HQ

HQ01

Intelligence

Artifacts

Browse the repository, read documents, and manage the governance folders. Source, runtime, and infrastructure are read-only.

Repository

AAF_CONSTITUTION_V5-1.md CANONICAL_00_AAF_Holdings_Operating_System.md CANONICAL_MISSION_OS_DOCTRINE_V1.md

AAF_CONSTITUTION_V5-1.md

AGENT_Z_CONSTITUTION_V1.md

customer-success

executive-cockpit

MS-0001-build-holdings

docker-compose.yml

docker-compose.yml

hq01-systemctl.sudoers hq01.service README.md

agent-z-mission-dispatch-verification-do-mqd27apn.md

executives.json

engineering-intelligence-model.md

hermes.md honcho.md mempalace.md readiness-report.md README.md serena.md

CANONICAL_MISSION_OS_ROADMAP_V1.md CANONICAL_ORGANIZATION_OS_ROADMAP.md

assignment-template.md work-order-template.md

config.ts ledger.ts types.ts

artifacts.ts assignments.ts config.ts executives.ts fs.ts missions.ts normalize.ts overview.ts reports.ts types.ts work-orders.ts

briefing.ts config.ts memos.ts offices.ts proposals.ts registry.ts router.ts types.ts

config.ts manager.ts

mission-control

assignments.ts config.ts governance.ts lifecycle.ts manager.ts objectives.ts reports.ts store.ts types.ts work-orders.ts

signal.ts spawn.ts

config.ts manager.ts presets.ts README.md store.ts types.ts

config.ts upload.ts

config.ts instances.ts templates.ts types.ts

.gitignore Dockerfile next-env.d.ts next.config.mjs package-lock.json package.json postcss.config.mjs README.md tailwind.config.ts tsconfig.json tsconfig.tsbuildinfo

agent-z.yaml real-estate-executive.yaml shared-platform-executive.yaml

WO-0001-initialize-holdings-repository

CANONICAL_MISSION_OS_ROADMAP_V1.md CANONICAL_ORGANIZATION_OS_ROADMAP.md

agent-z-mission-dispatch-verification-do-mqd27apn

metadata.json session.json stderr.log stdout.log

2026-06-14T00-41-50-843Z-agent-z

worker-template.json

worker-template.json

worker-template.json

worker-template.json

worker-template.json

worker-template.json

CONSTITUTION_COMPLIANCE_AUDIT_V1.md README.md

repositories/aaf-holdings/hq01/lib/files/config.ts

1003 B

import { ALLOWED_EXTENSIONS, MAX_UPLOAD_BYTES } from "@/lib/uploads/config";

/**
 * Configuration for the HQ01 document file-manager.
 *
 * The file-manager lets the CEO create/delete folders and documents from the
 * Artifacts page. To keep that power safe, every operation is confined to a
 * fixed set of "managed roots" — the governance/document areas of the
 * workspace. The repository source, the live runtime state, and the
 * infrastructure (traefik/systemd/secrets) are deliberately NOT managed: the
 * file-manager physically cannot create or delete anything outside this list.
 */

/** Top-level folders (relative to the content root) the file-manager may touch. */
export const MANAGED_ROOTS = [
  "canonical",
  "constitutions",
  "doctrine",
  "roadmaps",
  "templates",
  "artifacts",
  "uploads",
] as const;

export type ManagedRoot = (typeof MANAGED_ROOTS)[number];

// Documents accepted by the manager match the uploader's rules.
export { ALLOWED_EXTENSIONS, MAX_UPLOAD_BYTES };

root · /srv/aaf