AION Agent Chroot Builder

---

Builder Overview

aion.sh version 2.0.2 serves as the AION Agent Chroot Builder construct isolated execution environment on Debian 12 Bookworm chroot /opt/aion_chroot host automate setup abstract complexity into Google Cloud ensuring consistency, reliability, and reproducibility for AION deployments

core utilizes debootstrap establishing minimal Debian base system building essential system utilities as AION directory structure /opt/aion. network identity via /etc/hosts and /etc/hostname DNS resolution mirroring the host UTC time synchronization with en_US.UTF-8 locale

Critical kernel interfaces are made available through standard pseudo-filesystem mounts /proc /sys /dev /dev/pts.

AION chroot builder establishes a multi-user environment designed around the principle of least privilege:

chmod +x AION.sh

User	Default Group	Sudo	Purpose & Ownership
aion	aion	YES	Chroot Administrator owns nothing specific but has full control via passwordless sudo Added to aionagent group for potential access needs
aionagent	aionagent	No	Dedicated unprivileged user runs the System Agent Owns /opt/aion/system_agent /opt/aion/logs
mastermind	mastermind	No	Development user Owns /home/mastermind/mastermind and installed development toolchains Rust Foundry Tauri Node via NVM
agency	agency	No	General purpose user for agent operations or containment
agenticplace	agenticplace	No	Intended user for running public facing web services Nginx workers application servers etc
rwx	rwx	No	User for running isolated services potentially requiring specific execution contexts Owns installed ngrok instance
ollama	ollama	No	Dedicated user for the Ollama LLM service created by its installer if chosen
Optional User	augentic (def)	No	Dynamically created user if opted in during setup Username group and password requested Default username ollama default group augentic no sudo

./AION.sh

AION System Agent system_agent.py is deployed to /opt/aion/system_agent with its configuration config.json. A dedicated Python virtual environment /opt/aion/system_agent/venv is created ensuring dependency isolation with psutil installed. Host integration via systemd is configured for this agent if the aion-agent.service template file is present alongside the builder script enabling robust process management Similarly Ollama if installed is managed via a host ollama-chroot.service unit directing its logs appropriately

The entire build process is logged exhaustively to /var/log/aion_setup/aion_chroot_install_v2.0.2.log on the host providing a detailed audit trail.

---

Environment Features

The builder provisions a rich suite of preconfigured environments tailored for agentic development and deployment within the chroot Each is installed by default following a brief timed prompt allowing for rapid full-featured setup:

• Python Essential Runtime

  The cornerstone scripting language python3 along with its package manager pip are installed system-wide within the chroot This provides the fundamental execution environment for the AION System Agent and general automation tasks It is readily accessible to the aion administrator and all other users ensuring essential scripting capabilities are universally available

• Nodejs Universal Application Platform

  Enabling modern JavaScript development Nodejs is installed preferably via NVM Node Version Manager for the mastermind agenticplace and rwx users This approach provides isolated Node environments preventing version conflicts It facilitates building everything from backend APIs and microservices to complex frontend interfaces and build tooling making it a universal platform for web related tasks

• Rust Faster Systems Programming

  For performance critical components Rust offers memory safety without sacrificing speed Installed via rustup for the mastermind user it empowers the development of robust efficient backend systems daemons or computationally intensive agent logic where performance and reliability are paramount

• Foundry Blockchain Development Suite

  A modern powerful toolkit specifically for Ethereum smart contract and application development Installed for the mastermind user requiring Rust Foundry streamlines the entire decentralized application lifecycle from writing and testing contracts in Solidity or Vyper to deploying and interacting with them

• Tauri Versatile Desktop Applications

  Build cross platform desktop applications using web technologies HTML CSS JavaScript for the frontend and a high performance Rust backend Installed for mastermind requiring Rust and Nodejs Tauri allows for the creation of versatile secure and resource efficient desktop agents or user interfaces that leverage system capabilities

• Go Concurrent Network Services

  Known for its simplicity and excellent support for concurrency Go is installed system-wide It is exceptionally well suited for building reliable high throughput network services microservices command line utilities and infrastructure tooling often required in distributed agent systems

• Ollama Local Language Models

  Integrate powerful large language models directly within the secure chroot environment Ollama is installed via its official script creating a dedicated ollama user and a host managed systemd service It simplifies running models like Llama 3 Mistral which are pre-pulled by default enabling local AI inference and agent intelligence

• Ngrok Secure Tunneling Utility

  Create secure tunnels from the private chroot environment to the public internet Installed specifically for the rwx user ngrok is invaluable for development testing demonstrations or providing controlled external access to internal services without complex network configurations

• AION System Agent Core Monitoring

  The deployed system_agent.py provides essential monitoring capabilities within the chroot Running in its own isolated Python environment and managed by an optional host systemd service it offers insights into resource usage logs activity and contributes to the overall health management of the AION environment

---

Core Purpose

This script automatically constructs a secure isolated and feature rich Debian environment optimized with the specific users tools and services required to effectively develop deploy and operate AION components

---

for AION by AION

---

edit your main aion202.sh script: Remove the existing install_ollama_chroot function entirely. Find the location in the main() function where install_ollama_chroot was called (likely near the end, after other optional installs). Replace that call with the new logic below:

--- Main Execution ---

main() { # ... (previous parts of the main function: trap, check_root, setup, bootstrap, config, users, dirs, components...) ...

# --- Run Optional Installations (Defaults are 'y' with 3s timeout, except Node Global) ---
install_nodejs_npm_chroot;
install_ngrok_chroot;
install_rust_chroot;
install_foundry_chroot;
install_tauri_cli_chroot;
install_go_chroot;
# install_ollama_chroot; # REMOVE THIS OLD CALL

# --- New Ollama Installation Logic ---
ollama_installed=false # Ensure flag is reset before attempt
# Prompt for Ollama installation: Default Y, 7-second timeout
if prompt_yes_no "Install Ollama (incl. auto-pull '$DEFAULT_MODEL')?" "y" "7"; then
    log "User confirmed or timed out for Ollama installation. Proceeding..."
    local ollama_installer_script="./ollamainstaller.sh" # Assumes it's in the same directory

    if [[ ! -x "$ollama_installer_script" ]]; then
        error "Ollama installer script ($ollama_installer_script) not found or not executable. Skipping Ollama."
    else
        log "Executing external Ollama installer script: $ollama_installer_script"
        start_heartbeat # Start heartbeat for potentially long Ollama install/pull
        # Execute the installer, passing necessary parameters
        # Note: Default model is now defined *within* the installer script
        if "$ollama_installer_script" "$CHROOT_DIR" "$OLLAMA_USER" "$OLLAMA_GROUP" "$OLLAMA_BINARY_PATH_IN_CHROOT" >> "$SCRIPT_LOG_FILE" 2>&1; then
             cleanup_heartbeat
             log "${GREEN}Ollama installer script completed successfully.${NC}"
             ollama_installed=true # Set flag on success
        else
             cleanup_heartbeat
             local installer_ec=$?
             error "Ollama installer script failed with exit code $installer_ec. Check installer logs within '$SCRIPT_LOG_FILE'."
             ollama_installed=false # Ensure flag is false on failure
             # Consider if this failure should be fatal for the whole script?
             # error "Ollama installation failed, aborting main script." "exit" # Uncomment this line to make it fatal
        fi
    fi
else
    log "Skipping Ollama installation based on user choice 'no'."
    ollama_installed=false
fi
# --- End New Ollama Installation Logic ---


# --- Ollama Post-Install (Model pulling is now handled by the installer) ---
# Remove the old model pulling loop here if it existed separately

# --- Service Configuration ---
log "Configuring host systemd services..."; local reload_daemon=false;
# ... (Agent service configuration remains the same) ...
# Find: local script_dir; script_dir=$(dirname "$(readlink -f "$0")"); etc...

# ... (Ollama service configuration remains the same, but now relies on $ollama_installed flag set by the installer) ...
local ollama_svc_path="/etc/systemd/system/$OLLAMA_SERVICE_NAME";
if $ollama_installed; then
    log "Configuring Ollama service ($OLLAMA_SERVICE_NAME)...";
    # ... (rest of the ollama service file creation logic) ...
    log "${GREEN}Ollama service configured.${NC}"; reload_daemon=true;
else
    log "${YELLOW}Ollama not installed. Skip Ollama svc config.${NC}";
fi;

# ... (Rest of the main function: systemd reload, final summary) ...

# --- Final Summary ---
generate_final_summary # Ensure this reflects the new Ollama behavior

}

... (Rest of the script: utility functions, generate_final_summary, etc.) ...

Execute main function

main "$@";

Explicit exit 0 on success

exit 0;