# =============================================================================
# FURRYOS MASTER BUILD BLUEPRINT (v8.0 "Sovereign Universe")
# =============================================================================
# INSTRUCTION TO AI GENERATOR:
# 1. READ this file and TREE.txt carefully.
# 2. AUDIT the request against "Debian 12 Pain Points" knowledge.
# 3. PROBE THE USER: Ask 3 specific questions about Hardware/Prefs.
# 4. GENERATE C++ CODE only after the user answers.
# =============================================================================

meta:
  project_name: "FurryOS"
  codename: "Sovereign Universe"
  version: "8.0.0"
  timestamp: "2025-12-29 UTC"
  author: "Thomas B. Sweet (Anthro Teacher)"
  owner: "Anthro Entertainment LLC"
  coder: Gemini 3 Pro via Google AI Studio (API Key)
  license: "MIT"

  provenance:
    anchor_block: 929481
    hashing_algo: "SHA-256"
    identity_algo: "Ed25519"

# -----------------------------------------------------------------------------
# FILESYSTEM MAP (Derived from TREE.txt)
# -----------------------------------------------------------------------------
filesystem:
  root: "/TOP"
  tree: /TOP/TREE.txt"
  assets_7z: "/TOP/assets/AnthroHeart_Assets_Bitcoin_Blockchain_Block_929481.7z"
  iso_source: "/TOP/assets/debian-12.12.0-amd64-netinst.iso"
  icon: "/TOP/images/icon.png"
  source_dir: "/TOP/sourcecode/src"
  output_bin: "heartbeat_core"
  venv_path: "/TOP/FurryOS_venv"
  blockchain_keys: "/TOP/blockchain_proofs"
  case_sensitive_filenames: yes
  allow_path_ending_slash: no
  cache_webpages: no
  system_snapshots: no
  auto_memory_management: yes
  auto_defrag_hdd: yes
  auto_trim_ssd: yes
  auto_detect_hardware: yes
  optimize_for_hardware: yes
  optimize_for_ram: yes
  silo_major_processes: yes

# -----------------------------------------------------------------------------
# THE USER UNIVERSE (Privilege Strategy)
# -----------------------------------------------------------------------------
user_universe:
  root_account:
    status: "Hidden/Locked"
    default_pass: "root" # Forced change on first run

  admin_account:
    username: "anthro"
    default_pass: "anthro"
    groups: ["sudo", "plugdev", "kvm", "libvirt", "dialout"]

  standard_account: # "Granny Mode"
    capabilities: ["audio", "video", "network", "print"]
    sudo_policy: "Deny (Must allow specific apps via Polkit)"

  guest_account:
    enabled: true
    persistence: false # Wipes on logout (tmpfs home)
    sudo_access: false

# -----------------------------------------------------------------------------
# MODULE SPECIFICATIONS (C++ Implementation Guide)
# -----------------------------------------------------------------------------
module_specs:
  # 1. REMOTE ACCESS (Tunnel-First)
  - file: "remote.cpp"
    class: "RemoteModule"
    logic:
      - "Server: Install xrdp, bind to 127.0.0.1 (Localhost only)."
      - "Client: Function 'ConnectSecure()' -> Auto-spawn SSH tunnel + Remmina."
      - "SSH: Configure sshd_config to allow TCP forwarding."

  # 2. SECURITY & KEYGEN
  - file: "security.cpp"
    class: "SecurityModule"
    logic:
      - "KeyMaster: Generate/Manage SSH (Ed25519), GPG, and Blockchain Keys."
      - "Vault: LUKS2 Container creation (AES-256-XTS)."
      - "VerifyProvenance: Block 929481 Check."

  # 3. NETWORK & FILTERING
  - file: "network.cpp"
    class: "NetworkModule"
    logic:
      - "WebFilter: Download blocklists -> Configure dnsmasq to return 0.0.0.0."
      - "SmartFirewall: UFW Wrapper."
      - "FoxServe: Native HTTP Server."

  # 4. MAINTENANCE & DEBLOAT
  - file: "maintenance.cpp"
    class: "MaintenanceModule"
    logic:
      - "Debloat: Purge games-*, libreoffice-* (unless requested), gnome-software."
      - "Drivers: Enable non-free-firmware."
      - "Backup: Native 'rsync' wrapper to external targets (No snapshots)."

  # 5. UI & HELP
  - file: "ui.cpp"
    class: "UIModule"
    logic:
      - "HelpSystem: 'Beefy' searchable TUI/GUI documentation browser."
      - "Dashboard: TUI/GUI detection."
      - "SessionManager: F1-F12 multiplexer + User Switching."

  # 6. INSTINCT
  - file: "instinct.cpp"
    class: "InstinctModule"
    logic:
      - "FurryBASIC: Compiler."
      - "AI_Storyteller: RAG via Gemini."

# -----------------------------------------------------------------------------
# BUILDER CONFIGURATION
# -----------------------------------------------------------------------------
compiler:
  binary: "g++-14"
  std: "c++20"
  flags: "-O3 -march=native -flto -Wall -Wno-unused-result -pthread"
  link: "-lssl -lcrypto -lpthread"
  audit: "Perform AI Security Audit before compilation."
