# deploy/vm101 System artifacts deployed to **vm101** (the GPU ingest node). The repo is the source of truth; the live copies live in `/usr/local/bin/`. Edit here, then `sudo ./install.sh` on vm101 to push changes. ## Contents - `n8n-pi-wrap` — forced-command wrapper that fronts every n8n→vm101 SSH call. - `install.sh` — installs the wrapper(s) into `/usr/local/bin` (idempotent). ## n8n-pi-wrap The only entry point for the `n8n-runner` identity onto vm101. n8n never gets a shell here: whatever it sends arrives as `SSH_ORIGINAL_COMMAND`, and a `case` whitelist decides what runs. Anything outside the whitelist is denied and logged. Allowed commands: | Command | What it does | |---|---| | `pi run` | one-shot prompt via stdin (proof-of-life / health) | | `pi ingest ` | the real two-phase ingest (below) | | `ollama list` / `ollama ps` | model introspection | ### The two-phase ingest `pi ingest` runs the clean-start + two phases, then stops: 1. **Clean start** — `git fetch && switch && reset --hard origin/`. Destroys only vm101's *scratch* checkout (never a shared branch, never a force-push) — this determinism is by design. 2. **Semantic** — `skills/ingest/scripts/ingest-semantic.py ` drives `pi` to WRITE `wiki/*` pages + `.ingest-manifest.json`. NOTE: this is the script, NOT `pi -p "/skill:ingest ..."` (that form makes the model reply in chat and write nothing — the classic "manifest not found" trap). 3. **Mechanical** — `skills/ingest/scripts/run-ingest.sh ` validates the manifest, then index/log/scoped-lint/commit on `feat/ai-ingest-` and opens a PR onto ``. Emits one JSON line `{status,slug,pr_url,...}`. The PR then waits for the human gate. One raw per session, sequential. ### Input hardening Both inputs come from `SSH_ORIGINAL_COMMAND`, so both are validated: - `genome` — kebab lowercase `^[a-z0-9-]+$`. - `raw_path` — must be under `raw/`, no `..` traversal, restricted charset `[A-Za-z0-9._/-]`, and the file must exist. Rejected paths return a JSON error. Config (`INGEST_BASE`, `GENOMES_ROOT`, `INGEST_MODEL`, Forgejo token) is sourced from `~/.config/knowledge-genome.env` (0600, owner-only). ## Install / update ```bash # on vm101 cd ~/knowledge-genome-orchestrator/deploy/vm101 sudo ./install.sh ```