Erich Blume
d99c962fe1
Deploy hephd --mode server on indri as a self-updating LaunchAgent managed by Ansible (ansible/roles/heph, tag heph), making indri the canonical heph hub for the hub-and-spoke task/context system. - Server mode on 0.0.0.0:8787, self-update every 10 minutes (cargo install from the public forge URL; ~/.cargo/bin on the agent PATH). - heph-pwa shell served via --web-root straight from a version-pinned checkout, TLS-terminated at heph.ops.eblu.me through Caddy (new caddy_services entry). - New Authentik device-code (RFC 8628) OIDC app 'heph' (public client) plus a default-device-code-flow bound to the default brand's flow_device_code. - Docs: new services/hephaestus.md service card (incl. Path A seeding runbook and the gilbert spoke caveat), indri.md service list, changelog fragment. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
589 B
589 B
Added the hephaestus (heph) sync hub to indri as a self-updating LaunchAgent managed by Ansible (ansible/roles/heph, tag heph). The hub runs hephd --mode server behind heph.ops.eblu.me (Caddy TLS), with self-update on a 10-minute interval and the heph-pwa mobile shell served from --web-root. Access is gated by a new Authentik device-code (RFC 8628) OIDC application. Indri is now the canonical hub; other devices (e.g. gilbert) attach as offline-capable spokes. The hub's store was seeded from gilbert via the data-safe Path A bring-up (copy store, reset meta.origin).