Initial documentation structure

2025-09-04 02:19:22 +00:00
commit 66d97011ab
18 changed files with 3114 additions and 0 deletions
--- a/infrastructure/systemd/gitea-webhook.service
+++ b/infrastructure/systemd/gitea-webhook.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=Gitea Webhook Listener for AI Feedback
+After=network.target
+
+[Service]
+Type=simple
+User=netops
+WorkingDirectory=/home/netops/orchestrator
+#ExecStart=/usr/bin/python3 /home/netops/orchestrator/webhook_listener.py
+ExecStart=/home/netops/orchestrator/venv/bin/python /home/netops/orchestrator/webhook_listener.py
+Restart=always
+RestartSec=10
+StandardOutput=journal
+StandardError=journal
+EnvironmentFile=-/home/netops/.env
+
+[Install]
+WantedBy=multi-user.target
--- a/infrastructure/systemd/orchestrator.service
+++ b/infrastructure/systemd/orchestrator.service
@@ -0,0 +1,47 @@
+[Unit]
+Description=Network AI Orchestrator Service
+Documentation=https://git.salmutt.dev/sal/srx-config
+After=network-online.target
+Wants=network-online.target
+RequiresMountsFor=/shared/ai-gitops
+
+[Service]
+Type=simple
+User=netops
+Group=netops
+WorkingDirectory=/home/netops/orchestrator
+
+# Load environment variables
+EnvironmentFile=-/home/netops/.env
+
+# Python virtual environment activation and script execution
+ExecStart=/home/netops/orchestrator/venv/bin/python /home/netops/orchestrator/orchestrator_main.py
+
+# Restart configuration
+Restart=on-failure
+RestartSec=30
+StartLimitInterval=200
+StartLimitBurst=5
+
+# Resource limits
+MemoryLimit=8G
+CPUQuota=50%
+
+# Environment variables
+Environment="PYTHONUNBUFFERED=1"
+Environment="ORCHESTRATOR_ENV=production"
+
+# Logging
+StandardOutput=journal
+StandardError=journal
+SyslogIdentifier=orchestrator
+
+# Security hardening
+PrivateTmp=yes
+NoNewPrivileges=true
+ProtectSystem=strict
+ProtectHome=read-only
+ReadWritePaths=/shared/ai-gitops /home/netops/orchestrator/logs /var/lib/orchestrator /var/log/orchestrator
+
+[Install]
+WantedBy=multi-user.target