From 1c28f62346450ef12c6a126eca672c40727c47a6 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 9 Feb 2026 18:22:16 +0000 Subject: [PATCH 1/3] Initial plan From dc024913175cd9d5332618496603513b3cb5afed Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 9 Feb 2026 18:24:58 +0000 Subject: [PATCH 2/3] docs: improve installation security with pinned versions and integrity checks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Address security feedback from PR #155: - Remove curl | bash from unstable 'main' branch - Replace with git clone as primary method (safer, more transparent) - Add alternative method with commit hash pinning - Include explicit security warnings - Add file verification steps (review file, checksum) - Fix incorrect filename (docker-compose.unified.yml → docker-compose.yml) - Document best practices for downloading configs Fixes https://github.com/hessius/MeticAI/pull/155#discussion_r2783837460 Co-authored-by: hessius <1499030+hessius@users.noreply.github.com> --- README.md | 68 ++++++++++++++++++++++++++++++++++--------------------- 1 file changed, 42 insertions(+), 26 deletions(-) diff --git a/README.md b/README.md index 3aef643..364eb1d 100644 --- a/README.md +++ b/README.md @@ -61,52 +61,68 @@ When I got my Meticulous, after a loooong wait, I was overwhelmed with the optio - ☑️ A server to run MeticAI (Raspberry Pi, Mac, Linux, or Windows with Docker) - ☑️ A **free Google Gemini API key** → [Get yours here](https://aistudio.google.com/app/apikey) (takes 30 seconds) -### Installation (2 minutes) +### Installation (5 minutes) -**One-Line Install:** -```bash -curl -fsSL https://raw.githubusercontent.com/hessius/MeticAI/main/scripts/install.sh | bash -``` +**Prerequisites:** +- Docker and Docker Compose installed ([Get Docker](https://docs.docker.com/get-docker/)) +- Git -That's it! The installer will: -- ✅ Check for and install Docker if needed -- ✅ Guide you through setup (just paste your API key and machine IP) -- ✅ Optionally enable Tailscale (remote access) and Watchtower (auto-updates) -- ✅ Pull and start the unified container +**Recommended: Git Clone Method** + +This is the safest and most transparent installation method: -**Upgrading from v1.x?** ```bash -curl -fsSL https://raw.githubusercontent.com/hessius/MeticAI/main/scripts/migrate-to-unified.sh | bash +# 1. Clone the repository (recommended: use a specific release tag when available) +git clone https://github.com/hessius/MeticAI.git +cd MeticAI + +# Optional: Checkout a specific release for stability +# git checkout v2.0.0 # (use when tagged releases are available) + +# 2. Create .env file with your configuration +cat > .env << EOF +GEMINI_API_KEY=your_api_key_here +METICULOUS_IP=your_meticulous_ip +EOF + +# 3. Start MeticAI +docker compose up -d ``` -The migration script will: -- ✅ Back up your existing configuration -- ✅ Stop and remove old containers -- ✅ Migrate your data to the new volume -- ✅ Start the new unified container +**Alternative: Direct Download (Advanced Users)** -### Manual Installation +> ⚠️ **Security Warning**: Downloading and executing scripts or configuration files directly from the internet carries security risks. Only use this method if you trust the source and have verified the file contents. -For those who prefer manual setup: +If you prefer not to clone the entire repository, you can download just the compose file: ```bash # Create configuration directory mkdir -p ~/.meticai && cd ~/.meticai +# Download and inspect the compose file BEFORE running it +# Use a specific commit hash for reproducibility and security +COMMIT_HASH="104d7c5" # Update this to the latest stable commit +curl -fsSL "https://raw.githubusercontent.com/hessius/MeticAI/${COMMIT_HASH}/docker-compose.yml" -o docker-compose.yml + +# IMPORTANT: Review the downloaded file before proceeding +cat docker-compose.yml + +# Verify file integrity (optional but recommended) +# Compare the file hash with the one published in the release notes +sha256sum docker-compose.yml + # Create .env file cat > .env << EOF -GEMINI_API_KEY=your_key_here -METICULOUS_IP=meticulous.local +GEMINI_API_KEY=your_api_key_here +METICULOUS_IP=your_meticulous_ip EOF -# Download compose file -curl -fsSL https://raw.githubusercontent.com/hessius/MeticAI/main/docker-compose.unified.yml -o docker-compose.yml - -# Start MeticAI -docker compose pull +# Start MeticAI only after verifying the compose file docker compose up -d ``` +> **Best Practice**: Always review configuration files before running them, especially when downloaded from the internet. The git clone method above is recommended as it provides full transparency and version control. + ### After Installation Open `http://YOUR_SERVER_IP:3550` in any browser to access the web interface! From 1bb1c18600c5bc3e0e31576207d32cd00bd3b6e5 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 9 Feb 2026 18:25:50 +0000 Subject: [PATCH 3/3] docs: improve installation examples with better guidance - Add link to GitHub commits page for finding latest commit hash - Clarify that commit hash is an example that should be updated - Provide example values for METICULOUS_IP (hostname and IP address) - Make placeholders more helpful with inline comments Co-authored-by: hessius <1499030+hessius@users.noreply.github.com> --- README.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 364eb1d..70684f5 100644 --- a/README.md +++ b/README.md @@ -82,7 +82,7 @@ cd MeticAI # 2. Create .env file with your configuration cat > .env << EOF GEMINI_API_KEY=your_api_key_here -METICULOUS_IP=your_meticulous_ip +METICULOUS_IP=meticulous.local # or IP address like 192.168.1.100 EOF # 3. Start MeticAI @@ -101,7 +101,8 @@ mkdir -p ~/.meticai && cd ~/.meticai # Download and inspect the compose file BEFORE running it # Use a specific commit hash for reproducibility and security -COMMIT_HASH="104d7c5" # Update this to the latest stable commit +# Find the latest commit at: https://github.com/hessius/MeticAI/commits/main +COMMIT_HASH="104d7c5" # Example: update this to your chosen commit curl -fsSL "https://raw.githubusercontent.com/hessius/MeticAI/${COMMIT_HASH}/docker-compose.yml" -o docker-compose.yml # IMPORTANT: Review the downloaded file before proceeding @@ -114,7 +115,7 @@ sha256sum docker-compose.yml # Create .env file cat > .env << EOF GEMINI_API_KEY=your_api_key_here -METICULOUS_IP=your_meticulous_ip +METICULOUS_IP=meticulous.local # or IP address like 192.168.1.100 EOF # Start MeticAI only after verifying the compose file