Implement aios initial direction: AI-managed OS with shared memory

This commit implements the new direction for aios:
- AI conversation interface replaces traditional shell
- aigpt integration for shared memory across containers
- systemd-nspawn for environment isolation

Changes:
- Added aios-install.sh: Complete installer script
- Added cfg/mcp.json: MCP server configuration for aigpt
- Added cfg/config.toml: aios configuration with permission system
- Added cfg/nspawn/aios.nspawn: systemd-nspawn configuration
- Updated build.zsh: Integrated aigpt installation and setup
- Updated README.md: Documented new architecture and philosophy

Architecture:
User → AI Chat → Commands → Execution
         ↓
     aigpt (shared memory)
         ↓
  systemd-nspawn (isolated environment)

Philosophy:
Simply insert AI into existing flows (shell → AI chat)

README.md

@@ -1,110 +1,232 @@
-# <img src="./icon/ai.png" width="30"> ai `os` 
+# <img src="./icon/ai.png" width="30"> ai `os`
 
-`aios` is a simple linux distribution based on `archlinux`.
+**aios** = AI-managed OS with shared memory
 
-|rule|var|
+An ArchLinux-based OS where AI conversation interface replaces the traditional shell.
-|---|---|
-|name|ai os|
-|code|aios|
-|id|ai|
-|container|[git.syui.ai/ai/os](https://git.syui.ai/ai/-/packages/container/os/latest)|
-|image|[aios-bootstrap.tar.gz](https://github.com/syui/aios/releases/download/latest/aios-bootstrap.tar.gz)|
 
-```sh
+```
-$ docker run -it git.syui.ai/ai/os ai
+User → AI Chat → Commands → Execution
+          ↓
+      aigpt (shared memory)
+          ↓
+    systemd-nspawn (isolated environment)
 ```
 
-## link
+## Philosophy
 
-|host|command|url|
+**Insert AI into existing flows**
-|---|---|---|
-|docker|syui/aios|https://hub.docker.com/r/syui/aios|
-|github|ghcr.io/syui/aios|https://github.com/users/syui/packages/container/package/aios|
-|syui|git.syui.ai/ai/os|https://git.syui.ai/ai/-/packages/container/os|
 
-## base
+- Traditional: `User → Shell → Commands`
+- aios: `User → AI Chat → Commands`
+
+Simply insert AI layer into the existing workflow.
+
+## Core Features
+
+### 1. AI-First Interface
+
+Default interface is AI conversation, not shell.
 
 ```sh
-# https://gitlab.archlinux.org/archlinux
+> Install rust development environment
-$ git clone https://gitlab.archlinux.org/archlinux/archiso
+✓ Installing rust, rust-analyzer, neovim
+✓ Done
+
+> What did I install yesterday?
+Yesterday you installed Python with poetry.
 ```
 
-## docker
+### 2. Shared Memory (aigpt)
+
+All containers share the same memory database.
+
+```
+Host: ~/.config/syui/ai/gpt/memory.db (shared)
+  ↓
+aios-dev  → bind mount → same DB
+aios-prod → bind mount → same DB
+```
+
+AI learns from all environments and remembers your preferences.
+
+### 3. Environment Isolation
+
+Execution environments are isolated using systemd-nspawn.
 
 ```sh
-# https://git.syui.ai/ai/-/packages/container/os
+# Development environment
-$ docker run -it git.syui.ai/ai/os ai
+$ systemd-nspawn --machine=aios-dev
 
-# https://hub.docker.com/r/syui/aios
+# Production environment
-$ docekr run -it syui/aios ai
+$ systemd-nspawn --machine=aios-prod
-
-# https://github.com/users/syui/packages/container/package/aios
-$ docker run -it ghcr.io/syui/aios ai
 ```
 
-## token
+Memory is shared, but environments are separated.
 
-|env|body|
+## Architecture
-|---|---|
-|${{ github.repository }}|syui/aios|
-|${{ secrets.DOCKER_USERNAME }}|syui|
-|${{ secrets.DOCKER_TOKEN }}|[token](https://matsuand.github.io/docs.docker.jp.onthefly/docker-hub/access-tokens/)|
-|${{ secrets.APP_TOKEN }}|[token](https://docs.github.com/ja/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens), pacakge|
 
-## podman
+```
+aios (ArchLinux base)
+├── aigpt (memory system)
+│   ├── SQLite with WAL mode
+│   ├── Layer 3: Personality analysis
+│   └── Layer 4: Relationship inference
+├── MCP (AI connection standard)
+│   └── Claude Code / ChatGPT / Custom AI
+├── systemd-nspawn (container runtime)
+│   └── Shared memory bind mount
+└── Permission system
+    ├── Auto-allow
+    ├── Notify
+    ├── Require approval
+    └── Deny
+```
+
+## Quick Start
+
+### Installation
 
 ```sh
-if [ ! -d ~/ai/os/.git ];then
+# Clone repository
-    mkdir -p ~/ai
+$ git clone https://github.com/syui/aios
-    git clone https://git.syui.ai/ai/os ~/ai/os
+$ cd aios
-fi
+
-if [ ! -d ~/.config/containers/registries.conf.d ];then
+# Run installer
-    mkdir -p ~/.config/containers/registries.conf.d
+$ sudo ./aios-install.sh
-fi
-ln -s ~/ai/os/.config/containers/registries.conf.d/ai.conf ~/.config/containers/registries.conf.d/ai.conf
 ```
 
+### Usage
+
 ```sh
-$ podman pull aios
+# Start aios container
+$ sudo systemctl start systemd-nspawn@aios
+
+# Enter aios shell
+$ sudo machinectl shell aios
+
+# Inside aios, AI chat interface starts
+[aios] >
 ```
 
-> ~/.config/containers/registries.conf.d/ai.conf
+## Container Distribution
+
+Pre-built containers are available:
 
 ```sh
-# https://github.com/containers/shortnames
+# Docker
-# ~/.config/containers/registries.conf.d/ai.conf
+$ docker run -it git.syui.ai/ai/os
-unqualified-search-registries = ['git.syui.ai', 'docker.io', 'ghcr.io']
+$ docker run -it ghcr.io/syui/aios
 
-[aliases]
+# Podman
-"aios" = "git.syui.ai/ai/os"
+$ podman pull aios  # using shortname alias
 ```
 
+## Configuration
+
+### Directory Structure
+
+```
+~/.config/syui/ai/
+├── gpt/
+│   ├── memory.db       # Shared memory (SQLite WAL)
+│   ├── memory.db-wal
+│   └── memory.db-shm
+├── mcp.json           # MCP server configuration
+└── config.toml        # aios configuration
+```
+
+### MCP Configuration
+
+`~/.config/syui/ai/mcp.json`:
+
+```json
+{
+  "mcpServers": {
+    "aigpt": {
+      "command": "aigpt",
+      "args": ["server", "--enable-layer4"]
+    }
+  }
+}
+```
+
+### Permission System
+
+`~/.config/syui/ai/config.toml`:
+
+```toml
+[permissions]
+# Auto-allow (no approval)
+auto_allow = ["pacman -Q*", "ls", "cat"]
+
+# Notify (log only)
+notify = ["pacman -S*", "git clone*"]
+
+# Require approval
+require_approval = ["rm -rf*", "systemctl stop*"]
+
+# Deny
+deny = ["rm -rf /", "mkfs*"]
+```
+
+## Building from Source
+
 ```sh
-$ podman pull aios
+# Install dependencies
-Resolved "aios" as an alias (/etc/containers/registries.conf.d/ai.conf)
+$ pacman -S base-devel archiso docker git rust
-Trying to pull git.syui.ai/ai/os:latest...
+
-Getting image source signatures
+# Build bootstrap image
-Copying blob c7e55fecf0be [====================>-----------------] 917.4MiB / 1.7GiB
+$ ./build.zsh
+
+# Result: aios-bootstrap.tar.gz
 ```
 
-## cron
+## Integration with aigpt
 
-stop
+aios is designed to work with [aigpt](https://git.syui.ai/ai/gpt) (AI memory system).
 
-```sh
+aigpt provides:
-  schedule:
+- **Layer 1**: Memory storage
-      - cron:  "0 0 * * *"
+- **Layer 2**: Priority scoring
-```
+- **Layer 3**: Personality analysis (Big Five)
+- **Layer 4**: Relationship inference
 
-## update action
+All memories are shared across containers through bind-mounted SQLite database.
 
-```sh
+## Comparison
-$ vim build.zszh
-$ ./scpt/gh-actions.zsh
-```
 
-## link
+| Aspect | Traditional OS | aios |
+|--------|---------------|------|
+| Interface | Shell (bash/zsh) | AI Chat |
+| Command | Memorize syntax | Natural language |
+| Configuration | Manual editing | AI executes |
+| Learning | No | Yes (aigpt) |
+| Memory | No | Shared (SQLite) |
+| Isolation | Docker/Podman | systemd-nspawn |
 
-- https://git.syui.ai/ai/os
+## Links
-- https://github.com/syui/aios
 
+- Repository: https://github.com/syui/aios
+- Git: https://git.syui.ai/ai/os
+- aigpt: https://git.syui.ai/ai/gpt
+- Container: https://git.syui.ai/ai/-/packages/container/os
+
+## Philosophy Detail
+
+From conversation with AI about aigpt:
+
+> "What is the essence of this design?"
+> "Simply insert AI into existing flows"
+>
+> - aigpt: Insert AI between conversation and memory
+> - aios: Insert AI between user and commands
+>
+> Not building something entirely new.
+> Just adding an AI layer to existing workflows.
+> And prepare the environment for that.
+
+This is aios.
+
+---
+
+© syui

aios-install.sh

@@ -0,0 +1,151 @@
+#!/bin/bash
+# aios installer - AI-managed OS with shared memory
+
+set -e
+
+AIOS_VERSION="0.1.0"
+AIOS_ROOT="/var/lib/machines/aios"
+AIOS_CONFIG="$HOME/.config/syui/ai"
+
+echo "=== aios installer v${AIOS_VERSION} ==="
+echo ""
+echo "aios = AI-managed OS with shared memory"
+echo "- Default interface: AI chat (not shell)"
+echo "- Shared memory: aigpt (SQLite)"
+echo "- Environment isolation: systemd-nspawn"
+echo ""
+
+# Check if running as root for container creation
+if [ "$EUID" -ne 0 ] && [ ! -d "$AIOS_ROOT" ]; then
+    echo "Note: Container creation requires root privileges"
+    echo "      User config will be created in: $AIOS_CONFIG"
+fi
+
+# 1. Create shared memory directory
+echo "[1/6] Creating shared memory directory..."
+mkdir -p "${AIOS_CONFIG}/gpt"
+chmod 700 "${AIOS_CONFIG}"
+echo "✓ Created: ${AIOS_CONFIG}"
+
+# 2. Download bootstrap container (if not exists)
+if [ ! -d "$AIOS_ROOT" ]; then
+    echo "[2/6] Downloading aios bootstrap container..."
+    if [ "$EUID" -eq 0 ]; then
+        mkdir -p /var/lib/machines
+        cd /var/lib/machines
+        curl -sL https://github.com/syui/aios/releases/download/latest/aios-bootstrap.tar.gz | tar xz
+        echo "✓ Bootstrap container extracted to: $AIOS_ROOT"
+    else
+        echo "⚠ Skipping (requires root)"
+    fi
+else
+    echo "[2/6] Bootstrap container already exists"
+fi
+
+# 3. Install aigpt (if not installed)
+if ! command -v aigpt &>/dev/null; then
+    echo "[3/6] Installing aigpt..."
+    if command -v cargo &>/dev/null; then
+        cd /tmp
+        git clone https://git.syui.ai/ai/gpt || git clone https://github.com/syui/aigpt
+        cd gpt 2>/dev/null || cd aigpt
+        cargo build --release
+
+        if [ "$EUID" -eq 0 ]; then
+            cp target/release/aigpt /usr/bin/
+        else
+            mkdir -p ~/.local/bin
+            cp target/release/aigpt ~/.local/bin/
+            echo "  Add to PATH: export PATH=\$HOME/.local/bin:\$PATH"
+        fi
+        echo "✓ aigpt installed"
+    else
+        echo "⚠ cargo not found. Install rust first:"
+        echo "    curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh"
+    fi
+else
+    echo "[3/6] aigpt already installed"
+fi
+
+# 4. Initialize aigpt database
+if [ ! -f "${AIOS_CONFIG}/gpt/memory.db" ]; then
+    echo "[4/6] Initializing aigpt database..."
+
+    # Start aigpt server temporarily to create DB
+    if command -v aigpt &>/dev/null; then
+        aigpt server --enable-layer4 &
+        AIGPT_PID=$!
+        sleep 2
+        kill $AIGPT_PID 2>/dev/null || true
+
+        # Enable WAL mode for concurrent access
+        if command -v sqlite3 &>/dev/null; then
+            sqlite3 "${AIOS_CONFIG}/gpt/memory.db" <<EOF
+PRAGMA journal_mode=WAL;
+PRAGMA synchronous=NORMAL;
+PRAGMA cache_size=-64000;
+EOF
+            echo "✓ Database initialized with WAL mode"
+        else
+            echo "⚠ sqlite3 not found, skipping WAL mode setup"
+        fi
+    else
+        echo "⚠ aigpt not available, skipping database init"
+    fi
+else
+    echo "[4/6] Database already exists"
+fi
+
+# 5. Install MCP configuration
+echo "[5/6] Installing MCP configuration..."
+cp cfg/mcp.json "${AIOS_CONFIG}/mcp.json"
+cp cfg/config.toml "${AIOS_CONFIG}/config.toml"
+echo "✓ Configuration files installed"
+
+# 6. Install systemd-nspawn configuration
+if [ "$EUID" -eq 0 ]; then
+    echo "[6/6] Installing systemd-nspawn configuration..."
+    mkdir -p /etc/systemd/nspawn
+
+    # Replace %h with actual home directory
+    sed "s|%h|$HOME|g" cfg/nspawn/aios.nspawn > /etc/systemd/nspawn/aios.nspawn
+
+    echo "✓ systemd-nspawn configuration installed"
+
+    # Enable and start container
+    echo ""
+    echo "Starting aios container..."
+    systemctl enable systemd-nspawn@aios
+    systemctl start systemd-nspawn@aios
+    echo "✓ aios container started"
+else
+    echo "[6/6] Skipping systemd setup (requires root)"
+fi
+
+echo ""
+echo "================================================"
+echo "✓ aios installation complete!"
+echo "================================================"
+echo ""
+
+if command -v aigpt &>/dev/null; then
+    echo "Next steps:"
+    echo ""
+    echo "  # Enter aios container:"
+    echo "  $ sudo machinectl shell aios"
+    echo ""
+    echo "  # Or start AI chat interface:"
+    echo "  $ aios shell"
+    echo ""
+else
+    echo "To complete installation:"
+    echo "  1. Install Rust: curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh"
+    echo "  2. Run this installer again: ./aios-install.sh"
+fi
+
+echo ""
+echo "Configuration:"
+echo "  Config dir: ${AIOS_CONFIG}"
+echo "  Memory DB:  ${AIOS_CONFIG}/gpt/memory.db"
+echo "  MCP config: ${AIOS_CONFIG}/mcp.json"
+echo ""

build.zsh

@@ -18,5 +18,24 @@ arch-chroot root.x86_64 /bin/sh -c 'pacman -Syu --noconfirm base base-devel linu
 arch-chroot root.x86_64 /bin/sh -c 'mkdir -p /etc/containers/registries.conf.d'
 arch-chroot root.x86_64 /bin/sh -c 'curl -sL -o /etc/containers/registries.conf.d/ai.conf https://git.syui.ai/ai/os/raw/branch/main/cfg/ai.conf'
 arch-chroot root.x86_64 /bin/sh -c 'chsh -s /bin/zsh'
+
+# Install aigpt (AI memory system)
+arch-chroot root.x86_64 /bin/sh -c 'git clone https://git.syui.ai/ai/gpt && cd gpt && cargo build --release && cp -rf ./target/release/aigpt /bin/'
+
+# Install ai/bot (optional, for backward compatibility)
 arch-chroot root.x86_64 /bin/sh -c 'git clone https://git.syui.ai/ai/bot && cd bot && cargo build && cp -rf ./target/debug/ai /bin/ && ai ai'
+
+# Create config directory
+arch-chroot root.x86_64 /bin/sh -c 'mkdir -p /root/.config/syui/ai/gpt'
+
+# Copy MCP and aios configuration
+cp -rf ./cfg/mcp.json root.x86_64/root/.config/syui/ai/mcp.json
+cp -rf ./cfg/config.toml root.x86_64/root/.config/syui/ai/config.toml
+
+# Initialize aigpt database with WAL mode
+arch-chroot root.x86_64 /bin/sh -c 'aigpt server --enable-layer4 &'
+sleep 2
+arch-chroot root.x86_64 /bin/sh -c 'pkill aigpt'
+arch-chroot root.x86_64 /bin/sh -c 'if command -v sqlite3 &>/dev/null; then sqlite3 /root/.config/syui/ai/gpt/memory.db "PRAGMA journal_mode=WAL; PRAGMA synchronous=NORMAL;"; fi'
+
 tar -zcvf aios-bootstrap.tar.gz root.x86_64/

cfg/config.toml

@@ -0,0 +1,59 @@
+# aios configuration
+
+[general]
+version = "0.1.0"
+name = "aios"
+description = "AI-managed OS with shared memory"
+
+[paths]
+config_dir = "~/.config/syui/ai"
+memory_db = "~/.config/syui/ai/gpt/memory.db"
+mcp_config = "~/.config/syui/ai/mcp.json"
+
+[permissions]
+# Level 0: Auto-allow (no approval required)
+auto_allow = [
+    "pacman -Q*",
+    "pacman -Ss*",
+    "systemctl status*",
+    "ls", "cat", "grep", "find",
+    "ps", "top", "htop",
+    "df", "free", "uname"
+]
+
+# Level 1: Notify (log only, no approval)
+notify = [
+    "pacman -S*",
+    "pacman -Sy*",
+    "git clone*",
+    "cargo install*",
+    "systemctl start*",
+    "systemctl enable*"
+]
+
+# Level 2: Require approval
+require_approval = [
+    "pacman -R*",
+    "rm -rf*",
+    "systemctl stop*",
+    "systemctl disable*",
+    "dd*"
+]
+
+# Level 3: Deny
+deny = [
+    "rm -rf /",
+    "rm -rf /*",
+    "mkfs*",
+    ":(){ :|:& };:"
+]
+
+[aigpt]
+enable_layer4 = true
+wal_mode = true
+cache_size_mb = 64
+
+[container]
+runtime = "systemd-nspawn"
+private_users = true
+virtual_ethernet = true

cfg/mcp.json

@@ -0,0 +1,12 @@
+{
+  "mcpServers": {
+    "aigpt": {
+      "command": "aigpt",
+      "args": ["server", "--enable-layer4"],
+      "env": {
+        "AIGPT_DB": "/root/.config/syui/ai/gpt/memory.db"
+      },
+      "description": "AI memory and personality system"
+    }
+  }
+}

cfg/nspawn/aios.nspawn

@@ -0,0 +1,16 @@
+# systemd-nspawn configuration for aios
+# Place this file in /etc/systemd/nspawn/aios.nspawn
+
+[Exec]
+Boot=yes
+PrivateUsers=pick
+ResolvConf=copy-host
+
+[Files]
+# Bind mount shared memory directory
+# Host: ~/.config/syui/ai -> Container: /root/.config/syui/ai
+Bind=%h/.config/syui/ai:/root/.config/syui/ai
+
+[Network]
+Private=yes
+VirtualEthernet=yes