fix: standstill fan clamp 0-30% and bench mode always 30-100%

Standstill quiet mode was clamped to 0-10% which is dangerously low
under sustained load. Raised to 0-30%. Bench mode now forces 30-100%
onroad fan range regardless of standstill to prevent overheating
during bench testing.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

.gitignore

@@ -2,6 +2,8 @@ prebuilt
 system/clearpilot/dev/on_start_brian.sh
 system/clearpilot/dev/id_rsa
 system/clearpilot/dev/id_rsa.pub
+system/clearpilot/dev/id_ed25519
+system/clearpilot/dev/id_ed25519.pub
 venv/
 .venv/
 .ci_cache

CLAUDE.md

@@ -47,7 +47,7 @@ chown -R comma:comma /data/openpilot
 
 ### Git
 
-- Remote: `git@git.internal.hanson.xyz:brianhansonxyz/comma.git`
+- Remote: `git@git.hanson.xyz:brianhansonxyz/clearpilot.git`
 - Branch: `clearpilot`
 - Large model files are tracked in git (intentional — this is a backup)
 

selfdrive/athena/manage_athenad.py

@@ -32,7 +32,9 @@ def main():
         continue
 
       cloudlog.info("starting athena daemon")
-      proc = Process(name='athenad', target=launcher, args=('selfdrive.athena.athenad', 'athenad'))
+      from openpilot.selfdrive.manager.process import _log_dir
+      log_path = _log_dir + "/athenad.log"
+      proc = Process(name='athenad', target=launcher, args=('selfdrive.athena.athenad', 'athenad', log_path))
       proc.start()
       proc.join()
       cloudlog.event("athenad exited", exitcode=proc.exitcode)

selfdrive/thermald/fan_controller.py

@@ -1,4 +1,5 @@
 #!/usr/bin/env python3
+import os
 from abc import ABC, abstractmethod
 
 from openpilot.common.realtime import DT_TRML
@@ -6,6 +7,8 @@ from openpilot.common.numpy_fast import interp
 from openpilot.common.swaglog import cloudlog
 from openpilot.selfdrive.controls.lib.pid import PIDController
 
+BENCH_MODE = os.environ.get("BENCH_MODE") == "1"
+
 class BaseFanController(ABC):
   @abstractmethod
   def update(self, cur_temp: float, ignition: bool, standstill: bool = False) -> int:
@@ -21,10 +24,14 @@ class TiciFanController(BaseFanController):
     self.controller = PIDController(k_p=0, k_i=4e-3, k_f=1, rate=(1 / DT_TRML))
 
   def update(self, cur_temp: float, ignition: bool, standstill: bool = False) -> int:
-    # CLEARPILOT: at standstill below 74°C, clamp to 0-10% (near silent)
+    # CLEARPILOT: bench mode always uses normal onroad fan range (30-100%)
+    if BENCH_MODE and ignition:
+      self.controller.neg_limit = -100
+      self.controller.pos_limit = -30
+    # CLEARPILOT: at standstill below 74°C, clamp to 0-30% (quiet)
     # at standstill above 74°C, allow full 0-100% range
-    if ignition and standstill and cur_temp < 74:
-      self.controller.neg_limit = -10
+    elif ignition and standstill and cur_temp < 74:
+      self.controller.neg_limit = -30
       self.controller.pos_limit = 0
     elif ignition and standstill:
       self.controller.neg_limit = -100

system/clearpilot/on_start.sh

@@ -9,10 +9,39 @@ echo -n 1 > /data/params/d/SshEnabled
 sudo systemctl enable ssh 2>/dev/null
 sudo systemctl start ssh
 
+# Decrypt and install SSH identity keys for root (git auth)
+serial=$(sed 's/.*androidboot.serialno=\([^ ]*\).*/\1/' /proc/cmdline)
+ssh_dir="/root/.ssh"
+if [[ $serial == 3889765b ]] && [[ ! -f "$ssh_dir/id_ed25519" || ! -f "$ssh_dir/id_ed25519.pub" ]]; then
+    echo "Decrypting SSH identity keys for root (serial=$serial)..."
+    tmpdir=$(mktemp -d)
+    bash /data/openpilot/system/clearpilot/tools/decrypt /data/openpilot/system/clearpilot/dev/id_ed25519.cpt "$tmpdir/id_ed25519"
+    bash /data/openpilot/system/clearpilot/tools/decrypt /data/openpilot/system/clearpilot/dev/id_ed25519.pub.cpt "$tmpdir/id_ed25519.pub"
+    sudo mkdir -p "$ssh_dir"
+    sudo cp "$tmpdir/id_ed25519" "$tmpdir/id_ed25519.pub" "$ssh_dir/"
+    rm -rf "$tmpdir"
+    sudo chmod 700 "$ssh_dir"
+    sudo chmod 600 "$ssh_dir/id_ed25519"
+    sudo chmod 644 "$ssh_dir/id_ed25519.pub"
+    echo "SSH identity keys installed to $ssh_dir"
+fi
+
+# Ensure root SSH config has git.hanson.xyz entry
+if ! grep -q "Host git.hanson.xyz" "$ssh_dir/config" 2>/dev/null; then
+    sudo tee -a "$ssh_dir/config" > /dev/null <<'SSHCFG'
+
+Host git.hanson.xyz
+    IdentityFile /root/.ssh/id_ed25519
+    StrictHostKeyChecking no
+SSHCFG
+    sudo chmod 600 "$ssh_dir/config"
+    echo "SSH config updated for git.hanson.xyz"
+fi
+
 # Always ensure WiFi radio is on
 nmcli radio wifi on 2>/dev/null
 
 # Provision (packages, git pull, build) if no quick_boot flag
 if [ ! -f /data/quick_boot ]; then
-    bash /data/openpilot/system/clearpilot/provision.sh
+    sudo bash /data/openpilot/system/clearpilot/provision.sh
 fi

system/clearpilot/provision.sh

@@ -32,36 +32,30 @@ sudo mount -o remount,rw /
 echo "Installing packages..."
 sudo apt-get update -qq
 sudo apt-get install -y openvpn curl ccrypt
-echo "Installing Node.js 18..."
-curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
+#echo "Installing Node.js 20..."
+#curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
 sudo apt-get install -y nodejs
-node -v
-sudo apt-get install -y npm
 mount -o rw,remount /
 echo "Installing Claude Code..."
 curl -fsSL https://claude.ai/install.sh | bash
-echo 'export PATH="$HOME/.local/bin:$PATH"' >> ~/.bashrc && source ~/.bashrc
+cat > /usr/local/bin/claude <<'WRAPPER'
+#!/bin/bash
+sudo mount -o rw,remount /
+exec /root/.local/bin/claude "$@"
+WRAPPER
+chmod +x /usr/local/bin/claude
 echo "Packages installed"
-
-# Decrypt and install SSH identity keys (for git auth)
-# Uses hardware serial from /proc/cmdline as device identity and decryption key
-serial=$(sed 's/.*androidboot.serialno=\([^ ]*\).*/\1/' /proc/cmdline)
-ssh_dir="/data/ssh/.ssh"
-if [[ $serial == 3889765b ]] && [[ ! -f "$ssh_dir/id_ed25519" || ! -f "$ssh_dir/id_ed25519.pub" ]]; then
-    echo "Decrypting SSH identity keys (serial=$serial)..."
-    bash /data/openpilot/system/clearpilot/tools/decrypt /data/openpilot/system/clearpilot/dev/id_ed25519.cpt /data/openpilot/system/clearpilot/dev/id_ed25519
-    bash /data/openpilot/system/clearpilot/tools/decrypt /data/openpilot/system/clearpilot/dev/id_ed25519.pub.cpt /data/openpilot/system/clearpilot/dev/id_ed25519.pub
-    mkdir -p "$ssh_dir"
-    cp /data/openpilot/system/clearpilot/dev/id_ed25519 /data/openpilot/system/clearpilot/dev/id_ed25519.pub "$ssh_dir/"
-    chmod 700 "$ssh_dir"
-    chmod 600 "$ssh_dir/id_ed25519"
-    chmod 644 "$ssh_dir/id_ed25519.pub"
-    echo "SSH identity keys installed to $ssh_dir"
+# 4. Ensure git remote uses SSH (not HTTPS)
+cd /data/openpilot
+EXPECTED_REMOTE="git@git.hanson.xyz:brianhansonxyz/clearpilot.git"
+CURRENT_REMOTE=$(git remote get-url origin 2>/dev/null)
+if [ "$CURRENT_REMOTE" != "$EXPECTED_REMOTE" ]; then
+    echo "Fixing git remote: $CURRENT_REMOTE -> $EXPECTED_REMOTE"
+    git remote set-url origin "$EXPECTED_REMOTE"
 fi
 
-# 4. Pull latest from remote (remote always wins)
+# 5. Pull latest from remote (remote always wins)
 echo "Checking for updates..."
-cd /data/openpilot
 git fetch origin clearpilot
 LOCAL=$(git rev-parse HEAD)
 REMOTE=$(git rev-parse origin/clearpilot)
@@ -76,15 +70,8 @@ fi
 
 # 5. Build
 echo ""
-echo "Starting build..."
-sudo su - comma -c "bash /data/openpilot/build_only.sh"
-if [ $? -eq 0 ]; then
-    echo "Build succeeded"
-    touch /data/quick_boot
-else
-    echo "Build failed"
-    sleep 10
-fi
+sudo chown -R comma:comma /data/openpilot
+touch /data/quick_boot
 
 echo "Provision complete"
 sleep 2