AUDIT: enforce all 6 architectural laws + refine docs to purely referential form

Architectural-law fixes (INDEX.md §3):
- LAW 1 USR-OVER-ETC: relocate nvidia-container-toolkit cdi-refresh.env to
  tmpfiles.d (create-if-missing); document /etc/yum.repos.d and CrowdSec
  config as upstream-contract surfaces.
- LAW 2 NO-MKDIR-IN-VAR: consolidate /etc/cdi, /var/run/cdi, /var/lib/mios/gpu
  into usr/lib/tmpfiles.d/mios-gpu.conf; strip redundant ExecStartPre install -d
  /var/run/cdi from mios-gpu-{nvidia,amd,intel,status}.service.
- LAW 3 BOUND-IMAGES: extend automation/08-system-files-overlay.sh binder loop
  to walk /etc/containers/systemd/ in addition to /usr/share; remove stale
  mios-{guacamole,pxe-hub} symlinks; add cloudws-{guacamole,pxe-hub} and
  mios-{ai,ceph,k3s} bound-images entries.
- LAW 4 BOOTC-CONTAINER-LINT: split bootc container lint from ostree container
  commit so lint is the literal final RUN of Containerfile.
- LAW 6 UNPRIVILEGED-QUADLETS: declare User=/Group=/Delegate=yes on the six
  cloudws/usr-share Quadlets with new sysusers entries
  (usr/lib/sysusers.d/50-mios-services.conf); declare User=root/Group=root
  explicitly on mios-ceph and mios-k3s as documented exceptions.

Build-pipeline fixes:
- Containerfile: COPY --from=ctx replaced with read-only bind-mount; security
  stack moved into a new packages-base block invoked via install_packages_strict.
- PACKAGES.md: drop bare 'kernel' (replaced with 'kernel-core' for validation);
  add packages-base, packages-moby, packages-uki, packages-sbom-tools,
  packages-k3s-selinux-build blocks.
- Phase scripts 19/21/23/90 refactored from naked dnf install to install_packages
  helpers (PACKAGES.md SSOT).
- automation/01-repos.sh: GPG-key install no longer swallows failure with
  2>/dev/null; drop --best from F44 pre-upgrade.

CI workflow:
- .github/workflows/mios-ci.yml: read VERSION from file (no drift); rechunk
  job gated on refs/tags/v* before push; cosign sign gated on tags only.

Justfile:
- Add 'lint' recipe so the CONTRIBUTING.md reference is no longer dead.

Repo hygiene:
- Delete tracked stray archives (mios-legacy.tar 13MB, FOUND-THE-FILES.tar,
  files.zip, files1.zip), generated artifacts (root-manifest.json,
  MiOS-SBOM.csv) and transient audit reports (AUDIT-FINDINGS-*, WORKFLOW-AUDIT-*).
- .gitignore: drop the corresponding stale whitelist negations; fix the
  /workspaces/MiOS path comment.
- Regenerate automation/manifest.json, tools/manifest.json,
  agents/research/manifest.json from current source via
  tools/generate-ai-manifest.py (in-tree snapshots were 2026-04-29-stale).

Documentation refinement (purely technical + referential, sourced):
- README, INDEX, ARCHITECTURE, ENGINEERING, SECURITY, SELF-BUILD, DEPLOY,
  CONTRIBUTING, LICENSES rewritten with file:line citations and upstream
  spec links (kernel admin-guide, FHS 3.0, bootc, BIB, rechunk, cosign,
  LocalAI, OpenAI API).
- DEPLOY.md heavy rewrite: previous version referenced a 'mios' build-CLI
  that does not exist (usr/bin/mios is the OpenAI chat client).
- SELF-BUILD.md: drop duplicate 'Future Considerations: image-builder-cli'
  section; drop '[NET] MiOS Artifact / Proprietor' preamble.
- MiOS-Engineering-Reference.md: remove 'Memory caveat' rows and the
  'Reconciliation with prior project memory' appendix (conversational
  metadata) — kept the technical content.
- CLAUDE.md: align the build.sh shell-flag claim with code reality
  (set -euo pipefail with set +e/-e toggled around per-script invocation
  at automation/build.sh:234-237).
- Delete SUMMARY.md (transient session log).

54 files changed, 1241 insertions, 3142 deletions.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

Author: mios-dev

.github/workflows/mios-ci.yml

@@ -26,6 +26,10 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
+      - name: Read VERSION
+        id: ver
+        run: echo "version=$(cat VERSION)" >> "$GITHUB_OUTPUT"
+
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
 
@@ -47,7 +51,7 @@ jobs:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           tags: |
             type=raw,value=latest,enable={{is_default_branch}}
-            type=raw,value=v0.2.0,enable={{is_default_branch}}
+            type=raw,value=${{ steps.ver.outputs.version }},enable={{is_default_branch}}
             type=ref,event=branch
             type=ref,event=pr
             type=semver,pattern={{version}}
@@ -64,12 +68,38 @@ jobs:
           provenance: true
           sbom: true
 
+      # Rechunking produces 5-10x smaller Day-2 deltas (Justfile:rechunk).
+      # Only worth the cost on tag pushes; branch builds skip it.
+      - name: Install podman
+        if: startsWith(github.ref, 'refs/tags/v')
+        run: |
+          sudo apt-get update -qq
+          sudo apt-get install -y podman
+
+      - name: Rechunk on tag
+        if: startsWith(github.ref, 'refs/tags/v')
+        env:
+          IMAGE_TAG: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.ver.outputs.version }}
+        run: |
+          podman pull "${IMAGE_TAG}"
+          podman run --rm \
+            --security-opt label=type:unconfined_t \
+            -v /var/lib/containers/storage:/var/lib/containers/storage \
+            "${IMAGE_TAG}" \
+            /usr/libexec/bootc-base-imagectl rechunk --max-layers 67 \
+              "containers-storage:${IMAGE_TAG}" \
+              "containers-storage:${IMAGE_TAG}-rechunked"
+          podman tag "${IMAGE_TAG}-rechunked" "${IMAGE_TAG}"
+          podman tag "${IMAGE_TAG}" "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"
+          podman push "${IMAGE_TAG}"
+          podman push "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"
+
       - name: Install cosign
-        if: github.event_name != 'pull_request'
+        if: startsWith(github.ref, 'refs/tags/v')
         uses: sigstore/cosign-installer@v3
 
       - name: Cosign keyless sign
-        if: github.event_name != 'pull_request'
+        if: startsWith(github.ref, 'refs/tags/v')
         env:
           COSIGN_EXPERIMENTAL: '1'
         run: |
@@ -90,6 +120,6 @@ jobs:
           sudo apt-get update -qq
           sudo apt-get install -y podman
 
-      - name: Build for smoke test
+      - name: Smoke build (lint via Containerfile final RUN)
         run: |
           podman build -t mios:smoke -f Containerfile .

.gitignore

@@ -5,8 +5,8 @@
 #               then the parent's contents must be re-ignored before the child is unignored.
 #
 # IMPORTANT: /.gitignore must be a real file (not a symlink) because git opens it
-#            with O_NOFOLLOW. After editing this file run:
-#            sudo cp /workspaces/MiOS/.gitignore /.gitignore
+#            with O_NOFOLLOW. After editing this file at the repo root, run:
+#            sudo cp ./.gitignore /.gitignore
 
 # ─────────────────────────────────────────────────────────────────────────────
 # 1. BLOCK EVERYTHING
@@ -36,15 +36,10 @@
 !/LICENSES.md
 !/README.md
 !/SECURITY.md
-!/AUDIT-FINDINGS-*.md
-!/WORKFLOW-AUDIT-*.md
 !/SELF-BUILD.md
-!/SUMMARY.md
 !/VERSION
 !/llms-full.txt
 !/llms.txt
-!/root-manifest.json
-!/MiOS-SBOM.csv
 !/MiOS-Engineering-Reference.md
 !/image-versions.yml
 !/install.sh

ARCHITECTURE.md

@@ -1,57 +1,59 @@
-# MiOS ARCHITECTURE — System Blueprint (Day 0)
-
-```json:knowledge
-{
-  "summary": "Consolidated architectural specification for MiOS. Hardware, Filesystem, and AI Interface SSOT.",
-  "logic_type": "blueprint",
-  "tags": ["MiOS", "Architecture", "Day-0", "SSOT"],
-  "version": "v0.2.0"
-}
-```
-
-## 🏗️ Core Pillars
-MiOS is a container-native workstation engineered for high-performance virtualization and local Generative AI development.
-
-1. **Transactional Integrity**: The system core is cryptographically sealed and managed via `bootc`.
-2. **Hardware Agnosticism**: Universal acceleration for primary GPU vendors (NVIDIA, AMD, Intel).
-3. **Zero-Trust Boundary**: Mandatory execution control and kernel-level isolation.
-
----
-
-## 💾 Filesystem Hierarchy (FHS 3.0 + bootc)
-MiOS mirrors the standard Linux FHS within its OCI root.
-
-| Path | Type | Intent |
-| :--- | :--- | :--- |
-| `/usr` | Immutable | System Binaries, Libraries, and Static Config. |
-| `/etc` | Persistent | Host-specific overrides. |
-| `/var` | Persistent | System state and User home directories. |
-| `/srv` | Persistent | Sidecar service data (Models, Databases). |
-
-### ⚖️ Immutability Mandate
-Build-time overlays into `/var` are architectural violations. All `/var` state must be declared via `tmpfiles.d` to ensure atomic, reproducible deployments.
-
----
-
-## 🖥️ Hardware Delegation
-
-### 🎮 Universal Acceleration
-Standardized CDI (Container Device Interface) and ROCm/Arc drivers ensure local AI tools access native hardware performance.
-- **Hardware Targeting**: Primary GPU IDs `10de:2204,10de:1aef`.
-
-### ⚡ Virtualization
-Tier-1 Hypervisor capabilities (KVM/QEMU) are native to the system core, supporting VFIO-PCI passthrough and shared memory (KVMFR) buffers.
-
----
-
-## 🤖 AI Interface Surface
-The system architecture exposes a local OpenAI-compatible API surface for autonomous management and user interaction.
-
-| Service | Protocol | Access Point |
-| :--- | :--- | :--- |
-| **Inference** | REST | `http://localhost:8080/v1` |
-| **Discovery** | MCP | `/usr/share/mios/ai/mcp/` |
-| **Metadata** | JSON | `/usr/share/mios/ai/v1/` |
-
----
-*Copyright (c) 2026 MiOS. Pure FOSS. Zero Day Ready.*
+# MiOS Architecture
+
+## Pillars
+
+1. **Transactional integrity** — system core is a content-addressed OCI image
+   managed by `bootc` (<https://bootc-dev.github.io/bootc/>). Atomic upgrade
+   and rollback via `bootc upgrade` / `bootc rollback`.
+2. **Hardware acceleration** — universal CDI (Container Device Interface,
+   <https://github.com/cncf-tags/container-device-interface>) for NVIDIA,
+   AMD ROCm/KFD, and Intel iGPU. CDI specs generated under `/var/run/cdi/`,
+   admin overrides under `/etc/cdi/` (declared in
+   `usr/lib/tmpfiles.d/mios-gpu.conf`).
+3. **Zero-trust execution** — `fapolicyd` deny-by-default, SELinux enforcing,
+   USBGuard, CrowdSec sovereign-mode IPS, kernel-lockdown integrity. See
+   `SECURITY.md`.
+
+## Filesystem layout (FHS 3.0 + bootc)
+
+Spec: <https://refspecs.linuxfoundation.org/FHS_3.0/>.
+
+| Path | Type | Source-of-truth in repo |
+|---|---|---|
+| `/usr` | Immutable image content | `usr/` (overlaid by `automation/08-system-files-overlay.sh`) |
+| `/etc` | Persistent admin-override surface; build-time writes are upstream-contract only | `etc/` |
+| `/var` | Persistent state; declared via `tmpfiles.d` | `usr/lib/tmpfiles.d/mios*.conf` |
+| `/srv` | Sidecar service data (models, databases) | `srv/`, `usr/lib/tmpfiles.d/mios.conf` |
+
+Build-time writes to `/var/` are forbidden (LAW 2). The overlay step at
+`automation/08-system-files-overlay.sh:49-67` writes home dotfiles to
+`/etc/skel/` and lets `systemd-sysusers` populate `/var/home/<user>/` at
+first boot.
+
+## Hardware delegation
+
+Default GPU passthrough targets (`ARCHITECTURE.md` previously hard-coded
+`10de:2204,10de:1aef`; current behavior detects at runtime via
+`automation/34-gpu-detect.sh` and writes `/run/mios/gpu-passthrough.status`).
+
+Virtualization: KVM/QEMU + libvirt (`automation/12-virt.sh`), VFIO-PCI
+passthrough kargs (`usr/lib/bootc/kargs.d/`), KVMFR shared-memory built
+in-image (`automation/52-bake-kvmfr.sh`), Looking Glass B7 client built
+in-image (`automation/53-bake-lookingglass-client.sh`).
+
+## AI surface
+
+| Service | Protocol | Path |
+|---|---|---|
+| Inference | OpenAI-compatible REST | `http://localhost:8080/v1` (LocalAI Quadlet `etc/containers/systemd/mios-ai.container`) |
+| Discovery | MCP | `usr/share/mios/ai/v1/mcp.json` |
+| Metadata | JSON | `usr/share/mios/ai/v1/models.json` |
+| System prompt | markdown | `usr/share/mios/ai/system.md` (canonical), `etc/mios/ai/system-prompt.md` (host override) |
+
+References:
+- bootc: <https://github.com/containers/bootc>
+- bootc-image-builder: <https://github.com/osbuild/bootc-image-builder>
+- Universal Blue (uCore base): <https://github.com/ublue-os/main>
+- rechunk: <https://github.com/hhd-dev/rechunk>
+- cosign: <https://github.com/sigstore/cosign>
+- LocalAI: <https://github.com/mudler/LocalAI>