Nicholai/.agents
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

2026-02-24T23-27-19_auto_memory/memories.db-wal, memory/memories.db-wal

Browse Source
This commit is contained in:
Nicholai Vogel 2026-02-24 16:27:19 -07:00
parent e453cafc9b
commit 8787416df5
3 changed files with 141 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
memory/memories.db-shm
View File

Binary file not shown.

BIN
memory/memories.db-wal
View File

Binary file not shown.

143
skills/mac-server-setup/SKILL.md
View File

@ -6,7 +6,9 @@ description: >
Mac Studio, etc.) for server duty via SSH. Covers dev environment
(Homebrew, nvim, tmux, node, bun, starship, gh), nvim config, server
hardening (power mgmt, firewall, consumer service cleanup, Spotlight,
SMB, hostname), SSH key auth, git repos, and local SSH config.
SMB, hostname), SSH key auth, git repos, local SSH config, Signet
agent platform (install, launchd, tailnet binding), and OpenClaw
agent runtime (auth profiles, gateway config).
Generates an idempotent setup script on the remote machine. Triggers:
"set up mac server", "harden mac", "provision remote mac", "new client
server setup", "mac server hardening", "openclaw server setup".
@ -165,7 +167,120 @@ README covers: what the server is, current state, what's next,
who to contact. CHANGELOG is a dated record in plain language
of each setup session.
### 7. Verify
### 7. Signet Agent Platform
Signet is a portable agent identity system — persistent memory,
secrets vault, installable skills, and a web dashboard. The npm
package is `signetai`. Full install guide: https://signetai.sh/skill.md
**What Signet provides:**
- Background daemon (port 3850) with memory database, context injection,
and session extraction pipeline
- Web dashboard for browsing memories, config, secrets, and status
- Encrypted secrets vault at `~/.agents/.secrets/`
- Built-in skills: `/remember`, `/recall`, `/memory-debug`
- Platform connectors for Claude Code, OpenClaw, and OpenCode
**All agent data lives at `~/.agents/`:**
- `agent.yaml` — config manifest
- `AGENTS.md` — operational instructions
- `SOUL.md`, `IDENTITY.md`, `USER.md` — identity files
- `MEMORY.md` — auto-generated working memory summary
- `memory/memories.db` — SQLite database (source of truth)
- `skills/` — installed skills
- `.secrets/` — encrypted secret store
**Install steps:**
1. **Prerequisites**: Node.js >= 18 or Bun. If neither exists, install bun:
`curl -fsSL https://bun.sh/install | bash`
2. **Install signetai globally** (only two supported methods):
- Bun (preferred): `bun add -g signetai`
- npm: `npm install -g signetai`
- Never use sudo. Never clone the repo. Never use `npx signet init`.
3. **Install node runtime**: The bin shim uses `#!/usr/bin/env node`,
so node must be available even if bun is the primary runtime. If brew
isn't installed, download the node binary directly:
```
curl -fsSL https://nodejs.org/dist/v22.14.0/node-v22.14.0-darwin-arm64.tar.xz -o /tmp/node.tar.xz
tar xf /tmp/node.tar.xz -C /tmp/
cp /tmp/node-v22.14.0-darwin-arm64/bin/node ~/.local/bin/node
```
4. **Verify install**: `signet --version` must succeed before proceeding.
5. **Run setup wizard**: `signet` (no args) on first run launches the
interactive wizard. It handles connectors, hooks, file generation,
and skill deployment. Do NOT try to set these up manually.
6. **Bind to tailnet**: By default the daemon binds to `localhost`. Set
`SIGNET_HOST=0.0.0.0` in `.zshrc` so the dashboard is accessible
across the tailnet.
7. **Create launchd plist** at `~/Library/LaunchAgents/ai.signet.daemon.plist`:
- ProgramArguments: `~/.bun/bin/bun` + `~/.bun/install/global/node_modules/signetai/dist/daemon.js`
- EnvironmentVariables: `SIGNET_PORT=3850`, `SIGNET_HOST=0.0.0.0`,
`SIGNET_PATH=~/.agents`, PATH including `~/.bun/bin` and `~/.local/bin`
- RunAtLoad: true, KeepAlive: true
- Logs to `~/.agents/logs/daemon.{out,err}.log`
8. **Load**: `launchctl load ~/Library/LaunchAgents/ai.signet.daemon.plist`
9. **Verify**: `lsof -i :3850 -P` should show `TCP *:3850 (LISTEN)`,
and `curl http://<tailscale-ip>:3850/api/status` from operator machine.
**Important — what the daemon does automatically (do NOT replicate):**
- Extracts memories from session transcripts via LLM pipeline
- Injects relevant context into every prompt via semantic search
- Watches `~/.agents/` for changes and syncs to harness configs
- Do NOT manually write to `~/.agents/memory/`, call recall before
every response, or manually summarize conversations
**Troubleshooting:**
- Daemon won't start: `signet daemon logs`, `lsof -i :3850`
- No memories: daemon may still be processing — extraction is async
- Embeddings: Ollama is optional, falls back to keyword search (FTS5)
- Skills not found: `signet sync` reinstalls built-in templates
Note: with KeepAlive enabled, `signet stop` won't work — launchd respawns
the process. Use `launchctl unload` to fully stop.
### 8. OpenClaw Agent Runtime
Install and configure OpenClaw for agent operation:
1. **Install**: OpenClaw is typically installed via Homebrew
(`/opt/homebrew/bin/openclaw`).
2. **Configure**: Run `openclaw configure` for interactive setup, or
edit `~/.openclaw/openclaw.json` directly.
3. **Auth setup (non-interactive)**: The `openclaw models auth paste-token`
command uses interactive prompts that don't work through MCP. Instead,
write files directly:
- Write `~/.openclaw/agents/main/agent/auth-profiles.json`:
```json
{
"version": 1,
"profiles": {
"anthropic:manual": {
"type": "token",
"provider": "anthropic",
"token": "<oauth-token>"
}
}
}
```
- Add auth profile to `~/.openclaw/openclaw.json` under `auth.profiles`:
```json
"auth": {
"profiles": {
"anthropic:manual": {
"provider": "anthropic",
"mode": "token"
}
}
}
```
- Verify: `openclaw models status` should show the profile.
4. **Gateway**: OpenClaw manages its own LaunchAgent
(`ai.openclaw.gateway`). Restart with `openclaw gateway restart`.
Check health with `openclaw health`.
5. **Talk to it**: `openclaw agent --agent main --session-id <name> --message "hello"`
### 9. Verify
See [references/verification.md](references/verification.md) for the
full checklist.
@ -227,3 +342,27 @@ full checklist.
- **HTTPS git push on headless Mac**: Fails with "could not read
Username: Device not configured". Fix: `gh auth login` then
`gh auth setup-git` to install the credential helper.
- **Heredoc descriptions leak into content**: When using `cat >> file << 'DELIM'`
through SSH MCP, the tool's `description` parameter text can get appended
to the delimiter line (e.g. `DELIM # Write part 1`), corrupting the file.
Use `python3 -c` with string concatenation instead for multi-part file
writes — it's immune to this issue.
- **bun global binaries need PATH in non-login shells**: SSH MCP doesn't
source `.zshrc`, so `~/.bun/bin` isn't on PATH. Always export it:
`export BUN_INSTALL="$HOME/.bun" && export PATH="$BUN_INSTALL/bin:$HOME/.local/bin:$PATH"`
- **signet bin shim needs node**: Even though `signetai` runs on bun,
the npm bin shim (`bin/signet.js`) has `#!/usr/bin/env node`. Install
node alongside bun or the CLI won't start. A bare node binary in
`~/.local/bin` is sufficient.
- **Tailscale CLI vs app**: On macOS, Tailscale.app installs but the
`tailscale` CLI may not be in PATH. The binary lives at
`/Applications/Tailscale.app/Contents/MacOS/Tailscale`. `tailscale status`
works from there without needing brew or PATH changes.
- **OpenClaw interactive commands through MCP**: Commands like
`openclaw models auth paste-token` and `openclaw configure` use
`@clack/prompts` which require a TTY. Piping stdin doesn't bypass
the prompts cleanly. Write config files directly instead.
- **signet start hangs MCP**: `signet start` blocks until the daemon
is fully running, which can exceed the MCP SSH timeout. Background it
with `& disown` or just let it timeout — check `signet status` after
to confirm it started.