Adds environment detection and integration mode to the installer:
- Scans for running Docker Compose projects, NVIDIA GPU runtime,
existing MySQL/Redis containers, and Docker networks
- Offers standalone (full isolated stack) vs integrated mode
- Integrated mode:
- Joins an existing Docker network so NOMAD services are discoverable
by other containers and vice versa
- Optionally reuses existing MySQL with user-provided credentials
- Optionally reuses existing Redis
- Detects NVIDIA containers already using the GPU and confirms
coexistence (Docker/NVIDIA handle time-sharing automatically)
- Generates a tailored compose file (removes unneeded services,
configures external network)
- Persists integration config to /opt/project-nomad/.integration
for use by helper scripts and updates
- NOMAD always manages its own compose file — user's compose is
never modified
NOMAD is a LAN appliance — blocking RFC1918 private ranges (10.x,
172.16-31.x, 192.168.x) would prevent users from downloading content
from local network mirrors. Narrowed to only block loopback (localhost,
127.x, 0.0.0.0, ::1) and link-local (169.254.x, fe80::) addresses.
Restored require_tld: false for LAN hostnames without TLDs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Fixes 4 high-severity findings from a comprehensive security audit:
1. Path traversal on ZIM file delete — resolve()+startsWith() containment
2. Path traversal on Map file delete — same pattern
3. Path traversal on docs read — same pattern (already used in rag_service)
4. SSRF on download endpoints — block private/internal IPs, require TLD
Also adds assertNotPrivateUrl() to content update endpoints.
Full audit report attached as admin/docs/security-audit-v1.md.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add hardware guide link (projectnomad.us/hardware) to README, FAQ, and About page
- Add Apache 2.0 license section to README and About page
- Add Early Access Channel FAQ and Getting Started mention
- Add GPU passthrough warning troubleshooting entry to FAQ
- Add Knowledge Base document deletion to FAQ and Getting Started
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The previous lspci-based GPU detection fails inside Docker containers
because lspci isn't available, causing Ollama to always run CPU-only
even when a GPU + NVIDIA Container Toolkit are present on the host.
Replace with Docker API runtime check (docker.info() -> Runtimes) as
primary detection method. This works from inside any container via the
mounted Docker socket and confirms both GPU presence and toolkit
installation. Keep lspci as fallback for host-based installs and AMD.
Also add Docker-based GPU detection to benchmark hardware info — exec
nvidia-smi inside the Ollama container to get the actual GPU model name
instead of showing "Not detected".
Tested on nomad3 (Intel Core Ultra 9 285HX + RTX 5060): AI performance
went from 12.7 tok/s (CPU) to 281.4 tok/s (GPU) — a 22x improvement.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add custom Markdoc renderers for images, links, paragraphs, code blocks,
inline code, and horizontal rules. Restyle existing heading, table, and
list components to match the desert tactical color palette. Add 8
screenshots to docs with polished image presentation (rounded corners,
shadow, captions). Constrain content width for readability.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Users reading in-app docs already have NOMAD installed. Remove
install instructions, system requirements, and security/privacy
sections that duplicate the README. Start directly with Easy Setup.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Drop minimum specs section — NOMAD is a premium resource designed
for robust hardware. Align recommended storage to 500 GB+ SSD to
match projectnomad.us. Add Internet-in-a-Box mention for users
seeking a lightweight alternative.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The Wikipedia Selector lives at Content Explorer
(/settings/zim/remote-explorer), not Content Manager (/settings/zim).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Update all 6 documentation files and docs_service.ts:
- home.md: Add AI Chat, Knowledge Base, and Benchmark sections;
replace Open WebUI references with built-in AI Chat links;
expand Quick Links table with new features
- getting-started.md: Update Easy Setup steps to match current
wizard (Capabilities/Maps/Content/Review); replace Open WebUI
section with AI Assistant and Knowledge Base sections; add
Wikipedia Selector and System Benchmark docs; update GPU specs
- faq.md: Add AI, Knowledge Base, Benchmark, and curated tier
FAQ entries; add troubleshooting for AI Chat, Knowledge Base
uploads, and benchmark submission; update all references from
Open WebUI to built-in AI Chat; add Discord community link
- use-cases.md: Add Knowledge Base mentions across Emergency Prep,
Homeschooling, Remote Work, Privacy, and Academic Research use
cases; add "Upload Relevant Documents" setup step; update
privacy section to emphasize built-in AI
- about.md: Fix "ultime" typo, add project evolution paragraph,
add community links section
- release-notes.md: Add all versions from v1.11.0 through v1.23.0
with accurate dates and changes from git history; consolidate
patch versions; update Support section with Discord link
- docs_service.ts: Replace alphabetical sidebar sort with custom
ordering (Home > Getting Started > Use Cases > FAQ > About >
Release Notes)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Services like Kiwix, Kolibri, and Open WebUI run on separate ports,
not as paths under the Command Center. Links like /kiwix, /kolibri,
and /openwebui don't exist - users must launch these from the Apps
page or home screen.
- Update home.md to direct users to Apps page or home screen
- Update getting-started.md with correct launch instructions
- Keep /maps link (Maps is embedded in Command Center)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Installation section to getting-started.md with system requirements
- Add install commands, post-install access info
- Add privacy and security notes
- Add Command-Line Maintenance section to FAQ with helper scripts
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Replace Lorem Ipsum home.md with proper welcome page
- Add getting-started.md: New user onboarding guide
- Add faq.md: FAQ and troubleshooting for offline use
- Add use-cases.md: Use case examples (emergency prep, homeschool, etc.)
Documentation written with non-technical users in mind, focusing on
clarity and self-sufficiency when offline.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
