dataforge/agents_and_robots
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity
Files
aac6dbf8b2777c653b2672b7605918dc8485327f
agents_and_robots/dev-scripts/agent/templates/config.sudo.yaml.tmpl
T
egutierrez 4c5bf95def feat(0144b): provision-agent-user.sh script idempotente + templates 
Bash script que provisiona Matrix user via Synapse admin API + login para
access_token + scaffold completo (config.yaml, agent.go, prompts/system.md).
6 templates (user/sudo x config/agent.go/prompt). 20 tests bash pasan.
Genera .env con AGENT_<ID>_TOKEN/PASSWORD/PICKLE/DEVICE_ID + URL mesh.
2026-05-24 14:07:13 +02:00

255 lines
5.9 KiB
Cheetah
Raw Blame History

# ============================================
# IDENTIDAD — agent LLM sudo-scope (mode=sudo)
# ============================================
# Generado por dev-scripts/agent/provision-agent-user.sh
# Issue 0144 §6.1. NO editar a mano sin razon — re-provisionar reescribe.
#
# CADA tool call sudo dispara approval request a #operator-approvals.
# Sin 👍 del operador en 60s -> timeout.
agent:
id: {{AGENT_ID}}
name: "{{DISPLAY_NAME}}"
version: "0.1.0"
enabled: true
description: "Conversational LLM agent for {{HOST}} (sudo-scope). All tools require operator approval. Receives delegations from agent-{{HOST}}."
tags: [agent, llm, devicemesh, {{HOST}}, sudo]
type: agent
# ============================================
# PERSONALIDAD — formal, gated
# ============================================
personality:
tone: formal
verbosity: concise
language: es
languages_supported: [es, en]
emoji_style: minimal
prefix: "🔒"
error_style: detailed
templates:
greeting: "Soy {{DISPLAY_NAME}}, scope sudo en {{HOST}}. Cada acción requiere tu aprobación."
unknown_command: "Comando no reconocido."
permission_denied: "Acción rechazada por policy interna del agent sudo."
error: "Operación fallida: {{.Error}}"
success: "{{.Summary}}"
busy: "Esperando aprobación del operador, dame un momento..."
behavior:
proactive: false
ask_confirmation: true
show_reasoning: true
thread_replies: true
typing_indicator: true
acknowledge_receipt: true
# ============================================
# LLM
# ============================================
llm:
primary:
provider: claude-code
model: ""
api_key_env: ""
base_url: ""
max_tokens: 4096
temperature: 0.2
claude_code:
binary: "claude"
timeout: 5m
disable_tools: true
allowed_tools: []
disallowed_tools: []
working_dir: "/tmp/claude-agents/{{AGENT_ID}}"
permission_mode: "bypassPermissions"
model: "sonnet"
fallback_model: ""
session_id: ""
add_dirs: []
fallback:
provider: ""
model: ""
api_key_env: ""
base_url: ""
max_tokens: 0
temperature: 0
reasoning:
system_prompt_file: "prompts/system.md"
context_window: 32768
memory_messages: 50
tool_use:
enabled: true
max_iterations: 8
parallel_calls: false
rate_limit:
requests_per_minute: 30
tokens_per_minute: 100000
concurrent_requests: 3
# ============================================
# DEVICE MESH — solo tools sudo (todas requieren approval)
# ============================================
device_mesh:
enabled: true
device_id: {{HOST}}
mode: sudo
manifest_id: manifest_{{HOST}}-sudo_v1
device_agent_url_env: {{AGENT_ID_UPPER}}_DEVICE_MESH_URL
client_timeout_s: 120
tools_allowed:
- exec
- fs.read
- fs.write
- fs.list
- fs.stat
- pkg.install
- pkg.search
- proc.list
- proc.kill
- current_time
- memory.recall
- memory.note
rate_limit:
tools_per_minute: 20
tools_per_turn: 6
# ============================================
# TOOLS
# ============================================
tools:
ssh:
enabled: false
allowed_targets: []
forbidden_commands: []
timeout: 0s
max_concurrent: 0
require_confirmation: []
http:
enabled: false
allowed_domains: []
timeout: 0s
max_retries: 0
scripts:
enabled: false
scripts_dir: ""
allowed: []
timeout: 0s
sandbox: false
file_ops:
enabled: false
allowed_paths: []
read_only: true
mcp:
enabled: false
servers: []
expose:
port: 0
tools: []
memory:
enabled: true
knowledge:
enabled: false
# ============================================
# MEMORIA
# ============================================
memory:
enabled: true
window_size: 50
db_path: "./agents/{{AGENT_ID}}/data/memory.db"
# ============================================
# MATRIX
# ============================================
matrix:
homeserver: "{{MATRIX_HOMESERVER}}"
user_id: "@{{AGENT_ID}}:{{MATRIX_SERVER_NAME}}"
access_token_env: MATRIX_TOKEN_{{AGENT_ID_UPPER}}
device_id: "{{MATRIX_DEVICE_ID}}"
encryption:
enabled: true
store_path: "./agents/{{AGENT_ID}}/data/crypto/"
pickle_key_env: PICKLE_KEY_{{AGENT_ID_UPPER}}
trust_mode: tofu
recovery_key_env: SSSS_RECOVERY_KEY_{{AGENT_ID_UPPER}}
rooms:
listen: []
respond: []
admin: []
filters:
command_prefix: "!"
mention_respond: true
dm_respond: true
ignore_bots: true
ignore_users: []
unauthorized_response: silent
min_power_level: 0
threads:
enabled: true
auto_thread: false
# ============================================
# SSH — no aplica
# ============================================
ssh:
defaults:
user: ""
port: 22
key_file_env: ""
known_hosts: ""
keepalive_interval: 0s
timeout: 0s
targets: {}
# ============================================
# SEGURIDAD
# ============================================
security:
audit:
enabled: true
log_file: "./agents/{{AGENT_ID}}/data/audit.log"
log_to_room: ""
include: [tool_call, llm_request, command, approval_request, approval_grant, approval_deny]
secrets:
provider: env
sanitize:
enabled: true
mode: warn
min_severity: medium
disabled_patterns: []
tool_rate_limit:
enabled: true
max_calls_per_min: 20
cleanup_interval_s: 60
# ============================================
# SCHEDULING
# ============================================
schedules: []
# ============================================
# STORAGE
# ============================================
storage:
base_path: ""
# ============================================
# OPERATOR
# ============================================
operator:
matrix_id: "{{OPERATOR_MATRIX_ID}}"
requires_approval: true
approvals_room: "#operator-approvals:{{MATRIX_SERVER_NAME}}"
Reference in New Issue View Git Blame Copy Permalink