Converted 11 E2B scripts to use inject_env_vars_local():
- aider, claude, amazonq, cline, codex
- gemini, goose, gptme, interpreter, nanoclaw, openclaw
Pattern reduces ~10-15 lines to 3-4 lines per script.
Special cases:
- nanoclaw.sh: Has additional DOTENV_TEMP for agent-specific .env file
- gptme.sh: Had manual rm instead of trap, now handled by shared function
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
530 lines → 97 lines. The README now documents:
- One-liner install
- CLI commands (spawn, spawn <agent> <cloud>, spawn list, etc.)
- Agent and cloud reference tables
- Link to per-cloud READMEs for detailed docs
Per-cloud details (env vars, non-interactive mode) live in each
cloud's own README.md file.
Co-authored-by: Sprite <noreply@sprite.dev>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: add gptme agent to spawn matrix
Add gptme (https://github.com/gptme/gptme) - a personal AI agent in the
terminal with tools for code editing, terminal commands, web browsing,
and more. Natively supports OpenRouter via OPENROUTER_API_KEY.
- Add gptme agent entry to manifest.json with OpenRouter env vars
- Implement sprite/gptme.sh deployment script
- Implement hetzner/gptme.sh deployment script
- Add "missing" matrix entries for remaining 8 clouds
- Update README.md with usage instructions for Sprite and Hetzner
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: add Fly.io cloud provider with claude and aider agents
Add Fly.io as a new cloud provider using the Machines REST API for
provisioning and flyctl CLI for SSH access. Docker-based machines
with pay-per-second pricing.
- Create fly/lib/common.sh with Fly.io Machines API integration
- Implement fly/claude.sh for Claude Code deployment
- Implement fly/aider.sh for Aider deployment
- Update README.md with Fly.io usage instructions and env vars
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: add gemini, amazonq, cline, gptme to Fly.io
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: add openclaw, nanoclaw, goose, codex, interpreter to Fly.io
Implements 5 new agent scripts for the Fly.io cloud provider:
- fly/openclaw.sh: OpenClaw with gateway + TUI, model selection, config
- fly/nanoclaw.sh: NanoClaw WhatsApp agent with .env configuration
- fly/goose.sh: Block's Goose agent with OpenRouter provider
- fly/codex.sh: OpenAI Codex CLI with OpenRouter base URL override
- fly/interpreter.sh: Open Interpreter with OpenRouter base URL override
All scripts follow the Fly.io pattern (flyctl-based, no IP args for
run_server/interactive_session) and use upload_file for env injection.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: add gptme agent to 8 remaining clouds
Implement gptme agent scripts for digitalocean, vultr, linode, lambda,
aws-lightsail, gcp, e2b, and modal. Each script follows the exact
pattern of that cloud's existing aider.sh, adapted for gptme's install
and launch commands. Updates manifest.json matrix entries from "missing"
to "implemented".
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* Add guardrails from insights: CLAUDE.md rules, hooks, pre-commit
Based on usage insights analysis:
CLAUDE.md:
- Shell script rules: curl|bash compat, macOS bash 3.x compat
- Autonomous loop rules: test after each iteration, never revert fixes
- Git workflow rules: always use feature branches
.claude/settings.json:
- PostToolUse hook validates .sh files on every Write/Edit:
syntax check, no relative source, no echo -e, no set -u
.githooks/pre-commit:
- Blocks commits with: syntax errors, relative sources, echo -e,
set -euo, references to deleted functions
- Install: git config core.hooksPath .githooks
README.md:
- Added developer setup section with hook installation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Sprite <noreply@sprite.dev>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Added default '*) ' case to handle agents without specific assertions,
resolving SC2249 info warning and improving code clarity.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fixed SC2016 warnings by removing unnecessary backslashes from ${HOME}
and ${PATH} variables inside single-quoted strings in e2b and modal
provider libraries. Variables inside single quotes don't expand, so
the backslashes were literal characters being written to config files.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fixed SC2086 warnings by adding quotes around ${INSTANCE_STATUS_POLL_DELAY}
in 4 provider libraries. This prevents potential word splitting bugs if
the variable contains unexpected whitespace.
Files updated:
- linode/lib/common.sh:231
- vultr/lib/common.sh:226
- aws-lightsail/lib/common.sh:133
- digitalocean/lib/common.sh:211
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Improved the variable export pattern in gcp/lib/common.sh:
- Added SC2034 disable with clear documentation in create_server()
- Made server_ip a local variable before export
- Added SC2154 suppressions with documentation in all 10 GCP agent scripts
This eliminates shellcheck warnings while maintaining the existing
export behavior that makes GCP_SERVER_IP, GCP_INSTANCE_NAME_ACTUAL,
and GCP_ZONE available to calling scripts.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Added EXIT traps to ensure temporary files are cleaned up even if scripts crash or are interrupted:
**cli/spawn.sh** (2 mktemp calls):
- Line 219: Added trap after mktemp in fetch_manifest(), clear trap after mv
- Line 537: Added trap after mktemp in cmd_update(), clear trap after mv
- Removed manual rm -f calls in error paths (trap handles cleanup)
**sprite/lib/common.sh** (3 mktemp calls):
- setup_shell_environment(): Consolidated trap for both path_temp and bash_temp
- inject_env_vars_sprite(): Added trap for env_temp, clear after successful upload
**shared/common.sh** (cleanup system):
- Auto-register cleanup trap at end of file when sourced
- This activates the existing track_temp_file() + cleanup_temp_files() system
- Previously register_cleanup_trap() had to be manually called (only 1 script did this)
Impact: Prevents /tmp file leaks when scripts are killed, crashed, or interrupted mid-execution.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Removed manual rm calls for temp files in sprite/lib/common.sh since
traps now handle cleanup automatically. Combined traps for both temp
files in configure_shell_sprite() function.
Impact: Prevents temp file leaks on crashes/interrupts
Risk: Low - only removing redundant cleanup calls
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- hetzner/lib/common.sh:31 - HCLOUD_TOKEN set by caller
- digitalocean/lib/common.sh:36 - DO_API_TOKEN set by caller
- Silences false positive warnings for intentionally external variables
- These tokens are exported by ensure_*_token functions before use
- Line 19: Change 'set -uo pipefail' to 'set -euo pipefail'
- Makes improve.sh consistent with all other 113 scripts
- Ensures script exits on command failures (not just unbound vars/pipes)
- Low risk: script logic already handles errors, -e just adds safety
- Line 43: config_dir assignment not yet in effect when config_file uses it
- Split into two lines to ensure proper initialization order
- Prevents potential path resolution bugs
- 5 nanoclaw scripts only create DOTENV_TEMP but trap referenced both
- Causes trap to fail silently when trying to rm undefined variable
- Fix: Change trap from both temps to just DOTENV_TEMP
- Affected: digitalocean, hetzner, linode, sprite, vultr
Root cause: Automated trap addition in Round 19 incorrectly detected
these files as using both temp variables (DOTENV_TEMP contains substring
ENV_TEMP which caused false positive in grep check)
- Add trap 'rm -f "${ENV_TEMP}"' EXIT after mktemp creation
- Scripts with DOTENV_TEMP get combined trap for both files
- Remove manual rm calls that are now redundant
- Prevents temp file leaks on early script exit (errors, signals)
- Affects 67 agent scripts across all providers
Impact: Prevents /tmp pollution in production deployments
Score: 90 (Impact: 9, Confidence: 10, Risk: 1)
Fixed 2 critical syntax errors in API error handling:
- Hetzner line 160-161: Malformed error_msg assignment
- DigitalOcean line 172-173: Broken error_msg assignment
These were introduced during Round 15 refactoring and would crash
whenever users encountered API errors during server creation.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Add --max-time 30 to OAuth key exchange curl to prevent indefinite hangs
- Remove unused DIM variable from cli/install.sh
- Remove unused BLUE variable from cli/spawn.sh
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fixed 3 critical syntax errors preventing script execution:
- Line 45-46: Malformed saved_token assignment
- Line 65-66: Broken error_msg assignment in token validation
- Line 110-111: Broken error_msg in SSH key registration
- Line 164-165: Malformed root_pass assignment
These were introduced during Round 15 refactoring and prevented
Linode authentication and server creation from working.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Add SC2086 disable comments to interactive_session() functions in
GCP, Hetzner, and DigitalOcean providers. SSH_OPTS is intentionally
unquoted to allow word splitting for multiple SSH options.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Add -r flag to safe_read() to prevent backslash mangling (SC2162)
- Add shellcheck disable for intentional SSH_OPTS word splitting
- Remove unused 'gaps' variable in improve.sh (SC2034)
- Quote exit_code in return statement for consistency (SC2248)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Quote INSTANCE_STATUS_POLL_DELAY, SSH_RETRY_DELAY, and
SPRITE_CONNECTIVITY_POLL_DELAY to prevent potential word splitting
issues with unusual values.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Separated local variable declaration from command substitution assignment
in upload_file_sprite function to avoid masking return values.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Modified OAuth server to try ports sequentially (PORT to PORT+10) if initial
port is busy. Server now writes actual port used to a port file, which
try_oauth_flow reads to construct the correct callback URL.
Changes:
- start_oauth_server: Added port range retry logic with EADDRINUSE handling
- start_oauth_server: Now accepts port_file parameter to communicate actual port
- try_oauth_flow: Waits for port allocation and reads actual port used
- try_oauth_flow: Logs allocated port for user visibility
- Backward compatible: PORT env var still respected as starting point
Pattern:
Before: Fixed port 5180 → fails if busy
After: Try 5180, 5181, 5182... → resilient to port conflicts
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Extract hardcoded `sleep 1` values in OAuth code polling and server
startup wait to environment-configurable POLL_INTERVAL constant.
Changes:
- Added POLL_INTERVAL="${SPAWN_POLL_INTERVAL:-1}" at top of shared/common.sh
- Updated wait_for_oauth_code() to use POLL_INTERVAL (line 388)
- Updated OAuth server startup wait to use POLL_INTERVAL (line 489)
Benefits:
- Faster testing with SPAWN_POLL_INTERVAL=0.1
- Configurable for slow networks with SPAWN_POLL_INTERVAL=2
- Consistent with other timeout/delay constants added in previous commit
File modified:
- shared/common.sh
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Add explicit timeout parameter (60 seconds) to all wait_for_cloud_init calls
across linode, vultr, digitalocean, hetzner, gcp, and aws-lightsail providers.
This makes timeout configuration more explicit and easier to tune per-provider
or per-agent in the future. The value of 60 matches the default in the
wait_for_cloud_init function implementations.
Modified 60 agent scripts (10 agents × 6 providers).
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fixed SC2155 warnings by separating variable declarations from command
assignments to avoid masking return values.
Pattern: local var=$(cmd) → local var; var=$(cmd)
This ensures error codes from subshell commands are properly propagated.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Add test_e2b_token() to validate E2B API keys
- Apply validate_api_token() consistently via ensure_api_token_with_provider
- Improves security and user experience
- Prevents invalid tokens from being saved
Score: 24 (Impact: 8, Confidence: 9, Risk: 3)
- Add shellcheck source comments to all agent scripts
- Tells shellcheck where provider-exported variables are defined
- Fix 132+ SC2154 warnings across all providers
Score: 30 (Impact: 6, Confidence: 10, Risk: 2)
Fixed all 57 SC2250 shellcheck warnings by adding braces to variable
references. This improves code consistency and follows shellcheck
best practices.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fixed all 58 SC2250 shellcheck warnings by adding braces to variable
references. This improves code consistency and follows shellcheck
best practices.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
