docs: add agent bootstrap and contract read router

2026-04-02 13:48:36 +03:00
parent 688b87e98d
commit 1d89a4918e
22 changed files with 883 additions and 1284 deletions
--- a/rules/patterns/unattended-boot-services/README.md
+++ b/rules/patterns/unattended-boot-services/README.md
@@ -0,0 +1,80 @@
+# Unattended Boot Services Pattern Notes
+
+This file keeps examples and rationale. The normative rules live in `contract.md`.
+
+## Dependency Skeleton
+
+```sh
+depend() {
+    need localmount
+    after some-service
+    use logger
+}
+```
+
+Avoid `need net` for best-effort services.
+
+## Network-Independent SSH
+
+```sh
+#!/sbin/openrc-run
+description="SSH server"
+
+depend() {
+    need localmount
+    after bee-sshsetup
+    use logger
+}
+
+start() {
+    check_config || return 1
+    ebegin "Starting dropbear"
+    /usr/sbin/dropbear ${DROPBEAR_OPTS}
+    eend $?
+}
+```
+
+Place this in `etc/init.d/dropbear` in the overlay to override package defaults that require network.
+
+## Persistent DHCP
+
+Wrong:
+
+```sh
+udhcpc -i "$iface" -t 3 -T 5 -n -q
+```
+
+Correct:
+
+```sh
+udhcpc -i "$iface" -b -t 0 -T 3 -q
+```
+
+## Typical Start Order
+
+```text
+localmount
+  -> sshsetup
+  -> dropbear
+  -> network
+  -> nvidia
+  -> audit
+```
+
+Use `after` for ordering without turning soft dependencies into hard boot blockers.
+
+## Error Handling Skeleton
+
+```sh
+start() {
+    ebegin "Running audit"
+    /usr/local/bin/audit --output /var/log/audit.json >> /var/log/audit.log 2>&1
+    local rc=$?
+    if [ $rc -eq 0 ]; then
+        einfo "Audit complete"
+    else
+        ewarn "Audit finished with errors — check /var/log/audit.log"
+    fi
+    eend 0
+}
+```