diff --git a/README.md b/README.md
index 4a89543..93f8da2 100644
--- a/README.md
+++ b/README.md
@@ -1,110 +1,232 @@
-# 
ai `os`
+# ai `os`
-`aios` is a simple linux distribution based on `archlinux`.
+**aios** = AI-managed OS with shared memory
-|rule|var|
-|---|---|
-|name|ai os|
-|code|aios|
-|id|ai|
-|container|[git.syui.ai/ai/os](https://git.syui.ai/ai/-/packages/container/os/latest)|
-|image|[aios-bootstrap.tar.gz](https://github.com/syui/aios/releases/download/latest/aios-bootstrap.tar.gz)|
+An ArchLinux-based OS where AI conversation interface replaces the traditional shell.
-```sh
-$ docker run -it git.syui.ai/ai/os ai
+```
+User → AI Chat → Commands → Execution
+ ↓
+ aigpt (shared memory)
+ ↓
+ systemd-nspawn (isolated environment)
```
-## link
+## Philosophy
-|host|command|url|
-|---|---|---|
-|docker|syui/aios|https://hub.docker.com/r/syui/aios|
-|github|ghcr.io/syui/aios|https://github.com/users/syui/packages/container/package/aios|
-|syui|git.syui.ai/ai/os|https://git.syui.ai/ai/-/packages/container/os|
+**Insert AI into existing flows**
-## base
+- Traditional: `User → Shell → Commands`
+- aios: `User → AI Chat → Commands`
+
+Simply insert AI layer into the existing workflow.
+
+## Core Features
+
+### 1. AI-First Interface
+
+Default interface is AI conversation, not shell.
```sh
-# https://gitlab.archlinux.org/archlinux
-$ git clone https://gitlab.archlinux.org/archlinux/archiso
+> Install rust development environment
+✓ Installing rust, rust-analyzer, neovim
+✓ Done
+
+> What did I install yesterday?
+Yesterday you installed Python with poetry.
```
-## docker
+### 2. Shared Memory (aigpt)
+
+All containers share the same memory database.
+
+```
+Host: ~/.config/syui/ai/gpt/memory.db (shared)
+ ↓
+aios-dev → bind mount → same DB
+aios-prod → bind mount → same DB
+```
+
+AI learns from all environments and remembers your preferences.
+
+### 3. Environment Isolation
+
+Execution environments are isolated using systemd-nspawn.
```sh
-# https://git.syui.ai/ai/-/packages/container/os
-$ docker run -it git.syui.ai/ai/os ai
+# Development environment
+$ systemd-nspawn --machine=aios-dev
-# https://hub.docker.com/r/syui/aios
-$ docekr run -it syui/aios ai
-
-# https://github.com/users/syui/packages/container/package/aios
-$ docker run -it ghcr.io/syui/aios ai
+# Production environment
+$ systemd-nspawn --machine=aios-prod
```
-## token
+Memory is shared, but environments are separated.
-|env|body|
-|---|---|
-|${{ github.repository }}|syui/aios|
-|${{ secrets.DOCKER_USERNAME }}|syui|
-|${{ secrets.DOCKER_TOKEN }}|[token](https://matsuand.github.io/docs.docker.jp.onthefly/docker-hub/access-tokens/)|
-|${{ secrets.APP_TOKEN }}|[token](https://docs.github.com/ja/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens), pacakge|
+## Architecture
-## podman
+```
+aios (ArchLinux base)
+├── aigpt (memory system)
+│ ├── SQLite with WAL mode
+│ ├── Layer 3: Personality analysis
+│ └── Layer 4: Relationship inference
+├── MCP (AI connection standard)
+│ └── Claude Code / ChatGPT / Custom AI
+├── systemd-nspawn (container runtime)
+│ └── Shared memory bind mount
+└── Permission system
+ ├── Auto-allow
+ ├── Notify
+ ├── Require approval
+ └── Deny
+```
+
+## Quick Start
+
+### Installation
```sh
-if [ ! -d ~/ai/os/.git ];then
- mkdir -p ~/ai
- git clone https://git.syui.ai/ai/os ~/ai/os
-fi
-if [ ! -d ~/.config/containers/registries.conf.d ];then
- mkdir -p ~/.config/containers/registries.conf.d
-fi
-ln -s ~/ai/os/.config/containers/registries.conf.d/ai.conf ~/.config/containers/registries.conf.d/ai.conf
+# Clone repository
+$ git clone https://github.com/syui/aios
+$ cd aios
+
+# Run installer
+$ sudo ./aios-install.sh
```
+### Usage
+
```sh
-$ podman pull aios
+# Start aios container
+$ sudo systemctl start systemd-nspawn@aios
+
+# Enter aios shell
+$ sudo machinectl shell aios
+
+# Inside aios, AI chat interface starts
+[aios] >
```
-> ~/.config/containers/registries.conf.d/ai.conf
+## Container Distribution
+
+Pre-built containers are available:
```sh
-# https://github.com/containers/shortnames
-# ~/.config/containers/registries.conf.d/ai.conf
-unqualified-search-registries = ['git.syui.ai', 'docker.io', 'ghcr.io']
+# Docker
+$ docker run -it git.syui.ai/ai/os
+$ docker run -it ghcr.io/syui/aios
-[aliases]
-"aios" = "git.syui.ai/ai/os"
+# Podman
+$ podman pull aios # using shortname alias
```
+## Configuration
+
+### Directory Structure
+
+```
+~/.config/syui/ai/
+├── gpt/
+│ ├── memory.db # Shared memory (SQLite WAL)
+│ ├── memory.db-wal
+│ └── memory.db-shm
+├── mcp.json # MCP server configuration
+└── config.toml # aios configuration
+```
+
+### MCP Configuration
+
+`~/.config/syui/ai/mcp.json`:
+
+```json
+{
+ "mcpServers": {
+ "aigpt": {
+ "command": "aigpt",
+ "args": ["server", "--enable-layer4"]
+ }
+ }
+}
+```
+
+### Permission System
+
+`~/.config/syui/ai/config.toml`:
+
+```toml
+[permissions]
+# Auto-allow (no approval)
+auto_allow = ["pacman -Q*", "ls", "cat"]
+
+# Notify (log only)
+notify = ["pacman -S*", "git clone*"]
+
+# Require approval
+require_approval = ["rm -rf*", "systemctl stop*"]
+
+# Deny
+deny = ["rm -rf /", "mkfs*"]
+```
+
+## Building from Source
+
```sh
-$ podman pull aios
-Resolved "aios" as an alias (/etc/containers/registries.conf.d/ai.conf)
-Trying to pull git.syui.ai/ai/os:latest...
-Getting image source signatures
-Copying blob c7e55fecf0be [====================>-----------------] 917.4MiB / 1.7GiB
+# Install dependencies
+$ pacman -S base-devel archiso docker git rust
+
+# Build bootstrap image
+$ ./build.zsh
+
+# Result: aios-bootstrap.tar.gz
```
-## cron
+## Integration with aigpt
-stop
+aios is designed to work with [aigpt](https://git.syui.ai/ai/gpt) (AI memory system).
-```sh
- schedule:
- - cron: "0 0 * * *"
-```
+aigpt provides:
+- **Layer 1**: Memory storage
+- **Layer 2**: Priority scoring
+- **Layer 3**: Personality analysis (Big Five)
+- **Layer 4**: Relationship inference
-## update action
+All memories are shared across containers through bind-mounted SQLite database.
-```sh
-$ vim build.zszh
-$ ./scpt/gh-actions.zsh
-```
+## Comparison
-## link
+| Aspect | Traditional OS | aios |
+|--------|---------------|------|
+| Interface | Shell (bash/zsh) | AI Chat |
+| Command | Memorize syntax | Natural language |
+| Configuration | Manual editing | AI executes |
+| Learning | No | Yes (aigpt) |
+| Memory | No | Shared (SQLite) |
+| Isolation | Docker/Podman | systemd-nspawn |
-- https://git.syui.ai/ai/os
-- https://github.com/syui/aios
+## Links
+- Repository: https://github.com/syui/aios
+- Git: https://git.syui.ai/ai/os
+- aigpt: https://git.syui.ai/ai/gpt
+- Container: https://git.syui.ai/ai/-/packages/container/os
+
+## Philosophy Detail
+
+From conversation with AI about aigpt:
+
+> "What is the essence of this design?"
+> "Simply insert AI into existing flows"
+>
+> - aigpt: Insert AI between conversation and memory
+> - aios: Insert AI between user and commands
+>
+> Not building something entirely new.
+> Just adding an AI layer to existing workflows.
+> And prepare the environment for that.
+
+This is aios.
+
+---
+
+© syui
diff --git a/aios-install.sh b/aios-install.sh
new file mode 100755
index 0000000..070f9b9
--- /dev/null
+++ b/aios-install.sh
@@ -0,0 +1,151 @@
+#!/bin/bash
+# aios installer - AI-managed OS with shared memory
+
+set -e
+
+AIOS_VERSION="0.1.0"
+AIOS_ROOT="/var/lib/machines/aios"
+AIOS_CONFIG="$HOME/.config/syui/ai"
+
+echo "=== aios installer v${AIOS_VERSION} ==="
+echo ""
+echo "aios = AI-managed OS with shared memory"
+echo "- Default interface: AI chat (not shell)"
+echo "- Shared memory: aigpt (SQLite)"
+echo "- Environment isolation: systemd-nspawn"
+echo ""
+
+# Check if running as root for container creation
+if [ "$EUID" -ne 0 ] && [ ! -d "$AIOS_ROOT" ]; then
+ echo "Note: Container creation requires root privileges"
+ echo " User config will be created in: $AIOS_CONFIG"
+fi
+
+# 1. Create shared memory directory
+echo "[1/6] Creating shared memory directory..."
+mkdir -p "${AIOS_CONFIG}/gpt"
+chmod 700 "${AIOS_CONFIG}"
+echo "✓ Created: ${AIOS_CONFIG}"
+
+# 2. Download bootstrap container (if not exists)
+if [ ! -d "$AIOS_ROOT" ]; then
+ echo "[2/6] Downloading aios bootstrap container..."
+ if [ "$EUID" -eq 0 ]; then
+ mkdir -p /var/lib/machines
+ cd /var/lib/machines
+ curl -sL https://github.com/syui/aios/releases/download/latest/aios-bootstrap.tar.gz | tar xz
+ echo "✓ Bootstrap container extracted to: $AIOS_ROOT"
+ else
+ echo "⚠ Skipping (requires root)"
+ fi
+else
+ echo "[2/6] Bootstrap container already exists"
+fi
+
+# 3. Install aigpt (if not installed)
+if ! command -v aigpt &>/dev/null; then
+ echo "[3/6] Installing aigpt..."
+ if command -v cargo &>/dev/null; then
+ cd /tmp
+ git clone https://git.syui.ai/ai/gpt || git clone https://github.com/syui/aigpt
+ cd gpt 2>/dev/null || cd aigpt
+ cargo build --release
+
+ if [ "$EUID" -eq 0 ]; then
+ cp target/release/aigpt /usr/bin/
+ else
+ mkdir -p ~/.local/bin
+ cp target/release/aigpt ~/.local/bin/
+ echo " Add to PATH: export PATH=\$HOME/.local/bin:\$PATH"
+ fi
+ echo "✓ aigpt installed"
+ else
+ echo "⚠ cargo not found. Install rust first:"
+ echo " curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh"
+ fi
+else
+ echo "[3/6] aigpt already installed"
+fi
+
+# 4. Initialize aigpt database
+if [ ! -f "${AIOS_CONFIG}/gpt/memory.db" ]; then
+ echo "[4/6] Initializing aigpt database..."
+
+ # Start aigpt server temporarily to create DB
+ if command -v aigpt &>/dev/null; then
+ aigpt server --enable-layer4 &
+ AIGPT_PID=$!
+ sleep 2
+ kill $AIGPT_PID 2>/dev/null || true
+
+ # Enable WAL mode for concurrent access
+ if command -v sqlite3 &>/dev/null; then
+ sqlite3 "${AIOS_CONFIG}/gpt/memory.db" < /etc/systemd/nspawn/aios.nspawn
+
+ echo "✓ systemd-nspawn configuration installed"
+
+ # Enable and start container
+ echo ""
+ echo "Starting aios container..."
+ systemctl enable systemd-nspawn@aios
+ systemctl start systemd-nspawn@aios
+ echo "✓ aios container started"
+else
+ echo "[6/6] Skipping systemd setup (requires root)"
+fi
+
+echo ""
+echo "================================================"
+echo "✓ aios installation complete!"
+echo "================================================"
+echo ""
+
+if command -v aigpt &>/dev/null; then
+ echo "Next steps:"
+ echo ""
+ echo " # Enter aios container:"
+ echo " $ sudo machinectl shell aios"
+ echo ""
+ echo " # Or start AI chat interface:"
+ echo " $ aios shell"
+ echo ""
+else
+ echo "To complete installation:"
+ echo " 1. Install Rust: curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh"
+ echo " 2. Run this installer again: ./aios-install.sh"
+fi
+
+echo ""
+echo "Configuration:"
+echo " Config dir: ${AIOS_CONFIG}"
+echo " Memory DB: ${AIOS_CONFIG}/gpt/memory.db"
+echo " MCP config: ${AIOS_CONFIG}/mcp.json"
+echo ""
diff --git a/build.zsh b/build.zsh
index 92bcf60..0139a57 100755
--- a/build.zsh
+++ b/build.zsh
@@ -18,5 +18,24 @@ arch-chroot root.x86_64 /bin/sh -c 'pacman -Syu --noconfirm base base-devel linu
arch-chroot root.x86_64 /bin/sh -c 'mkdir -p /etc/containers/registries.conf.d'
arch-chroot root.x86_64 /bin/sh -c 'curl -sL -o /etc/containers/registries.conf.d/ai.conf https://git.syui.ai/ai/os/raw/branch/main/cfg/ai.conf'
arch-chroot root.x86_64 /bin/sh -c 'chsh -s /bin/zsh'
+
+# Install aigpt (AI memory system)
+arch-chroot root.x86_64 /bin/sh -c 'git clone https://git.syui.ai/ai/gpt && cd gpt && cargo build --release && cp -rf ./target/release/aigpt /bin/'
+
+# Install ai/bot (optional, for backward compatibility)
arch-chroot root.x86_64 /bin/sh -c 'git clone https://git.syui.ai/ai/bot && cd bot && cargo build && cp -rf ./target/debug/ai /bin/ && ai ai'
+
+# Create config directory
+arch-chroot root.x86_64 /bin/sh -c 'mkdir -p /root/.config/syui/ai/gpt'
+
+# Copy MCP and aios configuration
+cp -rf ./cfg/mcp.json root.x86_64/root/.config/syui/ai/mcp.json
+cp -rf ./cfg/config.toml root.x86_64/root/.config/syui/ai/config.toml
+
+# Initialize aigpt database with WAL mode
+arch-chroot root.x86_64 /bin/sh -c 'aigpt server --enable-layer4 &'
+sleep 2
+arch-chroot root.x86_64 /bin/sh -c 'pkill aigpt'
+arch-chroot root.x86_64 /bin/sh -c 'if command -v sqlite3 &>/dev/null; then sqlite3 /root/.config/syui/ai/gpt/memory.db "PRAGMA journal_mode=WAL; PRAGMA synchronous=NORMAL;"; fi'
+
tar -zcvf aios-bootstrap.tar.gz root.x86_64/
diff --git a/cfg/config.toml b/cfg/config.toml
new file mode 100644
index 0000000..d441b89
--- /dev/null
+++ b/cfg/config.toml
@@ -0,0 +1,59 @@
+# aios configuration
+
+[general]
+version = "0.1.0"
+name = "aios"
+description = "AI-managed OS with shared memory"
+
+[paths]
+config_dir = "~/.config/syui/ai"
+memory_db = "~/.config/syui/ai/gpt/memory.db"
+mcp_config = "~/.config/syui/ai/mcp.json"
+
+[permissions]
+# Level 0: Auto-allow (no approval required)
+auto_allow = [
+ "pacman -Q*",
+ "pacman -Ss*",
+ "systemctl status*",
+ "ls", "cat", "grep", "find",
+ "ps", "top", "htop",
+ "df", "free", "uname"
+]
+
+# Level 1: Notify (log only, no approval)
+notify = [
+ "pacman -S*",
+ "pacman -Sy*",
+ "git clone*",
+ "cargo install*",
+ "systemctl start*",
+ "systemctl enable*"
+]
+
+# Level 2: Require approval
+require_approval = [
+ "pacman -R*",
+ "rm -rf*",
+ "systemctl stop*",
+ "systemctl disable*",
+ "dd*"
+]
+
+# Level 3: Deny
+deny = [
+ "rm -rf /",
+ "rm -rf /*",
+ "mkfs*",
+ ":(){ :|:& };:"
+]
+
+[aigpt]
+enable_layer4 = true
+wal_mode = true
+cache_size_mb = 64
+
+[container]
+runtime = "systemd-nspawn"
+private_users = true
+virtual_ethernet = true
diff --git a/cfg/mcp.json b/cfg/mcp.json
new file mode 100644
index 0000000..5753a69
--- /dev/null
+++ b/cfg/mcp.json
@@ -0,0 +1,12 @@
+{
+ "mcpServers": {
+ "aigpt": {
+ "command": "aigpt",
+ "args": ["server", "--enable-layer4"],
+ "env": {
+ "AIGPT_DB": "/root/.config/syui/ai/gpt/memory.db"
+ },
+ "description": "AI memory and personality system"
+ }
+ }
+}
diff --git a/cfg/nspawn/aios.nspawn b/cfg/nspawn/aios.nspawn
new file mode 100644
index 0000000..1550bda
--- /dev/null
+++ b/cfg/nspawn/aios.nspawn
@@ -0,0 +1,16 @@
+# systemd-nspawn configuration for aios
+# Place this file in /etc/systemd/nspawn/aios.nspawn
+
+[Exec]
+Boot=yes
+PrivateUsers=pick
+ResolvConf=copy-host
+
+[Files]
+# Bind mount shared memory directory
+# Host: ~/.config/syui/ai -> Container: /root/.config/syui/ai
+Bind=%h/.config/syui/ai:/root/.config/syui/ai
+
+[Network]
+Private=yes
+VirtualEthernet=yes