m3taversal
799249d470
- teleo-pipeline.py: async daemon with 4 stage loops (ingest/validate/evaluate/merge) - lib/: config, db, evaluate, validate, merge, breaker, costs, health, log modules - INFRASTRUCTURE.md: comprehensive deep-dive for onboarding - teleo-pipeline.service: systemd unit file Pentagon-Agent: Leo <294C3CA1-0205-4668-82FA-B984D54F48AD>
36 lines
954 B
Desktop File
36 lines
954 B
Desktop File
[Unit]
|
|
Description=Teleo Pipeline v2 — extraction/eval/merge daemon
|
|
After=network.target
|
|
Wants=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
User=teleo
|
|
Group=teleo
|
|
WorkingDirectory=/opt/teleo-eval
|
|
ExecStart=/opt/teleo-eval/pipeline/.venv/bin/python3 /opt/teleo-eval/pipeline/teleo-pipeline.py
|
|
Restart=on-failure
|
|
RestartSec=30
|
|
|
|
# Graceful shutdown: SIGTERM → 60s drain → force-cancel → kill subprocesses
|
|
# 180s buffer handles in-flight extractions (up to 10 min each) (Ganymede)
|
|
KillSignal=SIGTERM
|
|
TimeoutStopSec=180
|
|
|
|
# Environment
|
|
Environment=PIPELINE_BASE=/opt/teleo-eval
|
|
EnvironmentFile=-/opt/teleo-eval/secrets/pipeline.env
|
|
|
|
# Logging goes to journal + pipeline.jsonl
|
|
StandardOutput=journal
|
|
StandardError=journal
|
|
|
|
# Security hardening
|
|
NoNewPrivileges=yes
|
|
ProtectSystem=strict
|
|
ReadWritePaths=/opt/teleo-eval /tmp
|
|
# PrivateTmp=no: daemon uses /tmp/teleo-extract-* worktrees shared with git (Ganymede)
|
|
PrivateTmp=no
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|