# Agent Notes

Madagascar Local Authority is the local authority application for the Madagascar network.

Start with these documents:

- [README.md](README.md) - current repository, deployment model, runtime paths, GitPrep remote.
- [.doc/host-manager.md](.doc/host-manager.md) - application behavior, OTP, Work Orders, local CA, registry rules.
- [.doc/local-hosts.md](.doc/local-hosts.md) - local DNS rules, resolver sync, source priority.
- [.doc/development-log.md](.doc/development-log.md) - scope and architecture decisions over time.

Operational rules:

- Develop in this checkout: `/Users/bogdan/Documents/Workspaces/Xdev/Madagascar/LocalAuthority`.
- Canonical git remote is GitPrep: `git@192.168.2.102:repositories/bogdan/LocalAuthority.git`.
- Jumper is the runtime/deployment target, not the primary editing location.
- Deploy application code with `scripts/deploy_to_jumper.sh`.
- Do not deploy `config/` unless the user explicitly asks to replace runtime registry data.
- Treat `config/hosts.yaml`, `config/local-hosts.tsv`, and `config/work-orders.yaml` as operational data that may be changed by the live app.
- Do not install npm, pip, or CPAN packages directly on hosts. Distribution packages are acceptable when needed.
- Perl from the distribution and core/distribution modules are allowed.
- CPAN dependencies must come from the audited local repository if they become necessary.
- Secrets live outside git, mainly under `/etc/xdev/host-manager.env` on jumper.

Before code changes:

```bash
git status --short
```

Before deployment:

```bash
perl -c scripts/host_manager.pl
scripts/deploy_to_jumper.sh --dry-run --allow-dirty
```

Normal deployment after a committed change:

```bash
scripts/deploy_to_jumper.sh
```

After deployment, verify:

```bash
ssh jumper.madagascar.xdev.ro 'systemctl is-active host-manager && curl -fsS http://127.0.0.1:8088/healthz >/dev/null'
```