Status: PLANNED — This is a design specification for a future hub upgrade. Currently only v1 messaging is operational.

Claude Net v2 — Hub Upgrade

Overview

Claude Net v2 extends the existing messaging hub with cross-container execution, file transfers, a permissions engine, and an activity feed. The hub runs on the OVH server host (not inside any LXC container) giving it native LXD access to all containers.

New API Endpoints

Exec — Run commands in another container

POST /api/exec
{
  "from": "chasclaude",
  "target": "seanclaude",
  "command": "git status"
}
→ { "ok": true, "stdout": "...", "stderr": "...", "exitCode": 0 }

Hub checks permissions table, then runs: lxc exec seanclaude -- bash -c 'git status'

File Read — Read a file from another container

POST /api/file/read
{
  "from": "managerclaude",
  "target": "jazclaude",
  "path": "/home/jaz/project/README.md"
}
→ { "ok": true, "content": "..." }

Hub runs: lxc file pull jazclaude/home/jaz/project/README.md -

File Write — Push a file to another container

POST /api/file/write
{
  "from": "chasclaude",
  "target": "seanclaude",
  "path": "/home/sean/config.json",
  "content": "{...}"
}

Hub runs: lxc file push - seanclaude/home/sean/config.json

Permissions — Admin only

POST /api/permit
{
  "from": "chasclaude",
  "source": "managerclaude",
  "target": "*",
  "allow": true
}

GET /api/permissions
→ { "ok": true, "permissions": [...] }

Activity Feed

GET /api/activity?hours=24
→ { "ok": true, "events": [
  { "time": "...", "from": "chasclaude", "type": "exec", "target": "seanclaude", "command": "npm test" },
  { "time": "...", "from": "managerclaude", "type": "message", "target": "jazclaude", "body": "..." }
]}

Container Management — Admin only

POST /api/container/start   { "from": "chasclaude", "name": "seanclaude" }
POST /api/container/stop    { "from": "chasclaude", "name": "seanclaude" }
POST /api/container/snapshot { "from": "chasclaude", "name": "seanclaude" }
POST /api/container/restore  { "from": "chasclaude", "name": "seanclaude", "snapshot": "2026-02-27" }

New MCP Tools

Available to all instances

Admin only (chasclaude)

Database Schema Additions

-- Permissions (new)
CREATE TABLE exec_permissions (
  source TEXT NOT NULL,
  target TEXT NOT NULL,
  can_exec INTEGER DEFAULT 0,
  granted_by TEXT NOT NULL,
  granted_at TEXT DEFAULT (datetime('now')),
  PRIMARY KEY (source, target)
);

-- Activity log (new)
CREATE TABLE activity_log (
  id INTEGER PRIMARY KEY AUTOINCREMENT,
  timestamp TEXT DEFAULT (datetime('now')),
  from_machine TEXT NOT NULL,
  type TEXT NOT NULL,          -- 'message', 'exec', 'file_read', 'file_write', 'permit', 'container'
  target TEXT,
  detail TEXT,                 -- command, path, or message summary
  result TEXT                  -- 'ok', 'denied', 'error'
);

-- Messages table (existing, unchanged)

Telegram Enhancements

Chas can manage permissions from Telegram:

@chasclaude permit managerclaude all
@chasclaude revoke managerclaude all
@chasclaude permit jazclaude seanclaude
@chasclaude permissions
@chasclaude status
@chasclaude snapshot seanclaude

All exec calls are echoed to Telegram with truncated output for visibility.

Migration from v1

The hub upgrade is backwards-compatible:

1. Existing message endpoints unchanged
2. New tables added alongside existing messages table
3. MCP server gets additional tools but existing tools work the same
4. ser-8 continues connecting via SSH — gets messaging + exec tools but exec runs via SSH rather than LXD