4bccbf28f3
- ops-agent/: Node.js Fastify+TypeScript service
- GET /agent/v1/health
- POST /agent/v1/exec → SSE stream (stdout/stderr/exit events)
- Whitelist geladen uit /etc/ops-agent/commands.yml bij opstart
- Auth via Bearer shared secret (/etc/ops-agent/secret, mode 0640)
- Vier standaard commando's: docker_ps, git_status, systemctl_status,
caddy_show_config
- deploy/ops-agent/ops-agent.service: systemd-unit (User=ops-agent,
Restart=on-failure, StandardOutput=journal)
- deploy/ops-agent/setup.sh: aanmaken system-user, build, deploy,
systemctl enable --now ops-agent
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
23 lines
571 B
Desktop File
23 lines
571 B
Desktop File
[Unit]
|
||
Description=Ops Agent – privileged command bridge for ops-dashboard
|
||
After=network.target
|
||
|
||
[Service]
|
||
Type=simple
|
||
User=ops-agent
|
||
Group=ops-agent
|
||
WorkingDirectory=/opt/ops-agent
|
||
ExecStart=/usr/bin/node /opt/ops-agent/dist/index.js
|
||
Restart=on-failure
|
||
RestartSec=5s
|
||
StandardOutput=journal
|
||
StandardError=journal
|
||
SyslogIdentifier=ops-agent
|
||
|
||
Environment=OPS_AGENT_PORT=4242
|
||
Environment=OPS_AGENT_HOST=127.0.0.1
|
||
Environment=OPS_AGENT_WHITELIST_PATH=/etc/ops-agent/commands.yml
|
||
Environment=OPS_AGENT_SECRET_PATH=/etc/ops-agent/secret
|
||
|
||
[Install]
|
||
WantedBy=multi-user.target
|