Χ‘Χ‘Χ΄Χ“

πŸ–₯ VM OPERATOR β€” zee-ops-1 (the always-on cloud brain)

docs/VM_OPERATOR.md Β· last changed 2026-07-02 Β· rendered from GitHub master

πŸ–₯ VM OPERATOR β€” zee-ops-1 (the always-on cloud brain)

Activated 2026-07-02 ~1 AM ET (Sam pasted the key-grant; Fable provisioned). The box that runs Claude Code with Sam's PC OFF.

Access

State (7/2)

Remaining to make it a full autonomous operator

  1. ~~Push/pull~~ βœ… DONE (workspace = live clone w/ stored PAT; all 7 nested repos cloned into place 7/2 ~1:45 PM by the MIS session: MIS, HookStreetServices-Site, Calculator, eden-gardens-os, CM_Invoice_System, lawn-coop-proposal, HookStreet-Business-OS/sheets β€” push --dry-run verified OK on workspace+MIS+HSS).
  2. ~~Notify~~ βœ… DONE (.claude-notify.json present; scripts/tg.sh exists).
  3. Trigger: how Sam starts a VM session from his phone — SOLVED for interactive (Tailscale SSH enabled 7/2, Sam connected via Termius → ~/operator.sh; tmux windows = parallel Claude sessions, ctrl-b w = list). Still open: the bot→VM command channel ("paste a task into the bot → VM session picks it up") — Sam has explicitly asked for this.
  4. Decide: keep at ~$12/mo β€” YES (locked; live + proven + Sam operating it).
  5. Non-root sam user for clean skip-permissions (root prompts per tool).
  6. Nested-repo freshness: the VM's clones don't auto-pull β€” a session working there should git pull its repo at open (same discipline as the PC).
  7. ~~clasp deploys~~ βœ… DONE (7/2 ~3:45 PM, MIS session, Sam-ordered): .clasprc.json on the VM (600) + clasp installed + MIS/v2 .clasp.json + appsscript.json placed deliberately (gitignored β†’ clones lack them; without them clasp WALKS UP and binds the WRONG project β€” near-miss caught live: it resolved a different script). Verified: VM lists the true engine (7 deployments, @143). LAW: never clasp push in any folder without confirming its .clasp.json exists + the scriptId is right. Other clasp projects (command-inbox, LevSMS…) still need their bindings placed before VM deploys.
  8. Gitignored-but-needed files don't travel by clone β€” placed so far: notify config, connections keyring, FULL ops-api secrets incl. HOSPITABLE_TOKEN (landed 7/2 ~4 PM β€” Sam-directed), MIS/v2 clasp bindings, MIS/data broker archives. Still PC-only by choice: wrangler/CF auth (Fable-3 lane), MCP connectors (one-time interactive auth in a VM session if wanted).
  9. βœ… GUEST-COMMS SEND RAIL LIVE ON THE VM (proven 7/2 ~4:21 PM by VM-OPS): pool-situation msg β†’ BOTH in-house guests (Jessika/9312 + Lakia/9332) via POST public.api.hospitable.com/v2/reservations/<id>/messages (token from ops-api/.secrets.json), HTTP 202 then verified in-thread via GET (Rule 9). Gotchas: ops-api /hospitable/reservations shows only stays STARTING β‰₯ today β€” mid-stay guests are INVISIBLE there; resolve current guests via the Hospitable API date-window query (or mildred.html KNOWN{} map). Guest voice rules: no em-dashes, warm/plain, Sam's voice.

⚠️ ONE SHARED WORKING TREE β€” all VM sessions edit the SAME checkout (verified 7/2)

The tmux windows are NOT separate clones: window 0/1/2 all work in ~/hookstreet-workspace (and the same nested repos). PLUS ~/brain-pulse.sh (cron :17 every 3h + @reboot) runs git pull --rebase in it. Consequences:
- HEAD can move UNDER you mid-session (another window commits/pulls). Re-check git log before commit; never assume your last read of a shared doc is current.
- Uncommitted edits to the same file from two windows = a real clobber, worse than the PC pattern. Commit small and often; stay in your court's files.
- Heartbeat proof (Rule 9): ~/brain-pulse.log β€” 7/2 runs show 633 facts β†’ D1 clean.

✍️ TELEGRAM SIGNING β€” 3 parallel VM sessions (locked by Sam 7/2, relayed via MIS session)

Multiple Claude sessions run in parallel on this VM (tmux windows). One Telegram chat β€” Sam must see WHO is texting. scripts/tg.sh takes a TG_SIGN env var:

TG_SIGN="πŸ–₯ VM-OPS" ./scripts/tg.sh "subject" "message"

πŸ“΅ TELEGRAM NOISE RULE (Sam, 7/2 evening β€” he is drowning in texts; ALL VM sessions obey)

Text Sam ONLY for: (a) something needing HIS action Β· (b) a milestone he explicitly asked about Β· (c) urgent guest/money issues. Everything else (status, progress, FYI, "shipped X") goes to docs/steering/relay-log.md or CONTEXT.md instead. Batch what you do send β€” one text with 3 items beats 3 texts.

πŸ“± HOW SAM OPERATES IT FROM HIS PHONE (added 7/2)

The VM fixes the "remote-control disconnected β†’ lost it" problem: the session lives in tmux ON the VM, so a dropped phone connection doesn't kill it β€” you reattach.

Two phone paths, neither drops:
1. The Telegram bot (use NOW, zero setup) β€” the bot reads the D1 cloud brain (629 facts). Always on, in your pocket, never disconnects. For ask/tell/brief/quick-ops = your everyday brain-on-phone. Replaces remote-control for most things.
2. Full Claude Code session on the VM (the upgrade):
- Phone: install Blink Shell (or Termius) + the Tailscale app (same tailnet as the VM 100.79.23.85).
- Easiest auth = Tailscale SSH (enable on VM: tailscale up --ssh) β†’ phone connects by Tailscale identity, NO key juggling. (Alt: add a phone-generated public key to ~/.ssh/authorized_keys.)
- Connect β†’ run ~/operator.sh β†’ you're in the persistent "brain" tmux session running Claude Code.
- Detach = Ctrl-b then d (or just close the app) β€” it keeps running. Reattach anytime = ~/operator.sh again. That's the "never lose it" property.
- Note: interactive claude as root prompts on tool use (no --dangerously-skip-permissions for root). Refinement: a non-root sam user lets skip-permissions run clean β€” do in the next VM pass.

Source trail Β· docs/VM_OPERATOR.md @ master Β· rendered 2026-07-02 7:23 PM EDT by scripts/build-docs.py Β· the .md in the repo is the truth; this page is the phone-readable view