feat(WARDEN-WP-0021): T1+T2 — scheduled worker tick enabled (systemd --user timer)

T1: systemd --user units (ops-warden-worker.{service,timer}) + scripts/install-worker-timer.sh
(--enable opt-in, cron fallback documented) + examples/worker.env.example. Kill switch:
`systemctl --user disable --now ops-warden-worker.timer` or WORKER_ENABLED=0. Installed and
ENABLED — verified a real systemd run (Result=success, used the llm brain) and the timer is
active (next run +15min).

T2: hardened worker-tick.sh — State Hub /state/health precheck → graceful skip (exit 0) when
unreachable; worker-run failure logged but never fails the unit (retry next tick). Verified
hub-down skip and a live tick.

Conservative tier only; nothing auto-sent. Kill switch is one command.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
2026-06-30 15:19:23 +02:00
parent 97504aa444
commit 9dc1db0162
6 changed files with 105 additions and 5 deletions

View File

@@ -0,0 +1,14 @@
[Unit]
Description=ops-warden conservative coordination worker (one tick)
Documentation=https://gitea.coulomb.social/coulomb/ops-warden
After=network-online.target
Wants=network-online.target
[Service]
Type=oneshot
# uv lives in ~/.local/bin; kubectl in /usr/local/bin or /usr/bin.
Environment=PATH=%h/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
EnvironmentFile=%h/.config/warden/worker.env
ExecStart=@ROOT@/scripts/worker-tick.sh
# A graceful skip (hub down, WORKER_ENABLED=0) exits 0; never restart-loop.
TimeoutStartSec=180

View File

@@ -0,0 +1,11 @@
[Unit]
Description=Run the ops-warden conservative worker tick every 15 minutes
[Timer]
OnBootSec=2min
OnUnitActiveSec=15min
# Catch up one missed run if the machine was asleep, but don't stack.
Persistent=true
[Install]
WantedBy=timers.target