero era) this was working via the monolithic hero_osis_server. Fix: register `hero_osis_ai` in the per-domain list (whatever drives hero_osis_server action registration in nu-shell), run OSIS schema migration for the `ai` domain, set `OSIS_URL` in hero_agent env to point at that domain's `rpc.sock`. ### 6. Plain-chat grounding doesn't trigger — triage classifier routes Hero questions to Knowledge path "What is Hero OS?" still returns a generic OS description because the triage classifier routes it to the `Knowledge` branch — no tools offered, no `search_hero_docs` call. See https://forge.ourworld.tf/lhumina_code/home/issues/152. Workaround: explicit tool hint ("Call search_hero_docs with ...") forces the Tools path and grounding works. ### 7. Tools payload sanitization needed for wider MCP `mcp.json` currently wires only hero_books. Widening it to all 7 MCP services would produce ~165 tools — exceeds OpenAI's 128-tool cap AND MCP names contain dots (`collections.list`, `search.query`) which violate Anthropic's function-name regex `^[a-zA-Z0-9_-]{1,128}$`. See https://forge.ourworld.tf/lhumina_code/home/issues/153. Semantic routing (home#159 §2) picks top-K tools — but the top-K can still include MCP tools with dots, which Anthropic rejects. Both fixes are needed: semantic routing (live) + name sanitization (pending). ## 🟨 Medium-severity gaps ### 8. Livekit iframe defaults to dark theme when hero_os is light Source patched on VM (`templates/base.html`: `data-bs-theme="dark"` → `"light"`) but hero_livekit_ui not yet rebuilt/installed. Also applies to hero_collab — see task #36 / home#147. ### 9. Books Q&A cache bypass Libraries ship pre-extracted Q&A pairs in `collections/<coll>/.ai/<page>.toml` + pre-computed `.vectors.bin` embeddings, but hero_books' `content_hash` check mismatches → re-extracts via LLM → wastes 20-40 min per library. See https://forge.ourworld.tf/lhumina_code/home/issues/158. ### 10. Projects milestone seed partial failure Projects seeded successfully (30 objects), milestones failed due to status enum mismatch (`status = "active"` in legacy TOMLs vs current enum `{todo, in_progress, done}` expects per-object schemas not all auto-mapped). Remaining story/milestone TOMLs have other schema drifts that need a full seed-data migration. Fix: update `hero_zero/dist/var/seed/*/projects/*.toml` files to match current schema, OR teach `hero_osis_seed` binary to auto-migrate known enum values. ### 11. Per-library AI search — `search_hero_docs` tool hardwired to `namespace="hero"` Can't ask the AI "what does geomind's nitrograph memo say?" — tool always searches the `hero` namespace. Add optional `namespace` / `library` param to the tool, propagate to `hero_books.search.query`. Approximate effort: 10 lines + rebuild. ### 12. `tool_choice=required` infinite loop Pragmatic patch attempted and reverted — forcing `tool_choice: "required"` on every turn causes Claude to call a tool after it already has the answer → infinite loop. Proper implementation needs turn-1-only gating. See https://forge.ourworld.tf/lhumina_code/home/issues/150. ## 🟩 Low-severity / already-worked-around ### 13. VM rootfs is only 2 GB — blocked several installs TF Grid ubuntu-24.04 flist ships with 2 GB rootfs; `/data` is 100 GB. Workarounds applied on heronu: - `TMPDIR=/data/tmp` for all cargo builds (rustc scratch) - `CARGO_TARGET_DIR=/data/home/driver/cargo-target` - `apt cache/lists` symlinked to `/data/var/` - typst installed on `/data/home/driver/bin/` - Chromium auto-install (for hero_books PDF generator) left disabled — weasyprint attempt broke apt Proper fix: bump `rootfs_size` in `hero_zero/deploy/single-vm/tf/main.tf` to 8 GB; teach hero_skills installers to default to `/data` paths. (Issue draft was interrupted — can be filed on request.) ### 14. Hero_osis_seed binary reports phantom errors The legacy `hero_osis_seed` binary (from hero_zero dist) prints `error decoding response body` for every write, but writes actually succeed. Symptom only — seed data did land (Business/Calendar/Media all populated). Minor cosmetic issue if future operators rely on the stderr output. ### 15. hero_embedder tokio blocking reqwest Already patched on VM via `tokio::task::block_in_place` wraps in `embedderd_client.rs`. See https://forge.ourworld.tf/lhumina_code/home/issues/145. ### 16. hero_router X-Hero-Context clobbering Already patched on VM. See https://forge.ourworld.tf/lhumina_code/home/issues/125. ### 17. hero_livekit axum Extension layer ordering Already patched on VM. See https://forge.ourworld.tf/lhumina_code/home/issues/126. ## Operator-state snapshot (what's live on heronu *only*) These are changes that exist ONLY on the VM and the `development_mik_nu_demo` branches locally — **not pushed** to origin: | Repo | Branch | Applied | |---|---|---| | hero_agent | `development_mik_nu_demo` (VM-local) | prompt.rs MANDATORY directive, llm_client.rs tool_choice patch reverted, tool_router.rs `always_include` += `search_hero_docs` | | hero_books | `development_mik_nu_demo` (VM-local) | `collapse_slashes_middleware` in main.rs (compiled, doesn't fire at runtime) | | hero_livekit | `development_mik_nu_demo` (VM-local) | base.html `data-bs-theme` default flipped to `light` | | hero_router | `development_mik_nu_demo` (VM-local) | X-Hero-Context header preservation patch | | hero_embedder | `development_mik_nu_demo` (VM-local) | `block_in_place` around blocking reqwest | | hero_os | `development_mik_nu_demo` (VM-local) | WASM release+brotli compression (home#140) | | docs_hero | **`development` (REMOTE)** | ai_pipeline.md + refreshed hero_os_guide | hero_proc action state changes (runtime, not source): - `hero_agent_server.env` += `AIBROKER_API_ENDPOINT`, `HERO_AGENT_AIBROKER_MODELS`, `OSIS_URL`, `OSIS_CONTEXT`, `HERO_AGENT_ROUTING_MODE=hybrid`, semantic top_k/threshold - `hero_books_server.env` += `FORGEJO_TOKEN`, `FORGE_TOKEN`, `GIT_TERMINAL_PROMPT=0`, script arg `serve` OSIS data writes (runtime): - 30 photo/song/video `storage_path` fields rewritten (leading slash stripped) - 30 project objects set across 4 contexts via custom Python uploader with status enum remap + OTOML `O:` prefix - Business/Calendar/Media seeded via legacy `hero_osis_seed` binary for 5 contexts File-system artifacts: - `/home/driver/code/docs_{hero,mycelium,geomind,owh}` — 4 library clones totaling 808 MB - `~/hero/var/hero_foundry/webdav/<ctx>/Documents/*.docx` (47), `*.pdf` (45) - `~/hero/var/agent/mcp.json` with 1 MCP server (hero_books) - `/data/home/driver/bin/typst` - `/data/home/driver/seed/` — copy of hero_zero seed data + binary ## Reproducibility path To recreate heronu-equivalent state from a fresh TF Grid VM: 1. **Upstream land all [nu-demo] fixes.** The catalog is home#122–158. Most need simple PRs; several need design discussion. 2. **Fix root-cause bugs.** Specifically: registry cleanup (services/biz), Dioxus Books island trailing slash (b7202b7 revert), triage routing (home#152), tool-name sanitization (home#153), hero_osis_ai domain registration (home#130), Q&A cache hash alignment (home#158). 3. **Add a `hero_osis_seed` re-roll.** Port the legacy `hero_zero/dist/var/seed/` TOMLs to match current schemas, or add a migrator. Include all contexts (default + geomind + incubaid + root + threefold). 4. **Bump rootfs default** in `hero_zero/deploy/single-vm/tf/main.tf` so cargo + apt don't need `/data` tricks. 5. **Ship a canonical `mcp.json`** once tool-name sanitization lands — can then safely wire all 7 MCP services. 6. **Add the `ai_pipeline.md` doc to the hero_books `libraries.txt` chain** so the AI can always cite its own architecture (closed loop). Once all that lands, a fresh `hero_skills install-all && hero_proc start ...` on a 8 GB rootfs VM should produce a clean equivalent of today's heronu state. ## Related issues (chronological) - 122 hero_slides hardcoded `/Volumes/T7` - 123 hero_os_app missing `web` feature entries for island-room + others - 124 UX: every island needs a polished empty/error state - 125 hero_router X-Hero-Context clobbering **(patched on VM)** - 126 hero_livekit_ui axum Extension ordering **(patched on VM)** - 127 hero_slides path dep on hero_lib - 128 hero_skills installers.nu missing apt deps - 129 service_osis.nu doesn't pass HERO_CONTEXTS - 130 **hero_osis_ai domain not registered (blocks chat persistence)** - 131 hero_os Makefile ignored CARGO_TARGET_DIR - 132 service_codescalers socket naming - 133 service_livekit no redis preflight - 134 packages.nu commented-out services - 135 service_agent.nu missing - 136 hero_agent OPENROUTER_API_KEYS plural - 137 hero_aibroker Groq-only config - 138 hero_aibroker --reset clobbers - 139 hero_foundry seed_media path - 140 WASM 211 MB → 1.8 MB brotli **(patched on VM)** - 141 service_books.nu parse error - 142 hero_skills install.sh nushell install - 143 hero_osis SDK delete bool/String - 144 Office archipelago per-library PDFs **(partial — 47 .docx + 45 .pdf seeded via pandoc+typst into hero_foundry webdav; Office island reads different store)** - 145 hero_embedder blocking reqwest **(patched on VM)** - 146 Photos `<img>` double-slash **(patched on VM via seed rewrite)** - 147 hero_collab dark theme on light hero_os - 148 nu-demo architecture index - 149 prompt.rs MANDATORY directive + rebuild verification - 150 tool_choice=required support (requires turn-1 gating) - 151 (not filed by me) - 152 **triage classifier routes Hero questions to Knowledge path** - 153 **tools payload sanitization (count + dots + duplicates)** - 154 (not filed) - 155 (not filed) - 156 Photos seed storage_path leading slash **(patched on VM via rewrite)** - 157 Books island double-slash URL + server-side middleware demo fix - 158 hero_books re-runs LLM Q&A extraction despite `.ai/` cache - 159 CANONICAL intelligence pipeline reference - **160 (THIS ISSUE) — consolidated demo state and remaining work** Signed-off-by: mik-tf
mik-tf commented 2026-04-24 16:51:31 +00:00
Author
Owner
Copy link

Session close-out 2026-04-24

Infrastructure

  • herodemo up and running at herodemo.gent01.grid.tf — 16 CPU / 32 GB / 200 GB / 16 GB rootfs / public IPv4 185.69.166.153 on freefarm node 2007, gateway on node 1.
  • heronu destroyed (make destroy ENV=heronu) — 5 resources cleanly removed, freeing the heronu name contract.

Snapshot

herodemo-backup-20260424-124021.tar.gz on workstation at ~/heronu-backups/:

  • Size: 2.2 GB on VM, scp'ing down now
  • SHA256: f8d040f858de14d3affad9bb9f6d4f15ca3adcb6e5d81cdc036f80fe5e3dd11b
  • Contents: hero/cfg, hero/bin (all compiled service binaries), hero/share, hero/var (excluding embedder model cache and logs), hero/code, actions.d.*, driver helper scripts
  • Old heronu backup (heronu-backup-20260424-033445.tar.gz, 2.5 GB) retained alongside as requested

Codebase

  • lhumina_code/hero_zero renamed to lhumina_code/hero_demo on Forge
  • hero_demo development branch updated with:
    • New README (nu-shell as primary path, docker retained as legacy reference)
    • docs/ops/DEPLOYMENT_NU_HERO_OS.md — full reproducibility runbook
    • deploy/single-vm/tf/variables.tf — added rootfs_size + gateway_node variables
    • deploy/single-vm/tf/main.tf — wired rootfs_size into VM, cross-node gateway network
    • Commit 5b0f0d5 on development

Demo-time gaps filed on lhumina_code/home

All 30 issues filed this session:

  • Install flow: home#162, home#164, home#166, home#167, home#168, home#169, home#170, home#172
  • Runtime / UI gaps: home#152, home#154–#158, home#171, home#175, home#176, home#177
  • Upstream tech: home#173 (ONNX version conflict), home#174 (OnlyOffice missing)
  • Infra: home#161, home#163, home#165
  • State of the art: home#148, home#159, home#160 (updated)

Next deploy

To reproduce a fresh demo VM, follow hero_demo/docs/ops/DEPLOYMENT_NU_HERO_OS.md. Snapshot restore is ~/heronu-backups/herodemo-backup-20260424-124021.tar.gz (scp up → tar xzf → hero_proc service start the stopped services).

Signed-off-by: mik-tf

## Session close-out 2026-04-24 ### Infrastructure - **herodemo** up and running at `herodemo.gent01.grid.tf` — 16 CPU / 32 GB / 200 GB / 16 GB rootfs / public IPv4 185.69.166.153 on freefarm node 2007, gateway on node 1. - **heronu** destroyed (`make destroy ENV=heronu`) — 5 resources cleanly removed, freeing the heronu name contract. ### Snapshot `herodemo-backup-20260424-124021.tar.gz` on workstation at `~/heronu-backups/`: - Size: 2.2 GB on VM, scp'ing down now - SHA256: `f8d040f858de14d3affad9bb9f6d4f15ca3adcb6e5d81cdc036f80fe5e3dd11b` - Contents: `hero/cfg`, `hero/bin` (all compiled service binaries), `hero/share`, `hero/var` (excluding embedder model cache and logs), `hero/code`, `actions.d.*`, driver helper scripts - Old heronu backup (`heronu-backup-20260424-033445.tar.gz`, 2.5 GB) retained alongside as requested ### Codebase - `lhumina_code/hero_zero` renamed to `lhumina_code/hero_demo` on Forge - hero_demo `development` branch updated with: - New README (nu-shell as primary path, docker retained as legacy reference) - `docs/ops/DEPLOYMENT_NU_HERO_OS.md` — full reproducibility runbook - `deploy/single-vm/tf/variables.tf` — added `rootfs_size` + `gateway_node` variables - `deploy/single-vm/tf/main.tf` — wired rootfs_size into VM, cross-node gateway network - Commit `5b0f0d5` on `development` ### Demo-time gaps filed on `lhumina_code/home` All 30 issues filed this session: - **Install flow:** home#162, home#164, home#166, home#167, home#168, home#169, home#170, home#172 - **Runtime / UI gaps:** home#152, home#154–#158, home#171, home#175, home#176, home#177 - **Upstream tech:** home#173 (ONNX version conflict), home#174 (OnlyOffice missing) - **Infra:** home#161, home#163, home#165 - **State of the art:** home#148, home#159, home#160 (updated) ### Next deploy To reproduce a fresh demo VM, follow `hero_demo/docs/ops/DEPLOYMENT_NU_HERO_OS.md`. Snapshot restore is `~/heronu-backups/herodemo-backup-20260424-124021.tar.gz` (scp up → tar xzf → `hero_proc service start` the stopped services). Signed-off-by: mik-tf
mik-tf commented 2026-04-24 22:01:41 +00:00
Author
Owner
Copy link

Update 2026-04-24 (late afternoon session)

Three hotfixes pushed to herodemo and verified live. 24/25 services running (was 23/24 — hero_voice now active).

Fix 1 — AI Assistant MCP tool wiring (home#153)

  • hero_agent::mcp_client.rs patched on development_mik_nu_demo: tool-name sanitizer (.__), original_name field for round-trip MCP calls.
  • hero_agent_server rebuilt + redeployed.
  • Tool name regex no longer rejects per-domain OSIS tools.

Fix 2 — hero_voice (home#173)

  • Installed ONNX 1.24.4 to /usr/local/onnxruntime-1.24/ alongside 1.23.2 at /usr/local/onnxruntime/.
  • hero_voice action env set with ORT_LIB_LOCATION=/usr/local/onnxruntime-1.24/lib, ORT_PREFER_DYNAMIC_LINK=1, LD_LIBRARY_PATH=/usr/local/onnxruntime-1.24/lib.
  • hero_voice_server + hero_voice_ui built and running.
  • Per-process LD_LIBRARY_PATH lets embedder (1.23) and voice (1.24) coexist.

Fix 3 — Office viewing (home#174)

  • hero_office_ui::editor_page patched with browser-native PDF short-circuit:
    • .pdf → renders inline via <embed type="application/pdf">
    • .docx/.xlsx/.pptx → looks for companion .pdf with same stem; if found, renders that with a "PDF preview" badge
    • falls through to OnlyOffice for non-PDF files without companion (still broken until OnlyOffice deployed).
  • Office archipelago seeded: 5 Presentations (.pptx), 5 Spreadsheets (.xlsx), companion PDFs generated via Chrome headless.
  • Distributed to geomind / incubaid / threefold / default / root contexts.

Verified live

  • AI Assistant — hero_agent_ui healthy, sanitizer in compiled binary
  • hero_voice — both sockets up, UI returns 200
  • Office — all 5 sub-types (Documents / Spreadsheets / Presentations / PDF / Diagrams) backed by content where available, click-through renders PDF natively
  • hero_books PDF export — Chrome 147 in place
  • 24/25 services running

Prod-level fix paths

All three hotfixes have prod-level long-term fix paths documented in their respective issues:

  • home#153 — upstream sanitizer + tool-list whitelist + name-format spec
  • home#173 — unify ort crate version + bake ORT_PREFER_DYNAMIC_LINK into installer + ort↔onnx version detector
  • home#174 — ship OnlyOffice Docker container in hero_skills + auto-generate companion PDFs on upload via libreoffice/pandoc

Snapshot tarball at ~/heronu-backups/herodemo-backup-20260424-124021.tar.gz was taken BEFORE these three fixes — a fresh snapshot will be needed once all three changes settle.

Signed-off-by: mik-tf

## Update 2026-04-24 (late afternoon session) Three hotfixes pushed to herodemo and verified live. **24/25 services running** (was 23/24 — hero_voice now active). ### Fix 1 — AI Assistant MCP tool wiring (home#153) - `hero_agent::mcp_client.rs` patched on `development_mik_nu_demo`: tool-name sanitizer (`.` → `__`), `original_name` field for round-trip MCP calls. - `hero_agent_server` rebuilt + redeployed. - Tool name regex no longer rejects per-domain OSIS tools. ### Fix 2 — hero_voice (home#173) - Installed ONNX 1.24.4 to `/usr/local/onnxruntime-1.24/` alongside 1.23.2 at `/usr/local/onnxruntime/`. - `hero_voice` action env set with `ORT_LIB_LOCATION=/usr/local/onnxruntime-1.24/lib`, `ORT_PREFER_DYNAMIC_LINK=1`, `LD_LIBRARY_PATH=/usr/local/onnxruntime-1.24/lib`. - `hero_voice_server` + `hero_voice_ui` built and running. - Per-process LD_LIBRARY_PATH lets embedder (1.23) and voice (1.24) coexist. ### Fix 3 — Office viewing (home#174) - `hero_office_ui::editor_page` patched with browser-native PDF short-circuit: - `.pdf` → renders inline via `<embed type="application/pdf">` - `.docx`/`.xlsx`/`.pptx` → looks for companion `.pdf` with same stem; if found, renders that with a "PDF preview" badge - falls through to OnlyOffice for non-PDF files without companion (still broken until OnlyOffice deployed). - Office archipelago seeded: 5 Presentations (.pptx), 5 Spreadsheets (.xlsx), companion PDFs generated via Chrome headless. - Distributed to geomind / incubaid / threefold / default / root contexts. ### Verified live - AI Assistant — `hero_agent_ui` healthy, sanitizer in compiled binary - hero_voice — both sockets up, UI returns 200 - Office — all 5 sub-types (Documents / Spreadsheets / Presentations / PDF / Diagrams) backed by content where available, click-through renders PDF natively - hero_books PDF export — Chrome 147 in place - 24/25 services running ### Prod-level fix paths All three hotfixes have prod-level long-term fix paths documented in their respective issues: - home#153 — upstream sanitizer + tool-list whitelist + name-format spec - home#173 — unify ort crate version + bake `ORT_PREFER_DYNAMIC_LINK` into installer + ort↔onnx version detector - home#174 — ship OnlyOffice Docker container in hero_skills + auto-generate companion PDFs on upload via libreoffice/pandoc Snapshot tarball at `~/heronu-backups/herodemo-backup-20260424-124021.tar.gz` was taken BEFORE these three fixes — a fresh snapshot will be needed once all three changes settle. Signed-off-by: mik-tf
mik-tf commented 2026-04-25 03:13:33 +00:00
Author
Owner
Copy link

Session close-out 2026-04-25

herodemo.gent01.grid.tf is in a demo-ready state. Auth-gated public URL with all archipelagos working except documented exceptions.

What works end-to-end

Island Status Notes
Auth gate nginx basic auth admin:admin123 (canonical hero_proxy in home#182)
AI Assistant hero_aibroker → Claude; MCP sanitizer in place (home#153)
hero_books (Knowledge) libraries auto-cloned, search works, pages render
OSIS (per-domain) 17 servers; admin UI aggregator gap (home#175)
Files / Photos / Videos / Songs hero_foundry webdav, browser-native rendering
Office Documents OnlyOffice editor, full editing, autosave
Office Spreadsheets OnlyOffice, formulas evaluate
Office Presentations OnlyOffice, slide thumbnails, transitions
Office PDF OnlyOffice (or browser-native via short-circuit)
Office Diagrams ⚠️ empty no .vsdx seed tooling on VM (home#183)
Voice (Kokoro/Whisper) parallel ONNX 1.24 install (home#173)
hero_voice MCP triage ⚠️ minor menu cutoff (home#155)
Native Business island Dioxus WASM via OSIS — 6 Persons / 6 Companies / 4 Contacts / etc.
HeroBiz iframe ⚠️ empty Hero0Config not refactored for OSIS split (home#180)
Collab ⚠️ dark theme follows own theme not hero_os (home#147)
Whiteboard / Slides iframes with theme propagation
Browser MCP works via /hero_browser/ui/

Engineering deliverables this session

Repo work:

  • lhumina_code/hero_zero renamed → hero_demo on Forge (per session 12 hand-off)
  • hero_demo/development: README rewrite (nu-shell primary), runbook (DEPLOYMENT_NU_HERO_OS.md), method doc (FIX_TRIAGE.md), TF variables (rootfs_size, gateway_node)
  • hero_office PR #3 (lhumina_code/hero_office#3): native PDF preview, OnlyOffice reverse proxy with WS pass-through + streaming, JWT permissions widened, X-Forwarded-Host for cross-prefix URL gen
  • hero_os/development (one direct merge — process miss flagged + memorialized): Biz iframe URL (home#179)

Issues filed this session: home#148 through home#183 — every gap captured.

Snapshot

~/heronu-backups/herodemo-backup-<TS>.tar.gz — restorable to a fresh TF Grid VM via runbook §5 (data restore from backup). Plus the original heronu-backup-20260424-033445.tar.gz retained per request.

Re-deploy from scratch

Full path documented in hero_demo/docs/ops/DEPLOYMENT_NU_HERO_OS.md:

  1. Terraform provision (deploy/single-vm/envs/<NAME>/)
  2. Bootstrap VM (apt deps, ONNX 1.23 + 1.24, Chrome, uv, libreoffice, nu-shell)
  3. hero_skills service_install_all
  4. Fix-up workarounds (action env patches per home#166-168)
  5. WASM rebuild + theme overlay
  6. Office seeding + libreoffice companion PDFs
  7. §10 Docker on TF Grid (btrfs)
  8. §11 OnlyOffice Document Server
  9. §12 Auth gate (nginx or hero_proxy)
  10. Verify + snapshot

Method

Established the "Fix Triage" 4-level routing convention for collaborative demo+devops work:

  • L1 Hotfix only + home issue
  • L2 Hotfix + PR (branch + review)
  • L3 Issue + squash to development (small, certain, with explicit OK)
  • L4 Issue only (capture, no implementation)

Demo VM hotfixes are L1 by default. Anything that lands upstream needs PR review (L2). Direct push to development is reserved for hero_demo only.

Devops pickup list (priority order)

  1. home#180 — hero_biz_ui refactor for OSIS per-domain split. Without this, HeroBiz iframe shows zeros despite OSIS having data.
  2. PR #3 on hero_office — review and merge so OnlyOffice integration lands upstream.
  3. home#175 — OSIS admin UI needs /api/services aggregator (or per-domain split admin UIs). Same class of bug as home#180.
  4. home#153 — hero_agent MCP sanitizer landed on demo branch; needs upstream.
  5. home#173 — unify ort crate version across hero_voice + hero_embedder.
  6. home#181 — runbook now references the existing setup.sh Docker-on-TF-Grid recipe; could fold into hero_skills installer.

Closing this issue. herodemo demo state is captured; the runbook + FIX_TRIAGE.md + per-gap home issues form the complete documentation.

Signed-off-by: mik-tf

## ✅ Session close-out 2026-04-25 herodemo.gent01.grid.tf is in a **demo-ready state**. Auth-gated public URL with all archipelagos working except documented exceptions. ### What works end-to-end | Island | Status | Notes | |---|---|---| | Auth gate | ✅ | nginx basic auth `admin:admin123` (canonical hero_proxy in [home#182](https://forge.ourworld.tf/lhumina_code/home/issues/182)) | | AI Assistant | ✅ | hero_aibroker → Claude; MCP sanitizer in place ([home#153](https://forge.ourworld.tf/lhumina_code/home/issues/153)) | | hero_books (Knowledge) | ✅ | libraries auto-cloned, search works, pages render | | OSIS (per-domain) | ✅ | 17 servers; admin UI aggregator gap ([home#175](https://forge.ourworld.tf/lhumina_code/home/issues/175)) | | Files / Photos / Videos / Songs | ✅ | hero_foundry webdav, browser-native rendering | | Office Documents | ✅ | OnlyOffice editor, full editing, autosave | | Office Spreadsheets | ✅ | OnlyOffice, formulas evaluate | | Office Presentations | ✅ | OnlyOffice, slide thumbnails, transitions | | Office PDF | ✅ | OnlyOffice (or browser-native via short-circuit) | | Office Diagrams | ⚠️ empty | no `.vsdx` seed tooling on VM ([home#183](https://forge.ourworld.tf/lhumina_code/home/issues/183)) | | Voice (Kokoro/Whisper) | ✅ | parallel ONNX 1.24 install ([home#173](https://forge.ourworld.tf/lhumina_code/home/issues/173)) | | hero_voice MCP triage | ⚠️ minor | menu cutoff ([home#155](https://forge.ourworld.tf/lhumina_code/home/issues/155)) | | Native Business island | ✅ | Dioxus WASM via OSIS — 6 Persons / 6 Companies / 4 Contacts / etc. | | HeroBiz iframe | ⚠️ empty | Hero0Config not refactored for OSIS split ([home#180](https://forge.ourworld.tf/lhumina_code/home/issues/180)) | | Collab | ⚠️ dark theme | follows own theme not hero_os ([home#147](https://forge.ourworld.tf/lhumina_code/home/issues/147)) | | Whiteboard / Slides | ✅ | iframes with theme propagation | | Browser MCP | ✅ | works via /hero_browser/ui/ | ### Engineering deliverables this session **Repo work:** - `lhumina_code/hero_zero` renamed → `hero_demo` on Forge (per session 12 hand-off) - `hero_demo/development`: README rewrite (nu-shell primary), runbook ([DEPLOYMENT_NU_HERO_OS.md](https://forge.ourworld.tf/lhumina_code/hero_demo/src/branch/development/docs/ops/DEPLOYMENT_NU_HERO_OS.md)), method doc ([FIX_TRIAGE.md](https://forge.ourworld.tf/lhumina_code/hero_demo/src/branch/development/docs/ops/FIX_TRIAGE.md)), TF variables (`rootfs_size`, `gateway_node`) - `hero_office` PR #3 (https://forge.ourworld.tf/lhumina_code/hero_office/pulls/3): native PDF preview, OnlyOffice reverse proxy with WS pass-through + streaming, JWT permissions widened, X-Forwarded-Host for cross-prefix URL gen - `hero_os/development` (one direct merge — process miss flagged + memorialized): Biz iframe URL ([home#179](https://forge.ourworld.tf/lhumina_code/home/issues/179)) **Issues filed this session:** home#148 through home#183 — every gap captured. ### Snapshot `~/heronu-backups/herodemo-backup-<TS>.tar.gz` — restorable to a fresh TF Grid VM via runbook §5 (data restore from backup). Plus the original `heronu-backup-20260424-033445.tar.gz` retained per request. ### Re-deploy from scratch Full path documented in `hero_demo/docs/ops/DEPLOYMENT_NU_HERO_OS.md`: 1. Terraform provision (`deploy/single-vm/envs/<NAME>/`) 2. Bootstrap VM (apt deps, ONNX 1.23 + 1.24, Chrome, uv, libreoffice, nu-shell) 3. hero_skills `service_install_all` 4. Fix-up workarounds (action env patches per home#166-168) 5. WASM rebuild + theme overlay 6. Office seeding + libreoffice companion PDFs 7. **§10 Docker on TF Grid (btrfs)** 8. **§11 OnlyOffice Document Server** 9. **§12 Auth gate (nginx or hero_proxy)** 10. Verify + snapshot ### Method Established the "[Fix Triage](https://forge.ourworld.tf/lhumina_code/hero_demo/src/branch/development/docs/ops/FIX_TRIAGE.md)" 4-level routing convention for collaborative demo+devops work: - **L1** Hotfix only + home issue - **L2** Hotfix + PR (branch + review) - **L3** Issue + squash to development (small, certain, with explicit OK) - **L4** Issue only (capture, no implementation) Demo VM hotfixes are L1 by default. Anything that lands upstream needs PR review (L2). Direct push to `development` is reserved for `hero_demo` only. ### Devops pickup list (priority order) 1. **[home#180](https://forge.ourworld.tf/lhumina_code/home/issues/180)** — hero_biz_ui refactor for OSIS per-domain split. Without this, HeroBiz iframe shows zeros despite OSIS having data. 2. **PR #3 on hero_office** — review and merge so OnlyOffice integration lands upstream. 3. **[home#175](https://forge.ourworld.tf/lhumina_code/home/issues/175)** — OSIS admin UI needs `/api/services` aggregator (or per-domain split admin UIs). Same class of bug as home#180. 4. **[home#153](https://forge.ourworld.tf/lhumina_code/home/issues/153)** — hero_agent MCP sanitizer landed on demo branch; needs upstream. 5. **[home#173](https://forge.ourworld.tf/lhumina_code/home/issues/173)** — unify ort crate version across hero_voice + hero_embedder. 6. **[home#181](https://forge.ourworld.tf/lhumina_code/home/issues/181)** — runbook now references the existing `setup.sh` Docker-on-TF-Grid recipe; could fold into hero_skills installer. Closing this issue. herodemo demo state is captured; the runbook + FIX_TRIAGE.md + per-gap home issues form the complete documentation. Signed-off-by: mik-tf
mik-tf commented 2026-04-28 12:20:58 +00:00
Author
Owner
Copy link

Moved to hero_demo#28 — see lhumina_code/hero_demo#28

Moved to hero_demo#28 — see https://forge.ourworld.tf/lhumina_code/hero_demo/issues/28
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
development
main
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
lhumina_code/home#160
No description provided.