playbooks/roles/ai_agent_runtime
Haitao Pan 3505ff1c31 fix(ai-workspace): deploy robustness on Debian13/Ubuntu26.04 (py3.13)
- setup-xworkspace-console.yaml:
  - xworkspace_console_user follows ansible_env.USER (was hardcoded ubuntu;
    mismatched home=/root on root connections -> systemd link 'src does not exist')
  - runtime apt task async/poll (xfce4 desktop install dropped the SSH session)
  - api_dir -> bin/ to match prebuilt runtime manifest (apiBinary: bin/xworkspace-api;
    was api/ -> 203/EXEC crash loop)
- roles/ai_agent_runtime/tasks/{main,docs,fonts,browser}.yml: apt lock_timeout
  (texlive/pandoc raced cloud-init/unattended-upgrades for the dpkg lock)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-24 03:02:43 +08:00
..
defaults fix: make ai runtime npm installs idempotent 2026-06-16 15:04:14 +08:00
files fix: make ai runtime npm installs idempotent 2026-06-16 15:04:14 +08:00
tasks fix(ai-workspace): deploy robustness on Debian13/Ubuntu26.04 (py3.13) 2026-06-24 03:02:43 +08:00
README.md fix: make ai runtime npm installs idempotent 2026-06-16 15:04:14 +08:00

AI Agent Runtime

Provision a Debian-based host for AI agent and AI action execution with one role entrypoint. The role installs:

  • base tools: curl, wget, git, jq, rsync, unzip
  • Node.js runtime for Playwright-based agents
  • Python 3 toolchain for scripts and helpers
  • existing system browser, preferring the live /usr/local/bin/chromium wrapper or Google Chrome before installing browser packages
  • pandoc + XeLaTeX PDF toolchain
  • Chinese fonts for document rendering
  • shared agent skills via roles/agent_skills, including the categorized ../xworkspace-core-skills/skills/ repository source by default

Design constraints:

  • system packages are the primary source of truth
  • global npm packages are managed through /usr/local/sbin/ai-workspace-manage-npm-global-package so repeated installs are idempotent and stale global bin links can be overwritten safely
  • Playwright uses the resolved system browser instead of downloading browsers
  • Chinese PDF rendering is treated as a runtime requirement, not an optional add-on

Global npm package actions:

  • install is the default and only changes the host when a package is missing or an exact pinned version differs
  • reinstall forces the configured package set back into place
  • upgrade, backup, restore, and migrate are reserved action entrypoints for future runtime lifecycle workflows

Default Playwright environment:

  • PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1
  • PLAYWRIGHT_BROWSERS_PATH=0
  • PLAYWRIGHT_CHROMIUM_EXECUTABLE_PATH=/usr/local/bin/chromium when that live wrapper exists

Example:

ansible-playbook -i inventory.ini -l jp-xhttp-contabo.svc.plus setup-ai-agent-skills.yml

setup-ai-agent-skills.yml runs roles/ai_agent_runtime, which installs system dependencies and syncs the current Skill catalog through the embedded roles/agent_skills step in one pass.