4ff8c3f78d
systemd/agent-watcher.service: --user unit with on-failure restart, ProtectSystem=strict, ProtectHome=read-write, NoNewPrivileges=yes, PrivateTmp=yes. JSON logs to journald. Survives reboot via 'loginctl enable-linger'. examples/collector.yaml: working starter config for both sources with inline comments, per-route examples, and the spec §3.1.2 schema for drop files. install.sh: idempotent installer following the agent-ping pattern. Builds the binary, installs it + the unit, drops the example config if absent, reloads systemd, enables, and (unless --no-start) starts the service. Adds drop-folder lifecycle artifacts (*.tmp, .dead-letter/) to workspace .stignore so they don't replicate during processing. Skips Syncthing-related steps gracefully when ~/Nyx/workspace is not present. INSTALL.md: prerequisites, install, configure, verify (drop-file + webhook end-to-end probes), survive-logout, uninstall, troubleshooting table. README.md: rewritten to reflect actual status — v0 working with 43 tests, packaging ready, Layer 2 in progress on Bob's side. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
51 lines
1.7 KiB
YAML
51 lines
1.7 KiB
YAML
# agent-watcher Collector configuration
|
|
#
|
|
# Lives at: ~/.config/agent-watcher/collector.yaml
|
|
# Override with --config or AGENT_WATCHER_CONFIG.
|
|
#
|
|
# At least one source (webhook OR drop_folder) must be configured.
|
|
|
|
# This host's identity. Used in logs only; the inbox writer routes by
|
|
# the recipient field on each event, not this.
|
|
agent: foreman
|
|
|
|
# Optional. Where to write <recipient>.inbox files. Default shown.
|
|
# inbox_dir: ~/Nyx/workspace/pings
|
|
|
|
sources:
|
|
|
|
# HTTP webhook source.
|
|
# v1 binds loopback only — Caddy + bearer-token reverse-proxy is the
|
|
# v2 upgrade path for accepting webhooks from external producers.
|
|
webhook:
|
|
listen: 127.0.0.1:18790
|
|
routes:
|
|
# Path → which inbox to land in, with a Go text/template payload.
|
|
# Variables come from the request body decoded as JSON.
|
|
/forgejo/push:
|
|
recipient: bob
|
|
type: INFO
|
|
payload_template: "forgejo push to {{ .repo }} by {{ .actor }}"
|
|
|
|
# Empty-body posts work too — fixed-string templates render without
|
|
# any data.
|
|
/openrouter/billing-alert:
|
|
recipient: bob
|
|
type: NEEDS-RESPONSE
|
|
priority: urgent
|
|
payload_template: "billing alert: {{ .message }}"
|
|
|
|
# Drop-folder source.
|
|
# Watches a directory via inotify for *.json files matching the spec
|
|
# §3.1.2 schema:
|
|
# {
|
|
# "recipient": "bob",
|
|
# "type": "INFO" | "NEEDS-RESPONSE" | "ACK-REQUEST",
|
|
# "priority": "normal" | "urgent", # optional
|
|
# "payload": "...",
|
|
# "sentinel": "/path/optional" # optional
|
|
# }
|
|
# Valid → emit + delete. Invalid → moved to .dead-letter/ with reason.
|
|
drop_folder:
|
|
path: ~/Nyx/workspace/incoming/
|
|
poll_fallback_seconds: 30 # safety net if inotify misses
|