NubiferOS Integration

Using NubiferAI within NubiferOS workspaces

NubiferOS Integration

NubiferAI is designed as a first-class add-on for NubiferOS. When running on NubiferOS, many configuration steps are handled automatically.

Automatic Detection

NubiferAI detects NubiferOS by checking for /etc/nubifer/release. When detected:

  • Workspace is set from the active NubiferOS workspace
  • AWS credentials (profile, region, account) are inherited from the workspace
  • Safety classification is enforced from the workspace configuration
  • No manual API key setup is needed for AWS Bedrock (uses workspace credentials)

Visual Indicators

GUI

When NubiferOS is detected, the GUI shows:

  • Header bar: Blue cloud icon with workspace name (instead of grey "standalone")
  • Status bar: Full environment details — workspace, AWS profile, region, account, safety level
  • Settings > NubiferOS tab: Read-only display of detected environment values

CLI

$ nubiferai status
NubiferOS Mode: Active
Workspace: production-main
AWS Profile: nubifer-prod
AWS Region: us-east-1
AWS Account: 123456789012
Safety: production
Provider: claude

Workspaces

NubiferOS workspaces provide isolated environments with their own:

  • AWS credentials and profiles
  • Safety classification
  • Configuration overrides

NubiferAI inherits all of these automatically. Switching workspaces in NubiferOS changes the NubiferAI context immediately.

# Switch workspace (NubiferOS)
nubi workspace use staging-main

# NubiferAI now operates in the staging context
nubiferai status
# → Workspace: staging-main, Safety: staging

Safety Enforcement

On NubiferOS, safety classification comes from the workspace and cannot be overridden in the NubiferAI GUI or config:

Workspace TypeSafety LevelEffect in NubiferAI
Sandbox/LabsandboxAll operations allowed, no confirmation
DevelopmentdevelopmentStandard confirmation before execution
StagingstagingDestructive ops require double confirmation
ProductionproductionDestructive ops are completely blocked

This ensures that production workspaces are always protected, regardless of user preferences.

Credentials Flow

NubiferOS Workspace
    ├── AWS Profile → NubiferAI context
    ├── AWS Region → NubiferAI context
    ├── AWS Account → NubiferAI context
    └── Safety Level → NubiferAI safety override
         │
         ▼
    NubiferAI Executor
    ├── terraform (inherits AWS env vars)
    ├── aws cli (inherits AWS env vars)
    └── shell scripts (inherits AWS env vars)

When NubiferAI executes a nucleation (precipitate), it passes the workspace's AWS environment variables to child processes. Terraform, AWS CLI, and shell scripts all automatically use the correct credentials.

Bedrock Provider on NubiferOS

AWS Bedrock is particularly well-suited for NubiferOS deployments:

  • No separate API key needed — uses workspace AWS credentials
  • API traffic stays within AWS
  • IAM policies can control model access per workspace
  • Cost is billed to the workspace's AWS account
# In workspace config or user config
provider = "bedrock"

Installation via NubiferOS

# Install NubiferAI as a NubiferOS add-on
nubi addon install nubiferai

# This automatically:
# - Installs system dependencies (GTK4, libadwaita)
# - Creates a Python venv
# - Installs all NubiferAI packages
# - Registers the .desktop file
# - Sets up default configuration

Updating

nubi addon update nubiferai

Removing

nubi addon remove nubiferai

Standalone vs NubiferOS

FeatureStandaloneNubiferOS
AWS credentialsManual (aws configure)Automatic from workspace
Safety classificationUser-configurableEnforced by workspace
Workspace switchingManual config editsnubi workspace use
Bedrock accessManual IAM setupManaged by workspace
Installationpip installnubi addon install
GUI workspace badgeGrey "standalone"Blue cloud + workspace name
Status barBasic provider/safety infoFull workspace/AWS/safety details

Troubleshooting

"NubiferOS not detected"

NubiferAI checks for /etc/nubifer/release. If this file doesn't exist, standalone mode is used. Verify your NubiferOS installation:

cat /etc/nubifer/release

"Workspace credentials not found"

Ensure a workspace is active:

nubi workspace list
nubi workspace use your-workspace-name

"Safety override preventing operation"

On NubiferOS, safety is controlled by the workspace. To perform destructive operations:

  • Use a sandbox or development workspace
  • Or request a workspace safety change from your NubiferOS administrator
  • Production safety blocks cannot be bypassed by design