homelab-codex-ws/docs/stability-agent-rollout.md

# Stability Agent Multi-Node Rollout

## Architecture Summary
The `stability-agent` is a lightweight Python service that monitors node health (disk, Docker containers, Tailscale, MQTT) and publishes state to a central Redis instance running on **PIHA**.

- **Source**: `services/stability-agent`
- **State Path**: `/opt/homelab/state`
- **Events Path**: `/opt/homelab/events`
- **Redis Target**: `100.108.208.3:6379` (PIHA)

## Why UI only showed CHELSTY
Previously, the `stability-agent` had `NODE_NAME` defaulted to `chelsty` and was only deployed there. The Agent System UI materializer on PIHA filters nodes based on the Redis keys `homelab:nodes:<NODE_NAME>`. Without other agents publishing their specific `NODE_NAME`, the UI remained limited to the single active node.

## Deployment

Use the helper script to deploy or generate commands:
```bash
# Print commands
./scripts/deploy/deploy-stability-agent.sh <node-name>

# Deploy via SSH (requires SSH access to the node)
./scripts/deploy/deploy-stability-agent.sh <node-name> --ssh
```

### Manual Steps per Node
The manual steps are encapsulated in `services/stability-agent/deploy-local.sh`. On the target node:
```bash
cd ~/homelab-codex-ws
git pull
cd services/stability-agent
./deploy-local.sh
```

## Verification

### Fleet Overview
Run the verification script from any node with `redis-cli` access:
```bash
./scripts/deploy/verify-agent-fleet.sh
```

### Redis Inspection (on PIHA)
```bash
docker exec agent-system-redis redis-cli KEYS 'homelab:nodes:*'
docker exec agent-system-redis redis-cli HGETALL homelab:nodes:<node-name>
```

Verify Web UI backend:
```bash
curl -s http://127.0.0.1:18180/nodes
curl -k https://agents.okit.pl/nodes
```

## Troubleshooting

- **Redis empty after compose down**: The `agent-system-redis` on PIHA uses transient storage if not configured with a volume. If it restarts, agents must republish their state (they do this automatically every `CHECK_INTERVAL`).
- **Secrets**: `.env` files and local secrets are not committed to the repo. Ensure `MQTT_HOST` and other specific secrets are set via overrides if needed.
- **Telegram**: Telegram bot notifications can remain disabled if `TELEGRAM_BOT_TOKEN` is absent.
- **Docker Socket**: If the agent reports `unavailable` for Docker, ensure `/var/run/docker.sock` is mounted and the user has permissions.
Roll out stability agent to homelab nodes 2026-05-17 15:54:19 +02:00			`# Stability Agent Multi-Node Rollout`

			`## Architecture Summary`
			The `stability-agent` is a lightweight Python service that monitors node health (disk, Docker containers, Tailscale, MQTT) and publishes state to a central Redis instance running on PIHA.

			- Source: `services/stability-agent`
			- State Path: `/opt/homelab/state`
			- Events Path: `/opt/homelab/events`
			- Redis Target: `100.108.208.3:6379` (PIHA)

			`## Why UI only showed CHELSTY`
			Previously, the `stability-agent` had `NODE_NAME` defaulted to `chelsty` and was only deployed there. The Agent System UI materializer on PIHA filters nodes based on the Redis keys `homelab:nodes:<NODE_NAME>`. Without other agents publishing their specific `NODE_NAME`, the UI remained limited to the single active node.

Add executable stability agent fleet deploy scripts 2026-05-17 17:32:10 +02:00			`## Deployment`
Roll out stability agent to homelab nodes 2026-05-17 15:54:19 +02:00
Add executable stability agent fleet deploy scripts 2026-05-17 17:32:10 +02:00			`Use the helper script to deploy or generate commands:`
Roll out stability agent to homelab nodes 2026-05-17 15:54:19 +02:00			```bash
Add executable stability agent fleet deploy scripts 2026-05-17 17:32:10 +02:00			`# Print commands`
Roll out stability agent to homelab nodes 2026-05-17 15:54:19 +02:00			`./scripts/deploy/deploy-stability-agent.sh <node-name>`

Add executable stability agent fleet deploy scripts 2026-05-17 17:32:10 +02:00			`# Deploy via SSH (requires SSH access to the node)`
			`./scripts/deploy/deploy-stability-agent.sh <node-name> --ssh`
Roll out stability agent to homelab nodes 2026-05-17 15:54:19 +02:00			```

Add executable stability agent fleet deploy scripts 2026-05-17 17:32:10 +02:00			`### Manual Steps per Node`
			The manual steps are encapsulated in `services/stability-agent/deploy-local.sh`. On the target node:
Roll out stability agent to homelab nodes 2026-05-17 15:54:19 +02:00			```bash
			`cd ~/homelab-codex-ws`
			`git pull`
			`cd services/stability-agent`
Add executable stability agent fleet deploy scripts 2026-05-17 17:32:10 +02:00			`./deploy-local.sh`
Roll out stability agent to homelab nodes 2026-05-17 15:54:19 +02:00			```

Add executable stability agent fleet deploy scripts 2026-05-17 17:32:10 +02:00			`## Verification`
Roll out stability agent to homelab nodes 2026-05-17 15:54:19 +02:00
Add executable stability agent fleet deploy scripts 2026-05-17 17:32:10 +02:00			`### Fleet Overview`
			Run the verification script from any node with `redis-cli` access:
Roll out stability agent to homelab nodes 2026-05-17 15:54:19 +02:00			```bash
Add executable stability agent fleet deploy scripts 2026-05-17 17:32:10 +02:00			`./scripts/deploy/verify-agent-fleet.sh`
Roll out stability agent to homelab nodes 2026-05-17 15:54:19 +02:00			```

Add executable stability agent fleet deploy scripts 2026-05-17 17:32:10 +02:00			`### Redis Inspection (on PIHA)`
Roll out stability agent to homelab nodes 2026-05-17 15:54:19 +02:00			```bash
			`docker exec agent-system-redis redis-cli KEYS 'homelab:nodes:*'`
			`docker exec agent-system-redis redis-cli HGETALL homelab:nodes:<node-name>`
			```

			`Verify Web UI backend:`
			```bash
			`curl -s http://127.0.0.1:18180/nodes`
			`curl -k https://agents.okit.pl/nodes`
			```

			`## Troubleshooting`

			- Redis empty after compose down: The `agent-system-redis` on PIHA uses transient storage if not configured with a volume. If it restarts, agents must republish their state (they do this automatically every `CHECK_INTERVAL`).
			- Secrets: `.env` files and local secrets are not committed to the repo. Ensure `MQTT_HOST` and other specific secrets are set via overrides if needed.
			- Telegram: Telegram bot notifications can remain disabled if `TELEGRAM_BOT_TOKEN` is absent.
			- Docker Socket: If the agent reports `unavailable` for Docker, ensure `/var/run/docker.sock` is mounted and the user has permissions.