4ff8c3f78d
systemd/agent-watcher.service: --user unit with on-failure restart, ProtectSystem=strict, ProtectHome=read-write, NoNewPrivileges=yes, PrivateTmp=yes. JSON logs to journald. Survives reboot via 'loginctl enable-linger'. examples/collector.yaml: working starter config for both sources with inline comments, per-route examples, and the spec §3.1.2 schema for drop files. install.sh: idempotent installer following the agent-ping pattern. Builds the binary, installs it + the unit, drops the example config if absent, reloads systemd, enables, and (unless --no-start) starts the service. Adds drop-folder lifecycle artifacts (*.tmp, .dead-letter/) to workspace .stignore so they don't replicate during processing. Skips Syncthing-related steps gracefully when ~/Nyx/workspace is not present. INSTALL.md: prerequisites, install, configure, verify (drop-file + webhook end-to-end probes), survive-logout, uninstall, troubleshooting table. README.md: rewritten to reflect actual status — v0 working with 43 tests, packaging ready, Layer 2 in progress on Bob's side. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
26 lines
763 B
Desktop File
26 lines
763 B
Desktop File
[Unit]
|
|
Description=agent-watcher Collector — converts external events to ping inbox writes
|
|
Documentation=https://git.botbought.ai/foreman/agent-watcher
|
|
After=network-online.target
|
|
Wants=network-online.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
ExecStart=%h/.local/bin/agent-watcher --json-log
|
|
Restart=on-failure
|
|
RestartSec=5
|
|
# small daemon; no need for elevated limits
|
|
LimitNOFILE=4096
|
|
# read-only by intent; the daemon writes only to the inbox dir which is
|
|
# inside $HOME and unaffected by ProtectSystem.
|
|
ProtectSystem=strict
|
|
ProtectHome=read-write
|
|
PrivateTmp=yes
|
|
NoNewPrivileges=yes
|
|
# stdout/stderr go to journald automatically; --json-log makes them parseable
|
|
StandardOutput=journal
|
|
StandardError=journal
|
|
SyslogIdentifier=agent-watcher
|
|
|
|
[Install]
|
|
WantedBy=default.target
|