Systemd on Yarang's Tech Lairhttps://blog.fcoinfup.com/tags/systemd/Recent content in Systemd on Yarang's Tech LairHugo -- gohugo.ioenFri, 08 May 2026 21:57:11 +0900Building a Multi-LLM Distributed Orchestrator with NATS JetStreamhttps://blog.fcoinfup.com/post/building-a-multi-llm-distributed-orchestrator-with-nats-jetstream/Fri, 08 May 2026 21:57:11 +0900https://blog.fcoinfup.com/post/building-a-multi-llm-distributed-orchestrator-with-nats-jetstream/<p>Part 1 discussed the model-specific limitations discovered while running four AIs—Claude, ZAI, Codex, and Gemini—concurrently on the same tasks. This part is about &ldquo;how we made it possible&rdquo;—the system design and implementation story.</p> <hr> <h2 id="system-overview">System Overview </h2><p>AgentForge consists of three components.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span>[Task Publisher] </span></span><span style="display:flex;"><span> │ NATS JetStream publish </span></span><span style="display:flex;"><span> ▼ </span></span><span style="display:flex;"><span>[NATS Broker] ─── af.worker.{id}.inbox </span></span><span style="display:flex;"><span> │ JetStream consume (independent streams per worker) </span></span><span style="display:flex;"><span> ▼ </span></span><span style="display:flex;"><span>[Worker Pollers] × N (poller.py × 18 instances) </span></span><span style="display:flex;"><span> │ LLM CLI Execution (claude / codex / gemini) </span></span><span style="display:flex;"><span> ▼ </span></span><span style="display:flex;"><span>[Result Return] af.task.{task_id}.completed </span></span></code></pre></div><p>When a publisher posts a task to NATS, each worker, which is independently subscribed, receives the message on its inbox and executes the LLM CLI. The result is then published back to a completion topic.</p> <hr> <h2 id="why-nats-jetstream">Why NATS JetStream? </h2><p>We considered several message broker options: Redis Streams, Kafka, RabbitMQ, and NATS JetStream.</p> <p><strong>Reasons for choosing NATS JetStream:</strong></p> <ol> <li> <p><strong>Single Binary</strong> — Operates with a single <code>nats-server</code> without requiring separate runtimes. It has no dependencies like Kafka&rsquo;s ZooKeeper or RabbitMQ&rsquo;s Erlang/OTP.</p> </li> <li> <p><strong>Built-in Persistence</strong> — JetStream is a streaming layer on top of NATS, storing messages to the filesystem. This ensures that unprocessed tasks are not lost even if a worker restarts.</p> </li> <li> <p><strong>NKey-based Authentication</strong> — We can issue independent Ed25519 key pairs for each worker. If one worker is compromised, the credentials of other workers remain valid.</p> </li> <li> <p><strong>Lightweight</strong> — Memory usage is around 30MB on a single server. Even with 18 workers connected, the broker load is minimal.</p> </li> </ol> <hr> <h2 id="the-core-backend-adapter-in-pollerpy">The Core: Backend Adapter in <code>poller.py</code> </h2><p>The heart of the worker is <code>poller.py</code>. This single file handles NATS subscriptions, LLM CLI execution, and result returns.</p> <p>Since LLMs have different execution methods, we separated them into a backend adapter dictionary.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-python" data-lang="python"><span style="display:flex;"><span>_BACKENDS: dict[str, dict] <span style="color:#f92672">=</span> { </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;claude&#34;</span>: { </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;bin&#34;</span>: os<span style="color:#f92672">.</span>environ<span style="color:#f92672">.</span>get(<span style="color:#e6db74">&#34;CLAUDE_BIN&#34;</span>, <span style="color:#e6db74">&#34;/usr/local/bin/claude&#34;</span>), </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;tools&#34;</span>: os<span style="color:#f92672">.</span>environ<span style="color:#f92672">.</span>get(<span style="color:#e6db74">&#34;ALLOWED_TOOLS&#34;</span>, <span style="color:#e6db74">&#34;Read,Edit,Write,Glob,Grep&#34;</span>), </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;model&#34;</span>: os<span style="color:#f92672">.</span>environ<span style="color:#f92672">.</span>get(<span style="color:#e6db74">&#34;CLAUDE_MODEL&#34;</span>, <span style="color:#e6db74">&#34;&#34;</span>), </span></span><span style="display:flex;"><span> }, </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;codex&#34;</span>: { </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;bin&#34;</span>: os<span style="color:#f92672">.</span>environ<span style="color:#f92672">.</span>get(<span style="color:#e6db74">&#34;CODEX_BIN&#34;</span>, <span style="color:#e6db74">&#34;/usr/bin/codex&#34;</span>), </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;model&#34;</span>: os<span style="color:#f92672">.</span>environ<span style="color:#f92672">.</span>get(<span style="color:#e6db74">&#34;CODEX_MODEL&#34;</span>, <span style="color:#e6db74">&#34;&#34;</span>), </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;sandbox&#34;</span>: os<span style="color:#f92672">.</span>environ<span style="color:#f92672">.</span>get(<span style="color:#e6db74">&#34;CODEX_SANDBOX&#34;</span>, <span style="color:#e6db74">&#34;read-only&#34;</span>), </span></span><span style="display:flex;"><span> }, </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;gemini_cli&#34;</span>: { </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;bin&#34;</span>: os<span style="color:#f92672">.</span>environ<span style="color:#f92672">.</span>get(<span style="color:#e6db74">&#34;GEMINI_BIN&#34;</span>, <span style="color:#e6db74">&#34;/usr/bin/gemini&#34;</span>), </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;model&#34;</span>: os<span style="color:#f92672">.</span>environ<span style="color:#f92672">.</span>get(<span style="color:#e6db74">&#34;GEMINI_MODEL&#34;</span>, <span style="color:#e6db74">&#34;&#34;</span>), </span></span><span style="display:flex;"><span> }, </span></span><span style="display:flex;"><span>} </span></span></code></pre></div><p>The <code>MODEL_BACKEND</code> environment variable determines which LLM to use. This allows the same <code>poller.py</code> code to run different LLMs across 18 workers.</p> <h3 id="claude-backend">Claude Backend </h3><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-python" data-lang="python"><span style="display:flex;"><span><span style="color:#66d9ef">async</span> <span style="color:#66d9ef">def</span> <span style="color:#a6e22e">run_claude</span>(instructions: str, task_id: str) <span style="color:#f92672">-&gt;</span> tuple[int, str]: </span></span><span style="display:flex;"><span> cfg <span style="color:#f92672">=</span> _BACKENDS[<span style="color:#e6db74">&#34;claude&#34;</span>] </span></span><span style="display:flex;"><span> cmd <span style="color:#f92672">=</span> [cfg[<span style="color:#e6db74">&#34;bin&#34;</span>], <span style="color:#e6db74">&#34;--print&#34;</span>, <span style="color:#e6db74">&#34;--allowedTools&#34;</span>, cfg[<span style="color:#e6db74">&#34;tools&#34;</span>]] </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">if</span> cfg<span style="color:#f92672">.</span>get(<span style="color:#e6db74">&#34;model&#34;</span>): </span></span><span style="display:flex;"><span> cmd <span style="color:#f92672">+=</span> [<span style="color:#e6db74">&#34;--model&#34;</span>, cfg[<span style="color:#e6db74">&#34;model&#34;</span>]] </span></span><span style="display:flex;"><span> proc <span style="color:#f92672">=</span> <span style="color:#66d9ef">await</span> asyncio<span style="color:#f92672">.</span>create_subprocess_exec(<span style="color:#f92672">*</span>cmd, stdin<span style="color:#f92672">=</span>PIPE, stdout<span style="color:#f92672">=</span>PIPE, stderr<span style="color:#f92672">=</span>PIPE) </span></span></code></pre></div><p>The <code>--print</code> flag is key. It runs Claude Code in non-interactive mode instead of conversational mode, ensuring the results are returned via stdout.</p> <h3 id="zai-backend">ZAI Backend </h3><p>ZAI offers an Anthropic API-compatible endpoint, so it doesn&rsquo;t require a separate backend. Routing is handled by two environment variables.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-ini" data-lang="ini"><span style="display:flex;"><span><span style="color:#75715e"># /etc/agentforge/cc-zai-high-dev-01.env</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">ANTHROPIC_BASE_URL</span><span style="color:#f92672">=</span><span style="color:#e6db74">&lt;ZAI endpoint&gt;</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">ANTHROPIC_AUTH_TOKEN</span><span style="color:#f92672">=</span><span style="color:#e6db74">&lt;ZAI API key&gt;</span> </span></span></code></pre></div><p>By injecting this file using systemd&rsquo;s <code>EnvironmentFile=</code> directive, the <code>claude</code> binary sends requests to the ZAI endpoint. This allows us to connect to a different LLM provider simply by changing environment variables, without altering the code.</p> <hr> <h2 id="declarative-management-fleetyaml--serversyaml">Declarative Management: <code>fleet.yaml</code> × <code>servers.yaml</code> </h2><p>Manually managing 18 workers is impractical. We declaratively defined the entire infrastructure using two YAML files.</p> <h3 id="serversyaml--server-inventory"><code>servers.yaml</code> — Server Inventory </h3><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#f92672">servers</span>: </span></span><span style="display:flex;"><span> - <span style="color:#f92672">name</span>: <span style="color:#ae81ff">worker-node-1</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">role</span>: <span style="color:#ae81ff">worker-host</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">services</span>: [<span style="color:#ae81ff">agentforge-worker, tunnel-arm1]</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> - <span style="color:#f92672">name</span>: <span style="color:#ae81ff">broker-host</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">role</span>: <span style="color:#ae81ff">broker-host</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">services</span>: [<span style="color:#ae81ff">nats-jetstream, postgres]</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> - <span style="color:#f92672">name</span>: <span style="color:#ae81ff">worker-node-2</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">role</span>: <span style="color:#ae81ff">worker-host</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">services</span>: [<span style="color:#ae81ff">agentforge-worker, tunnel-arm1]</span> </span></span></code></pre></div><h3 id="fleetyaml--worker-placement"><code>fleet.yaml</code> — Worker Placement </h3><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#f92672">workers</span>: </span></span><span style="display:flex;"><span> - <span style="color:#f92672">worker_id</span>: <span style="color:#ae81ff">cc-go-dev-01</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">llm</span>: <span style="color:#ae81ff">claude-code</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">model</span>: <span style="color:#ae81ff">claude-sonnet-4-6</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">lang</span>: <span style="color:#ae81ff">go</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">role</span>: <span style="color:#ae81ff">developer</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">host</span>: <span style="color:#ae81ff">worker-node-1</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">enabled</span>: <span style="color:#66d9ef">true</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">create_pr</span>: <span style="color:#66d9ef">true</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> - <span style="color:#f92672">worker_id</span>: <span style="color:#ae81ff">codex-py-dev-01</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">llm</span>: <span style="color:#ae81ff">codex</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">model</span>: <span style="color:#ae81ff">gpt-5.5</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">lang</span>: <span style="color:#ae81ff">python</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">role</span>: <span style="color:#ae81ff">developer</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">host</span>: <span style="color:#ae81ff">worker-node-1</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">enabled</span>: <span style="color:#66d9ef">true</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">create_pr</span>: <span style="color:#66d9ef">false</span> </span></span></code></pre></div><p>Changing just the <code>host</code> field moves a worker to a different server. Setting <code>enabled: false</code> stops the deployment script from starting that worker.</p> <hr> <h2 id="worker-templating-system-provision_workerpy">Worker Templating System: <code>provision_worker.py</code> </h2><p>Manually writing systemd unit files for each new worker is prone to errors. We automated this using Jinja2 templates and a provisioning script.</p> <h3 id="template-structure">Template Structure </h3><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span>templates/ </span></span><span style="display:flex;"><span> systemd/ </span></span><span style="display:flex;"><span> claude.service.j2 # For claude-code and ZAI alike </span></span><span style="display:flex;"><span> codex.service.j2 # OpenAI Codex </span></span><span style="display:flex;"><span> gemini.service.j2 # Google Gemini CLI </span></span></code></pre></div><p>The core part of <code>claude.service.j2</code>:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-gdscript3" data-lang="gdscript3"><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span>MODEL_BACKEND<span style="color:#f92672">=</span>claude </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span>CLAUDE_BIN<span style="color:#f92672">=</span>{{ claude_bin }} </span></span><span style="display:flex;"><span>{<span style="color:#f92672">%</span> <span style="color:#66d9ef">if</span> claude_model <span style="color:#f92672">%</span>} </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span>CLAUDE_MODEL<span style="color:#f92672">=</span>{{ claude_model }} </span></span><span style="display:flex;"><span>{<span style="color:#f92672">%</span> endif <span style="color:#f92672">%</span>} </span></span><span style="display:flex;"><span>{<span style="color:#f92672">%</span> <span style="color:#66d9ef">if</span> env_file <span style="color:#f92672">%</span>} </span></span><span style="display:flex;"><span>EnvironmentFile<span style="color:#f92672">=</span>{{ env_file }} </span></span><span style="display:flex;"><span>{<span style="color:#f92672">%</span> endif <span style="color:#f92672">%</span>} </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span>WORK_BASE<span style="color:#f92672">=</span>{{ work_base }} </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span>WORK_DIR<span style="color:#f92672">=</span>{{ work_base }}<span style="color:#f92672">/</span>repo </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span><span style="color:#e6db74">&#34;{{ &#39;ALLOWED_TOOLS=&#39; + allowed_tools }}&#34;</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span>CREATE_PR<span style="color:#f92672">=</span>{{ <span style="color:#e6db74">&#39;true&#39;</span> <span style="color:#66d9ef">if</span> create_pr <span style="color:#66d9ef">else</span> <span style="color:#e6db74">&#39;false&#39;</span> }} </span></span><span style="display:flex;"><span>{<span style="color:#f92672">%</span> <span style="color:#66d9ef">if</span> create_pr <span style="color:#f92672">and</span> github_remote <span style="color:#f92672">%</span>} </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span>GITHUB_REMOTE<span style="color:#f92672">=</span>{{ github_remote }} </span></span><span style="display:flex;"><span>{<span style="color:#f92672">%</span> endif <span style="color:#f92672">%</span>} </span></span></code></pre></div><p>For ZAI workers, the <code>env_file</code> block is activated, adding the <code>EnvironmentFile</code>. For PR creation workers, <code>github_remote</code> is injected. Other settings use defaults.</p> <h3 id="provision_workerpy-usage"><code>provision_worker.py</code> Usage </h3><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#75715e"># Preview (no actual deployment)</span> </span></span><span style="display:flex;"><span>python3 scripts/provision_worker.py --worker new-worker-id --dry-run </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Actual deployment (including NATS creds issuance)</span> </span></span><span style="display:flex;"><span>python3 scripts/provision_worker.py --worker new-worker-id --issue-creds </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Bulk deployment for the entire fleet.yaml</span> </span></span><span style="display:flex;"><span>python3 scripts/provision_worker.py --all </span></span></code></pre></div><p>Internal operations:</p> <ol> <li>Reads worker entries from <code>fleet.yaml</code>.</li> <li>Reads target hosts from <code>servers.yaml</code>.</li> <li>Renders Jinja2 templates.</li> <li>Deploys <code>/etc/systemd/system/{worker_id}-poller.service</code> via SSH.</li> <li>Creates the working directory.</li> <li>Executes <code>systemctl daemon-reload &amp;&amp; enable --now</code>.</li> <li>(Optional) Issues NATS NKey with <code>nsc add user</code> → deploys creds → regenerates <code>auth.conf</code>.</li> </ol> <hr> <h2 id="distributed-hosting-adding-workers-to-a-second-server">Distributed Hosting: Adding Workers to a Second Server </h2><p>Running all workers on a single server creates a single point of failure. We added Claude workers to a second host.</p> <p>The method for workers on the second host to connect to the NATS broker is via an autossh tunnel.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-ini" data-lang="ini"><span style="display:flex;"><span><span style="color:#66d9ef">[Unit]</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Description</span><span style="color:#f92672">=</span><span style="color:#e6db74">NATS Broker Tunnel</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">After</span><span style="color:#f92672">=</span><span style="color:#e6db74">network-online.target</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#66d9ef">[Service]</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">ExecStart</span><span style="color:#f92672">=</span><span style="color:#e6db74">/usr/bin/autossh -N \ </span></span></span><span style="display:flex;"><span><span style="color:#e6db74"> -L 4222:127.0.0.1:4222 \ </span></span></span><span style="display:flex;"><span><span style="color:#e6db74"> -i /home/ubuntu/.ssh/id_ed25519 \ </span></span></span><span style="display:flex;"><span><span style="color:#e6db74"> broker-host</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Restart</span><span style="color:#f92672">=</span><span style="color:#e6db74">always</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">RestartSec</span><span style="color:#f92672">=</span><span style="color:#e6db74">10</span> </span></span></code></pre></div><p>With this configuration active, workers always connect to <code>nats://127.0.0.1:4222</code>. They don&rsquo;t need to know the broker host&rsquo;s address. As long as the tunnel is alive, it works the same way from any host.</p> <hr> <h2 id="nats-credential-operations-experience">NATS Credential Operations Experience </h2><p>NATS NKey management was the most complex part of the implementation.</p> <p>NATS JetStream&rsquo;s authentication structure is hierarchical.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span>Operator (Root Signing Authority) </span></span><span style="display:flex;"><span> └── Account: SYS (System Account) </span></span><span style="display:flex;"><span> └── Account: Services (Worker Account) </span></span><span style="display:flex;"><span> ├── User: cc-dev-01 </span></span><span style="display:flex;"><span> ├── User: cc-go-dev-01 </span></span><span style="display:flex;"><span> ├── User: codex-py-dev-01 </span></span><span style="display:flex;"><span> └── ... </span></span></code></pre></div><p>Each worker has an independent User NKey and can publish/subscribe within the permissions scope (<code>af.&gt;</code>, <code>_INBOX.&gt;</code>, <code>$JS.&gt;</code>) of the Services account.</p> <p>Adding a new worker requires the Operator&rsquo;s signing key. We initially made the mistake of not backing up this key, leading to its loss. Consequently, we had to regenerate the entire Operator and replace all worker credentials en masse. The service downtime was approximately 60 seconds.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#75715e"># Regeneration procedure</span> </span></span><span style="display:flex;"><span>nsc add operator AgentForge </span></span><span style="display:flex;"><span>nsc add account SYS </span></span><span style="display:flex;"><span>nsc add account Services </span></span><span style="display:flex;"><span><span style="color:#66d9ef">for</span> worker in cc-dev-01 cc-go-dev-01 ...; <span style="color:#66d9ef">do</span> </span></span><span style="display:flex;"><span> nsc add user --account Services --name $worker <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> --allow-pub <span style="color:#e6db74">&#34;af.&gt;,_INBOX.&gt;,</span>$JS<span style="color:#e6db74">.&gt;&#34;</span> <span style="color:#ae81ff">\ </span></span></span><span style="display:flex;"><span> --allow-sub <span style="color:#e6db74">&#34;af.&gt;,_INBOX.&gt;,</span>$JS<span style="color:#e6db74">.&gt;&#34;</span> </span></span><span style="display:flex;"><span><span style="color:#66d9ef">done</span> </span></span><span style="display:flex;"><span>nsc generate config --mem-resolver --sys-account SYS &gt; auth.new.conf </span></span></code></pre></div><hr> <h2 id="adding-a-new-worker-the-full-procedure">Adding a New Worker: The Full Procedure </h2><p>Since the completion of this system, adding a new worker is straightforward.</p> <p><strong>Step 1</strong>: Add an entry to <code>fleet.yaml</code></p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span>- <span style="color:#f92672">worker_id</span>: <span style="color:#ae81ff">my-new-worker</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">llm</span>: <span style="color:#ae81ff">claude-code</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">model</span>: <span style="color:#ae81ff">claude-haiku-4-5</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">lang</span>: <span style="color:#ae81ff">multi</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">role</span>: <span style="color:#ae81ff">developer</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">host</span>: <span style="color:#ae81ff">worker-node-1</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">enabled</span>: <span style="color:#66d9ef">true</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">create_pr</span>: <span style="color:#66d9ef">false</span> </span></span></code></pre></div><p><strong>Step 2</strong>: Preview</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>python3 scripts/provision_worker.py --worker my-new-worker --dry-run </span></span></code></pre></div><p><strong>Step 3</strong>: Actual Deployment</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>python3 scripts/provision_worker.py --worker my-new-worker --issue-creds </span></span></code></pre></div><p>That&rsquo;s it. Template rendering, SSH deployment, NATS credential issuance, and service registration are all handled by a single command.</p> <hr> <h2 id="next-steps">Next Steps </h2><p>The current system is structured such that workers process tasks independently. Future plans include:</p> <ul> <li><strong>Routing Policies</strong>: Automatically selecting the appropriate worker based on task characteristics (e.g., Go code → <code>claude-go-dev</code>, cost-first → ZAI lightweight tier).</li> <li><strong>Results Comparison Dashboard</strong>: A UI to display fan-out results side-by-side.</li> <li><strong>Cost Tracking</strong>: Aggregating API call costs per worker.</li> </ul> <p>The code is publicly available on GitHub.</p>Building a Blog AI Auto-Comment System (3/3): Deployment and Troubleshootinghttps://blog.fcoinfup.com/post/ai-auto-comment-system-part3-deployment/Sun, 03 May 2026 01:20:00 +0900https://blog.fcoinfup.com/post/ai-auto-comment-system-part3-deployment/<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-gdscript3" data-lang="gdscript3"><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e">## Overview</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span>In [Part <span style="color:#ae81ff">1</span>](<span style="color:#f92672">/</span>ko<span style="color:#f92672">/</span>post<span style="color:#f92672">/</span>ai<span style="color:#f92672">-</span>auto<span style="color:#f92672">-</span>comment<span style="color:#f92672">-</span>system<span style="color:#f92672">-</span>part1<span style="color:#f92672">-</span>architecture<span style="color:#f92672">/</span>), we covered the architecture <span style="color:#f92672">and</span> implementation, <span style="color:#f92672">and</span> <span style="color:#f92672">in</span> [Part <span style="color:#ae81ff">2</span>](<span style="color:#f92672">/</span>ko<span style="color:#f92672">/</span>post<span style="color:#f92672">/</span>ai<span style="color:#f92672">-</span>auto<span style="color:#f92672">-</span>comment<span style="color:#f92672">-</span>system<span style="color:#f92672">-</span>part2<span style="color:#f92672">-</span>security<span style="color:#f92672">/</span>), we looked at security enhancements<span style="color:#f92672">.</span> In this <span style="color:#ae81ff">3</span>rd part, we record the process of deploying to an actual OCI ARM server <span style="color:#f92672">and</span> the troubleshooting encountered<span style="color:#f92672">.</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span>In particular, we share <span style="color:#f92672">in</span> detail the actual debugging process where we tracked <span style="color:#f92672">and</span> resolved the issue of <span style="color:#f92672">**</span>GITHUB_TOKEN <span style="color:#f92672">not</span> loading<span style="color:#f92672">**</span> over <span style="color:#ae81ff">4</span> steps<span style="color:#f92672">.</span> The core of this article is how we narrowed down the cause <span style="color:#f92672">in</span> a situation where <span style="color:#e6db74">&#34;it&#39;s set up, so why isn&#39;t it working?&#34;</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#f92672">---</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e">## Infrastructure Configuration</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e">### Server Configuration</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#f92672">|</span> Server <span style="color:#f92672">|</span> Role <span style="color:#f92672">|</span> Specs <span style="color:#f92672">|</span> </span></span><span style="display:flex;"><span><span style="color:#f92672">|------|------|------|</span> </span></span><span style="display:flex;"><span><span style="color:#f92672">|</span> ec1 (x86) <span style="color:#f92672">|</span> Web Server (nginx, Hugo blog) <span style="color:#f92672">|</span> OCI <span style="color:#f92672">|</span> </span></span><span style="display:flex;"><span><span style="color:#f92672">|</span> arm1 (ARM) <span style="color:#f92672">|</span> Worker Server (Flask, Claude Code) <span style="color:#f92672">|</span> OCI ARM <span style="color:#f92672">|</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span>The blog is built <span style="color:#f92672">and</span> served with Hugo on ec1, <span style="color:#66d9ef">while</span> the AI comment worker runs on arm1<span style="color:#f92672">.</span> The GitHub Webhook is delivered directly to arm1<span style="color:#f92672">.</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e">### Worker Server Directory Structure</span> </span></span></code></pre></div><p>/var/www/auto-comment-worker/ # Application ├── scripts/ │ └── auto-comment-worker.py ├── deploy/ │ └── auto-comment-worker.service ├── venv/ # Python virtual environment └── logs/</p> <p>/etc/auto-comment-worker/ # Credentials ├── github-token # 640, ubuntu:ubuntu └── credentials/ └── webhook-secret # 600, ubuntu:ubuntu</p> <p>/home/ubuntu/.local/bin/claude # Claude Code CLI</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-gdscript3" data-lang="gdscript3"><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#f92672">---</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e">## systemd Service Configuration</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e">### Service File</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#960050;background-color:#1e0010">```</span>ini </span></span><span style="display:flex;"><span>[Unit] </span></span><span style="display:flex;"><span>Description<span style="color:#f92672">=</span>Auto Comment Worker <span style="color:#66d9ef">for</span> Blog </span></span><span style="display:flex;"><span>After<span style="color:#f92672">=</span>network<span style="color:#f92672">.</span>target </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span>[Service] </span></span><span style="display:flex;"><span>Type<span style="color:#f92672">=</span>simple </span></span><span style="display:flex;"><span>User<span style="color:#f92672">=</span>ubuntu </span></span><span style="display:flex;"><span>WorkingDirectory<span style="color:#f92672">=/</span><span style="color:#66d9ef">var</span><span style="color:#f92672">/</span>www<span style="color:#f92672">/</span>auto<span style="color:#f92672">-</span>comment<span style="color:#f92672">-</span>worker </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span>PORT<span style="color:#f92672">=</span><span style="color:#ae81ff">8081</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span>CLAUDE_CODE_PATH<span style="color:#f92672">=/</span>home<span style="color:#f92672">/</span>ubuntu<span style="color:#f92672">/.</span>local<span style="color:#f92672">/</span>bin<span style="color:#f92672">/</span>claude </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span>BLOG_OWNERS<span style="color:#f92672">=</span>yarang </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span>GITHUB_TOKEN_FILE<span style="color:#f92672">=/</span>etc<span style="color:#f92672">/</span>auto<span style="color:#f92672">-</span>comment<span style="color:#f92672">-</span>worker<span style="color:#f92672">/</span>github<span style="color:#f92672">-</span>token </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span>GITHUB_WEBHOOK_SECRET_FILE<span style="color:#f92672">=/</span>etc<span style="color:#f92672">/</span>auto<span style="color:#f92672">-</span>comment<span style="color:#f92672">-</span>worker<span style="color:#f92672">/</span>credentials<span style="color:#f92672">/</span>webhook<span style="color:#f92672">-</span>secret </span></span><span style="display:flex;"><span>ExecStart<span style="color:#f92672">=/</span><span style="color:#66d9ef">var</span><span style="color:#f92672">/</span>www<span style="color:#f92672">/</span>auto<span style="color:#f92672">-</span>comment<span style="color:#f92672">-</span>worker<span style="color:#f92672">/</span>venv<span style="color:#f92672">/</span>bin<span style="color:#f92672">/</span>python <span style="color:#f92672">/</span><span style="color:#66d9ef">var</span><span style="color:#f92672">/</span>www<span style="color:#f92672">/</span>auto<span style="color:#f92672">-</span>comment<span style="color:#f92672">-</span>worker<span style="color:#f92672">/</span>scripts<span style="color:#f92672">/</span>auto<span style="color:#f92672">-</span>comment<span style="color:#f92672">-</span>worker<span style="color:#f92672">.</span>py </span></span><span style="display:flex;"><span>Restart<span style="color:#f92672">=</span>always </span></span><span style="display:flex;"><span>RestartSec<span style="color:#f92672">=</span><span style="color:#ae81ff">10</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Logging</span> </span></span><span style="display:flex;"><span>StandardOutput<span style="color:#f92672">=</span>journal </span></span><span style="display:flex;"><span>StandardError<span style="color:#f92672">=</span>journal </span></span><span style="display:flex;"><span>SyslogIdentifier<span style="color:#f92672">=</span>auto<span style="color:#f92672">-</span>comment<span style="color:#f92672">-</span>worker </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Security</span> </span></span><span style="display:flex;"><span>NoNewPrivileges<span style="color:#f92672">=</span>true </span></span><span style="display:flex;"><span>PrivateTmp<span style="color:#f92672">=</span>true </span></span><span style="display:flex;"><span>ProtectSystem<span style="color:#f92672">=</span>strict </span></span><span style="display:flex;"><span>ProtectHome<span style="color:#f92672">=</span>false </span></span><span style="display:flex;"><span>ReadWritePaths<span style="color:#f92672">=/</span><span style="color:#66d9ef">var</span><span style="color:#f92672">/</span>www<span style="color:#f92672">/</span>auto<span style="color:#f92672">-</span>comment<span style="color:#f92672">-</span>worker <span style="color:#f92672">/</span><span style="color:#66d9ef">var</span><span style="color:#f92672">/</span>log<span style="color:#f92672">/</span>auto<span style="color:#f92672">-</span>comment<span style="color:#f92672">-</span>worker </span></span><span style="display:flex;"><span>ReadOnlyPaths<span style="color:#f92672">=</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Resource Limits</span> </span></span><span style="display:flex;"><span>MemoryMax<span style="color:#f92672">=</span><span style="color:#ae81ff">512</span>M </span></span><span style="display:flex;"><span>CPUQuota<span style="color:#f92672">=</span><span style="color:#ae81ff">50</span><span style="color:#f92672">%</span> </span></span><span style="display:flex;"><span>TasksMax<span style="color:#f92672">=</span><span style="color:#ae81ff">100</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span>[Install] </span></span><span style="display:flex;"><span>WantedBy<span style="color:#f92672">=</span>multi<span style="color:#f92672">-</span>user<span style="color:#f92672">.</span>target </span></span></code></pre></div><h3 id="key-configuration-explanation">Key Configuration Explanation </h3><p><strong><code>Type=simple</code></strong>: Since the Flask worker runs in the foreground, <code>simple</code> is appropriate. <code>forking</code> is used for processes that daemonize.</p> <p><strong><code>User=ubuntu</code></strong>: Although a dedicated service account could be created, it runs as <code>ubuntu</code> because the Claude Code CLI depends on the <code>ubuntu</code> user&rsquo;s home directory configuration.</p> <p><strong><code>ProtectHome=false</code></strong>: Usually set to <code>true</code>, but allows home directory access because Claude Code requires the <code>~/.agent_forge_for_zai.json</code> configuration file.</p> <p><strong><code>ReadOnlyPaths=</code></strong> (Empty value): Initially specified <code>/etc/auto-comment-worker</code>, but left empty due to conflict with <code>ProtectSystem=strict</code>.</p> <h3 id="service-management-commands">Service Management Commands </h3><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#75715e"># Copy service file</span> </span></span><span style="display:flex;"><span>sudo cp deploy/auto-comment-worker.service /etc/systemd/system/ </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Register and start service</span> </span></span><span style="display:flex;"><span>sudo systemctl daemon-reload </span></span><span style="display:flex;"><span>sudo systemctl enable auto-comment-worker </span></span><span style="display:flex;"><span>sudo systemctl start auto-comment-worker </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Check status</span> </span></span><span style="display:flex;"><span>sudo systemctl status auto-comment-worker </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Check logs (real-time)</span> </span></span><span style="display:flex;"><span>sudo journalctl -u auto-comment-worker -f </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Check recent logs</span> </span></span><span style="display:flex;"><span>sudo journalctl -u auto-comment-worker --since <span style="color:#e6db74">&#34;10 minutes ago&#34;</span> </span></span></code></pre></div><hr> <h2 id="nginx-reverse-proxy">nginx Reverse Proxy </h2><h3 id="webhook-endpoint-configuration">Webhook Endpoint Configuration </h3><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#66d9ef">server</span> { </span></span><span style="display:flex;"><span> <span style="color:#f92672">listen</span> <span style="color:#ae81ff">443</span> <span style="color:#e6db74">ssl</span>; </span></span><span style="display:flex;"><span> <span style="color:#f92672">server_name</span> <span style="color:#e6db74">your-domain.com</span>; </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> <span style="color:#75715e"># SSL Configuration </span></span></span><span style="display:flex;"><span> <span style="color:#f92672">ssl_certificate</span> <span style="color:#e6db74">/etc/letsencrypt/live/your-domain.com/fullchain.pem</span>; </span></span><span style="display:flex;"><span> <span style="color:#f92672">ssl_certificate_key</span> <span style="color:#e6db74">/etc/letsencrypt/live/your-domain.com/privkey.pem</span>; </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> <span style="color:#75715e"># Webhook Proxy </span></span></span><span style="display:flex;"><span> <span style="color:#f92672">location</span> <span style="color:#e6db74">/webhook</span> { </span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_pass</span> <span style="color:#e6db74">http://localhost:8081</span>; </span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_set_header</span> <span style="color:#e6db74">Host</span> $host; </span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_set_header</span> <span style="color:#e6db74">X-Real-IP</span> $remote_addr; </span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_set_header</span> <span style="color:#e6db74">X-Forwarded-For</span> $proxy_add_x_forwarded_for; </span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_set_header</span> <span style="color:#e6db74">X-Forwarded-Proto</span> $scheme; </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> <span style="color:#75715e"># GitHub Webhook signature header forwarding (Required!) </span></span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_set_header</span> <span style="color:#e6db74">X-Hub-Signature-256</span> $http_x_hub_signature_256; </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> <span style="color:#75715e"># Timeout (Waiting for Claude Code response) </span></span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_read_timeout</span> <span style="color:#e6db74">120s</span>; </span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_connect_timeout</span> <span style="color:#e6db74">10s</span>; </span></span><span style="display:flex;"><span> } </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> <span style="color:#75715e"># Health check </span></span></span><span style="display:flex;"><span> <span style="color:#f92672">location</span> <span style="color:#e6db74">/health</span> { </span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_pass</span> <span style="color:#e6db74">http://localhost:8081</span>; </span></span><span style="display:flex;"><span> } </span></span><span style="display:flex;"><span>} </span></span></code></pre></div><p><code>proxy_read_timeout 120s</code> is set generously because the Claude Code CLI can take up to 60 seconds to generate an AI response. Since the default timeout for GitHub Webhooks is 10 seconds, asynchronous processing could be considered in practice.</p> <hr> <h2 id="deployment-process">Deployment Process </h2><h3 id="manual-deployment-after-rsync-failure">Manual Deployment (After rsync Failure) </h3><p>Initially, we attempted deployment with rsync, but it failed because the target directory did not exist on the server:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-gdscript3" data-lang="gdscript3"><span style="display:flex;"><span>rsync: [Receiver] mkdir <span style="color:#e6db74">&#34;/var/www/auto-comment-worker/scripts&#34;</span> failed: </span></span><span style="display:flex;"><span>No such file <span style="color:#f92672">or</span> directory </span></span></code></pre></div><p>As an alternative, we proceeded with scp-based manual deployment:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#75715e"># 1. Create directory on server</span> </span></span><span style="display:flex;"><span>ssh ubuntu@arm1 <span style="color:#e6db74">&#34;sudo mkdir -p /var/www/auto-comment-worker/scripts&#34;</span> </span></span><span style="display:flex;"><span>ssh ubuntu@arm1 <span style="color:#e6db74">&#34;sudo chown -R ubuntu:ubuntu /var/www/auto-comment-worker&#34;</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># 2. Transfer files</span> </span></span><span style="display:flex;"><span>scp scripts/auto-comment-worker.py ubuntu@arm1:/var/www/auto-comment-worker/scripts/ </span></span><span style="display:flex;"><span>scp deploy/auto-comment-worker.service ubuntu@arm1:/tmp/ </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># 3. Install service file</span> </span></span><span style="display:flex;"><span>ssh ubuntu@arm1 <span style="color:#e6db74">&#34;sudo cp /tmp/auto-comment-worker.service /etc/systemd/system/&#34;</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># 4. Set up Python virtual environment</span> </span></span><span style="display:flex;"><span>ssh ubuntu@arm1 <span style="color:#e6db74">&#34;cd /var/www/auto-comment-worker &amp;&amp; python3 -m venv venv&#34;</span> </span></span><span style="display:flex;"><span>ssh ubuntu@arm1 <span style="color:#e6db74">&#34;cd /var/www/auto-comment-worker &amp;&amp; venv/bin/pip install flask flask-limiter marshmallow requests&#34;</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># 5. Configure authentication files</span> </span></span><span style="display:flex;"><span>ssh ubuntu@arm1 <span style="color:#e6db74">&#34;sudo mkdir -p /etc/auto-comment-worker/credentials&#34;</span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Token file is created directly on the server (not transferred via scp)</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># 6. Start service</span> </span></span><span style="display:flex;"><span>ssh ubuntu@arm1 <span style="color:#e6db74">&#34;sudo systemctl daemon-reload &amp;&amp; sudo systemctl enable --now auto-comment-worker&#34;</span> </span></span></code></pre></div><h3 id="heredoc-variable-expansion-pitfall">Heredoc Variable Expansion Pitfall </h3><p>A common mistake when writing installation scripts with heredoc:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#75715e"># Single quotes: Variables are NOT expanded!</span> </span></span><span style="display:flex;"><span>ssh ubuntu@arm1 <span style="color:#e6db74">&lt;&lt; &#39;ENDSSH&#39; </span></span></span><span style="display:flex;"><span><span style="color:#e6db74">echo $CREDENTIALS_DIR # Prints empty string </span></span></span><span style="display:flex;"><span><span style="color:#e6db74">ENDSSH</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># No quotes: Variables are expanded locally</span> </span></span><span style="display:flex;"><span>ssh ubuntu@arm1 <span style="color:#e6db74">&lt;&lt; ENDSSH </span></span></span><span style="display:flex;"><span><span style="color:#e6db74">echo $CREDENTIALS_DIR # Expanded to local variable value </span></span></span><span style="display:flex;"><span><span style="color:#e6db74">ENDSSH</span> </span></span></code></pre></div><p>To avoid this problem, we switched to executing commands individually instead of using a script.</p> <hr> <h2 id="troubleshooting-github_token-loading-failure">Troubleshooting: GITHUB_TOKEN Loading Failure </h2><p>This was the issue that consumed the most time while deploying this system. When the comment Webhook arrived, the following error repeated:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span>INFO:__main__:GITHUB_TOKEN configured: False </span></span><span style="display:flex;"><span>INFO:__main__:GitHub API response status: 401 </span></span><span style="display:flex;"><span>ERROR:__main__:Failed to get Discussion GraphQL ID </span></span></code></pre></div><p>We record the process of tracking down the cause step by step.</p> <h3 id="step-1-loadcredential-path-issue">Step 1: LoadCredential Path Issue </h3><p>Initially, we used the <code>LoadCredential</code> directive in systemd:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-ini" data-lang="ini"><span style="display:flex;"><span><span style="color:#a6e22e">LoadCredential</span><span style="color:#f92672">=</span><span style="color:#e6db74">github-token:/etc/auto-comment-worker/github-token</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span><span style="color:#e6db74">GITHUB_TOKEN_FILE=%d/github-token</span> </span></span></code></pre></div><p><code>%d</code> is a systemd special variable replaced with the credentials directory path. However, this variable was not interpreted as intended, causing the token file path to be set incorrectly.</p> <p><strong>Solution</strong>: Instead of <code>LoadCredential</code>, we specified the absolute path directly.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-ini" data-lang="ini"><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span><span style="color:#e6db74">GITHUB_TOKEN_FILE=/etc/auto-comment-worker/github-token</span> </span></span></code></pre></div><h3 id="step-2-file-ownership-issue">Step 2: File Ownership Issue </h3><p><code>GITHUB_TOKEN configured: False</code> still appeared. Checking the file revealed:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>$ ls -la /etc/auto-comment-worker/github-token </span></span><span style="display:flex;"><span>-rw------- <span style="color:#ae81ff">1</span> root root <span style="color:#ae81ff">93</span> May <span style="color:#ae81ff">3</span> 01:10 github-token </span></span></code></pre></div><p>Since the file owner is <code>root</code> and permissions are <code>600</code>, the service running as the <code>ubuntu</code> user cannot read this file.</p> <p><strong>Solution</strong>:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo chown ubuntu:ubuntu /etc/auto-comment-worker/github-token </span></span><span style="display:flex;"><span>sudo chmod <span style="color:#ae81ff">640</span> /etc/auto-comment-worker/github-token </span></span></code></pre></div><h3 id="step-3-readonlypaths-conflict">Step 3: ReadOnlyPaths Conflict </h3><p>Even after changing ownership, <code>GITHUB_TOKEN configured: False</code> persisted. The cause was the <code>ReadOnlyPaths</code> setting in the systemd service file:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-ini" data-lang="ini"><span style="display:flex;"><span><span style="color:#75715e"># This setting blocked file reading</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">ReadOnlyPaths</span><span style="color:#f92672">=</span><span style="color:#e6db74">/etc/auto-comment-worker</span> </span></span></code></pre></div><p><code>ProtectSystem=strict</code> already mounts the entire filesystem read-only. Adding <code>ReadOnlyPaths</code> on top of that can cause mount namespace conflicts in some environments.</p> <p><strong>Solution</strong>: Changed <code>ReadOnlyPaths</code> to an empty value.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-ini" data-lang="ini"><span style="display:flex;"><span><span style="color:#a6e22e">ReadOnlyPaths</span><span style="color:#f92672">=</span> </span></span></code></pre></div><h3 id="step-4-python-file-permission-validation-code-root-cause">Step 4: Python File Permission Validation Code (Root Cause) </h3><p>Even after resolving all previous 3 steps, the token still did not load. The final cause was the overly strict file permission validation in the Python code:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-python" data-lang="python"><span style="display:flex;"><span><span style="color:#75715e"># File permission 640 → Group read bit (0o040) is set → Denied!</span> </span></span><span style="display:flex;"><span><span style="color:#66d9ef">if</span> st<span style="color:#f92672">.</span>st_mode <span style="color:#f92672">&amp;</span> (stat<span style="color:#f92672">.</span>S_IRWXO <span style="color:#f92672">|</span> stat<span style="color:#f92672">.</span>S_IRWXG): </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">raise</span> <span style="color:#a6e22e">PermissionError</span>(<span style="color:#e6db74">&#34;Token file must be 600 or 400&#34;</span>) </span></span></code></pre></div><p>Because we changed to <code>chmod 640</code> in Step 2, the group read bit was set, triggering this validation. However, the error message did not appear in the logs, delaying discovery — because the <code>PermissionError</code> occurred at the module import time, preventing the service from starting at all.</p> <p><strong>Solution</strong>: As explained in Part 2, we modified it to check only <code>stat.S_IWOTH</code>.</p> <h3 id="importance-of-debugging-logs">Importance of Debugging Logs </h3><p>The debugging logs added to track this issue:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-python" data-lang="python"><span style="display:flex;"><span>logger<span style="color:#f92672">.</span>info(<span style="color:#e6db74">f</span><span style="color:#e6db74">&#34;GITHUB_TOKEN configured: </span><span style="color:#e6db74">{</span>bool(GITHUB_TOKEN)<span style="color:#e6db74">}</span><span style="color:#e6db74">&#34;</span>) </span></span><span style="display:flex;"><span>logger<span style="color:#f92672">.</span>info(<span style="color:#e6db74">f</span><span style="color:#e6db74">&#34;GitHub API response status: </span><span style="color:#e6db74">{</span>response<span style="color:#f92672">.</span>status_code<span style="color:#e6db74">}</span><span style="color:#e6db74">&#34;</span>) </span></span><span style="display:flex;"><span>logger<span style="color:#f92672">.</span>info(<span style="color:#e6db74">f</span><span style="color:#e6db74">&#34;GitHub API response body: </span><span style="color:#e6db74">{</span>response<span style="color:#f92672">.</span>text[:<span style="color:#ae81ff">500</span>]<span style="color:#e6db74">}</span><span style="color:#e6db74">&#34;</span>) </span></span></code></pre></div><p>Without these logs, it would have taken much longer to identify the cause. Always log token load success/failure and API response status for authentication-related code.</p> <h3 id="debugging-flow-summary">Debugging Flow Summary </h3><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-zed" data-lang="zed"><span style="display:flex;"><span>[<span style="color:#960050;background-color:#1e0010">1</span>] LoadCredential <span style="color:#f92672">%</span>d not interpreted <span style="color:#960050;background-color:#1e0010">→</span> Changed to absolute path </span></span><span style="display:flex;"><span> <span style="color:#960050;background-color:#1e0010">↓</span> (Still failed) </span></span><span style="display:flex;"><span>[<span style="color:#960050;background-color:#1e0010">2</span>] File owner root<span style="color:#f92672">:</span>root <span style="color:#960050;background-color:#1e0010">→</span> Changed to ubuntu<span style="color:#f92672">:</span>ubuntu </span></span><span style="display:flex;"><span> <span style="color:#960050;background-color:#1e0010">↓</span> (Still failed) </span></span><span style="display:flex;"><span>[<span style="color:#960050;background-color:#1e0010">3</span>] ReadOnlyPaths conflict <span style="color:#960050;background-color:#1e0010">→</span> Removed </span></span><span style="display:flex;"><span> <span style="color:#960050;background-color:#1e0010">↓</span> (Still failed) </span></span><span style="display:flex;"><span>[<span style="color:#960050;background-color:#1e0010">4</span>] Python <span style="color:#66d9ef">permission</span> check S_IRWXG <span style="color:#960050;background-color:#1e0010">→</span> Relaxed to S_IWOTH </span></span><span style="display:flex;"><span> <span style="color:#960050;background-color:#1e0010">↓</span> </span></span><span style="display:flex;"><span> [Resolved<span style="color:#f92672">!</span>] </span></span></code></pre></div><p>Lessons learned from this 4-step debugging:</p> <ol> <li><strong>Change one at a time and verify</strong>: If you change multiple settings at once, you won&rsquo;t know which one is the cause.</li> <li><strong>Trust logs, but suspect where there are no logs</strong>: Exceptions at module load time may not appear in standard logs.</li> <li><strong>Security validation code can also be a source of bugs</strong>: When security code blocks normal operation — balancing security and operations.</li> </ol> <hr> <h2 id="health-check">Health Check </h2><p>A health check endpoint to verify the service is running correctly:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-python" data-lang="python"><span style="display:flex;"><span><span style="color:#a6e22e">@app.route</span>(<span style="color:#e6db74">&#39;/health&#39;</span>, methods<span style="color:#f92672">=</span>[<span style="color:#e6db74">&#39;GET&#39;</span>]) </span></span><span style="display:flex;"><span><span style="color:#66d9ef">def</span> <span style="color:#a6e22e">health</span>(): </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;&#34;&#34;Health check&#34;&#34;&#34;</span> </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">return</span> jsonify({<span style="color:#e6db74">&#39;status&#39;</span>: <span style="color:#e6db74">&#39;healthy&#39;</span>}) </span></span></code></pre></div><p>Monitoring systems periodically call <code>/health</code> to verify the service status:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>curl -s http://localhost:8081/health </span></span><span style="display:flex;"><span><span style="color:#75715e"># {&#34;status&#34;: &#34;healthy&#34;}</span> </span></span></code></pre></div><hr> <h2 id="future-improvements">Future Improvements </h2><ol> <li><strong>Asynchronous Processing</strong>: Asynchronize AI response generation using Celery or Redis Queue to respond within the GitHub Webhook timeout (10 seconds).</li> <li><strong>Retry Logic</strong>: Exponential backoff retry on GitHub API call failures.</li> <li><strong>Monitoring Dashboard</strong>: Monitor response time, success rate, and error rate with Prometheus + Grafana.</li> <li><strong>Automated Deployment</strong>: Build an automated deployment pipeline with GitHub Actions on code changes.</li> <li><strong>Testing</strong>: Write integration tests mocking Webhook payloads.</li> </ol> <hr> <h2 id="conclusion">Conclusion </h2><p>Over three parts, we have recorded the entire build process of the blog AI auto-comment system:</p> <ul> <li><strong>Part 1</strong>: Full architecture of giscus → GitHub Webhook → Flask → Claude Code → GraphQL</li> <li><strong>Part 2</strong>: File-based authentication, HMAC verification, input sanitization, systemd security</li> <li><strong>Part 3</strong>: Actual deployment, nginx proxy, 4-step debugging process</li> </ul> <p>The greatest value of this system is that it <strong>automates communication with blog readers</strong>. While it is difficult for blog operators to respond to every comment immediately, an AI assistant can provide a first response, improving the reader experience.</p> <p>The full code is available at the <a class="link" href="https://github.com/yarang/blogs" target="_blank" rel="noopener" >GitHub repository</a>.</p> <hr> <p><em>This article is Part 3 (the final part) of the AgentForge blog auto-comment system series.</em></p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-fallback" data-lang="fallback"></code></pre></div>Building a Blog AI Auto-Comment System (2/3) — Security Hardeninghttps://blog.fcoinfup.com/post/ai-auto-comment-system-part2-security/Sun, 03 May 2026 01:10:00 +0900https://blog.fcoinfup.com/post/ai-auto-comment-system-part2-security/<h2 id="overview">Overview </h2><p>In <a class="link" href="https://blog.fcoinfup.com/ko/post/ai-auto-comment-system-part1-architecture/" >Part 1</a>, we covered the architecture and implementation of the AI auto-comment system. In this Part 2, we will focus on security aspects.</p> <p>Systems that receive external Webhooks, manage GitHub API tokens, and process user input require special attention to security. We will explain the process of switching from environment variables to file-based authentication, the reasons behind it, and the design of each security layer.</p> <hr> <h2 id="security-threat-model">Security Threat Model </h2><p>Threats that this system must defend against:</p> <table> <thead> <tr> <th>Threat</th> <th>Attack Vector</th> <th>Defense</th> </tr> </thead> <tbody> <tr> <td>Spoofed Webhook</td> <td>Attacker sends fake Webhook</td> <td>HMAC-SHA256 signature verification</td> </tr> <tr> <td>Token Leak</td> <td>Environment variable exposure, log exposure</td> <td>File-based authentication + permission restrictions</td> </tr> <tr> <td>XSS/Injection</td> <td>Malicious comment content</td> <td>Input sanitization</td> </tr> <tr> <td>Excessive Requests</td> <td>DDoS, abuse</td> <td>Flask-Limiter rate limiting</td> </tr> <tr> <td>Privilege Escalation</td> <td>Worker process compromise</td> <td>systemd security directives</td> </tr> <tr> <td>Infinite Loop</td> <td>AI responding to itself</td> <td>Marker-based comment detection</td> </tr> </tbody> </table> <hr> <h2 id="file-based-authentication-management">File-Based Authentication Management </h2><h3 id="problems-with-environment-variables">Problems with Environment Variables </h3><p>Initially, we managed GitHub tokens and Webhook secrets as environment variables:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-ini" data-lang="ini"><span style="display:flex;"><span><span style="color:#75715e"># Initial (unsafe)</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span><span style="color:#e6db74">GITHUB_TOKEN=ghp_xxxxx</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span><span style="color:#e6db74">GITHUB_WEBHOOK_SECRET=my-secret-key</span> </span></span></code></pre></div><p>Problems with the environment variable approach:</p> <ul> <li><strong><code>/proc/PID/environ</code></strong>: Process environment variables are exposed as a file in Linux</li> <li><strong>Log exposure</strong>: Risk of environment variables being logged during debugging</li> <li><strong>Child process inheritance</strong>: When running Claude Code with <code>subprocess.run</code>, all environment variables are inherited</li> <li><strong>systemd configuration file</strong>: If the service file contains plaintext secrets, there is a risk of committing them to git</li> </ul> <h3 id="switching-to-file-based">Switching to File-Based </h3><p>Store credentials in the file system and specify only <strong>file paths</strong> in environment variables:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-ini" data-lang="ini"><span style="display:flex;"><span><span style="color:#75715e"># Improved — only path exposed</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span><span style="color:#e6db74">GITHUB_TOKEN_FILE=/etc/auto-comment-worker/github-token</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">Environment</span><span style="color:#f92672">=</span><span style="color:#e6db74">GITHUB_WEBHOOK_SECRET_FILE=/etc/auto-comment-worker/credentials/webhook-secret</span> </span></span></code></pre></div><p>Directory structure of the server:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span>/etc/auto-comment-worker/ </span></span><span style="display:flex;"><span>├── github-token # GitHub Personal Access Token (640) </span></span><span style="display:flex;"><span>└── credentials/ </span></span><span style="display:flex;"><span> └── webhook-secret # GitHub Webhook HMAC Secret (600) </span></span></code></pre></div><h3 id="token-file-loading-code">Token File Loading Code </h3><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-python" data-lang="python"><span style="display:flex;"><span><span style="color:#f92672">import</span> stat </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span>GITHUB_TOKEN_FILE <span style="color:#f92672">=</span> os<span style="color:#f92672">.</span>environ<span style="color:#f92672">.</span>get(<span style="color:#e6db74">&#39;GITHUB_TOKEN_FILE&#39;</span>, <span style="color:#e6db74">&#39;&#39;</span>) </span></span><span style="display:flex;"><span><span style="color:#66d9ef">if</span> GITHUB_TOKEN_FILE <span style="color:#f92672">and</span> os<span style="color:#f92672">.</span>path<span style="color:#f92672">.</span>exists(GITHUB_TOKEN_FILE): </span></span><span style="display:flex;"><span> <span style="color:#75715e"># Check file permissions</span> </span></span><span style="display:flex;"><span> st <span style="color:#f92672">=</span> os<span style="color:#f92672">.</span>stat(GITHUB_TOKEN_FILE) </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">if</span> st<span style="color:#f92672">.</span>st_mode <span style="color:#f92672">&amp;</span> stat<span style="color:#f92672">.</span>S_IWOTH: </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">raise</span> <span style="color:#a6e22e">PermissionError</span>(<span style="color:#e6db74">&#34;Token file must not be world-writable&#34;</span>) </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">with</span> open(GITHUB_TOKEN_FILE, <span style="color:#e6db74">&#39;r&#39;</span>) <span style="color:#66d9ef">as</span> f: </span></span><span style="display:flex;"><span> GITHUB_TOKEN <span style="color:#f92672">=</span> f<span style="color:#f92672">.</span>read()<span style="color:#f92672">.</span>strip() </span></span><span style="display:flex;"><span><span style="color:#66d9ef">else</span>: </span></span><span style="display:flex;"><span> GITHUB_TOKEN <span style="color:#f92672">=</span> os<span style="color:#f92672">.</span>environ<span style="color:#f92672">.</span>get(<span style="color:#e6db74">&#39;GITHUB_TOKEN&#39;</span>, <span style="color:#e6db74">&#39;&#39;</span>) </span></span></code></pre></div><p>Core design decisions:</p> <ol> <li><strong>Prefer file if it exists</strong>: Environment variables are used only as a fallback</li> <li><strong>Permission verification</strong>: Check permissions before reading the file</li> <li><strong>strip()</strong>: Remove newline characters at the end of the file</li> </ol> <h3 id="file-permission-validation--a-trial-and-error-journey">File Permission Validation — A Trial and Error Journey </h3><p>I spent the most time on this part. The initial code was too strict:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-python" data-lang="python"><span style="display:flex;"><span><span style="color:#75715e"># Initial code — too strict</span> </span></span><span style="display:flex;"><span><span style="color:#66d9ef">if</span> st<span style="color:#f92672">.</span>st_mode <span style="color:#f92672">&amp;</span> (stat<span style="color:#f92672">.</span>S_IRWXO <span style="color:#f92672">|</span> stat<span style="color:#f92672">.</span>S_IRWXG): </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">raise</span> <span style="color:#a6e22e">PermissionError</span>(<span style="color:#e6db74">&#34;Token file must be 600 or 400&#34;</span>) </span></span></code></pre></div><p>Problem with this code: <code>S_IRWXO | S_IRWXG</code> checks <strong>all group permissions</strong> (read/write/execute) and <strong>all other permissions</strong>. That is, if the file permission is <code>640</code> (owner read/write, group read), it is rejected.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span># Bit mask analysis </span></span><span style="display:flex;"><span>S_IRWXG = 0o070 # Group read+write+execute </span></span><span style="display:flex;"><span>S_IRWXO = 0o007 # Other read+write+execute </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span># 640 = 0o640 </span></span><span style="display:flex;"><span>0o640 &amp; (0o070 | 0o007) = 0o640 &amp; 0o077 = 0o040 # Not 0 → Rejected! </span></span></code></pre></div><p>For actual security, what matters is that <strong>other users cannot modify the file</strong>. Group read permission allows users in the same group to read the file and is not a security issue.</p> <p>After revision:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-python" data-lang="python"><span style="display:flex;"><span><span style="color:#75715e"># After revision — focus on actual threat</span> </span></span><span style="display:flex;"><span><span style="color:#66d9ef">if</span> st<span style="color:#f92672">.</span>st_mode <span style="color:#f92672">&amp;</span> stat<span style="color:#f92672">.</span>S_IWOTH: </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">raise</span> <span style="color:#a6e22e">PermissionError</span>(<span style="color:#e6db74">&#34;Token file must not be world-writable&#34;</span>) </span></span></code></pre></div><p>You only need to check <code>stat.S_IWOTH</code> (<code>0o002</code>). This confirms only &ldquo;Does it have write permission for others?&rdquo;.</p> <table> <thead> <tr> <th>Permission</th> <th>Octal</th> <th>Initial Code</th> <th>After Revision</th> </tr> </thead> <tbody> <tr> <td><code>600</code></td> <td><code>0o600</code></td> <td>Allowed</td> <td>Allowed</td> </tr> <tr> <td><code>640</code></td> <td><code>0o640</code></td> <td><strong>Rejected</strong></td> <td>Allowed</td> </tr> <tr> <td><code>644</code></td> <td><code>0o644</code></td> <td>Rejected</td> <td>Allowed</td> </tr> <tr> <td><code>646</code></td> <td><code>0o646</code></td> <td>Rejected</td> <td><strong>Rejected</strong></td> </tr> <tr> <td><code>666</code></td> <td><code>0o666</code></td> <td>Rejected</td> <td><strong>Rejected</strong></td> </tr> </tbody> </table> <hr> <h2 id="hmac-sha256-signature-verification">HMAC-SHA256 Signature Verification </h2><p>GitHub Webhook sends a signature created by HMAC-SHA256 hashing the request body with the Webhook secret in the <code>X-Hub-Signature-256</code> header. We verify this to confirm that the request actually came from GitHub.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-python" data-lang="python"><span style="display:flex;"><span><span style="color:#66d9ef">def</span> <span style="color:#a6e22e">verify_webhook_signature</span>(payload: bytes, signature: str) <span style="color:#f92672">-&gt;</span> bool: </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;&#34;&#34;GitHub webhook signature verification&#34;&#34;&#34;</span> </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">if</span> <span style="color:#f92672">not</span> signature: </span></span><span style="display:flex;"><span> logger<span style="color:#f92672">.</span>warning(<span style="color:#e6db74">&#34;Missing webhook signature&#34;</span>) </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">return</span> <span style="color:#66d9ef">False</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">if</span> <span style="color:#f92672">not</span> WEBHOOK_SECRET: </span></span><span style="display:flex;"><span> logger<span style="color:#f92672">.</span>warning(<span style="color:#e6db74">&#34;WEBHOOK_SECRET not configured - skipping validation&#34;</span>) </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">return</span> <span style="color:#66d9ef">True</span> <span style="color:#75715e"># Allow for development mode</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">try</span>: </span></span><span style="display:flex;"><span> hash_algorithm, github_signature <span style="color:#f92672">=</span> signature<span style="color:#f92672">.</span>split(<span style="color:#e6db74">&#39;=&#39;</span>, <span style="color:#ae81ff">1</span>) </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">if</span> hash_algorithm <span style="color:#f92672">!=</span> <span style="color:#e6db74">&#39;sha256&#39;</span>: </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">return</span> <span style="color:#66d9ef">False</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> mac <span style="color:#f92672">=</span> hmac<span style="color:#f92672">.</span>new( </span></span><span style="display:flex;"><span> WEBHOOK_SECRET<span style="color:#f92672">.</span>encode(), </span></span><span style="display:flex;"><span> msg<span style="color:#f92672">=</span>payload, </span></span><span style="display:flex;"><span> digestmod<span style="color:#f92672">=</span>hashlib<span style="color:#f92672">.</span>sha256 </span></span><span style="display:flex;"><span> ) </span></span><span style="display:flex;"><span> expected_signature <span style="color:#f92672">=</span> mac<span style="color:#f92672">.</span>hexdigest() </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> <span style="color:#75715e"># Prevent timing attacks</span> </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">if</span> <span style="color:#f92672">not</span> hmac<span style="color:#f92672">.</span>compare_digest(expected_signature, github_signature): </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">return</span> <span style="color:#66d9ef">False</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">return</span> <span style="color:#66d9ef">True</span> </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">except</span> <span style="color:#a6e22e">Exception</span> <span style="color:#66d9ef">as</span> e: </span></span><span style="display:flex;"><span> logger<span style="color:#f92672">.</span>error(<span style="color:#e6db74">f</span><span style="color:#e6db74">&#34;Signature verification error: </span><span style="color:#e6db74">{</span>e<span style="color:#e6db74">}</span><span style="color:#e6db74">&#34;</span>) </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">return</span> <span style="color:#66d9ef">False</span> </span></span></code></pre></div><p>Key points:</p> <ul> <li><strong><code>hmac.compare_digest()</code></strong>: Uses constant-time comparison instead of normal <code>==</code> comparison to prevent timing attacks.</li> <li><strong>raw bytes usage</strong>: Uses <code>request.data</code> (original bytes). If parsed with <code>request.json</code> and re-serialized, it may differ from the original.</li> <li><strong>Development mode</strong>: Skips validation if the secret is not set. The secret must be set in production.</li> </ul> <h3 id="nginx-header-forwarding">nginx Header Forwarding </h3><p>For signature verification to work properly, nginx must forward the <code>X-Hub-Signature-256</code> header:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#66d9ef">location</span> <span style="color:#e6db74">/webhook</span> { </span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_pass</span> <span style="color:#e6db74">http://localhost:8081</span>; </span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_set_header</span> <span style="color:#e6db74">Host</span> $host; </span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_set_header</span> <span style="color:#e6db74">X-Real-IP</span> $remote_addr; </span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_set_header</span> <span style="color:#e6db74">X-Forwarded-For</span> $proxy_add_x_forwarded_for; </span></span><span style="display:flex;"><span> <span style="color:#f92672">proxy_set_header</span> <span style="color:#e6db74">X-Hub-Signature-256</span> $http_x_hub_signature_256; </span></span><span style="display:flex;"><span>} </span></span></code></pre></div><p>Unless <code>X-Hub-Signature-256</code> is explicitly forwarded, custom headers may not be passed with just the default <code>proxy_pass</code>.</p> <hr> <h2 id="request-validation-marshmallow-schema">Request Validation (marshmallow Schema) </h2><p>Validate the structure of the Webhook payload using a marshmallow schema:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-python" data-lang="python"><span style="display:flex;"><span><span style="color:#66d9ef">class</span> <span style="color:#a6e22e">WebhookSchema</span>(Schema): </span></span><span style="display:flex;"><span> action <span style="color:#f92672">=</span> fields<span style="color:#f92672">.</span>Str(required<span style="color:#f92672">=</span><span style="color:#66d9ef">True</span>, validate<span style="color:#f92672">=</span>validate<span style="color:#f92672">.</span>Equal(<span style="color:#e6db74">&#39;created&#39;</span>)) </span></span><span style="display:flex;"><span> comment <span style="color:#f92672">=</span> fields<span style="color:#f92672">.</span>Dict(required<span style="color:#f92672">=</span><span style="color:#66d9ef">True</span>) </span></span><span style="display:flex;"><span> discussion <span style="color:#f92672">=</span> fields<span style="color:#f92672">.</span>Dict(required<span style="color:#f92672">=</span><span style="color:#66d9ef">True</span>) </span></span><span style="display:flex;"><span> repository <span style="color:#f92672">=</span> fields<span style="color:#f92672">.</span>Dict(required<span style="color:#f92672">=</span><span style="color:#66d9ef">True</span>) </span></span><span style="display:flex;"><span> sender <span style="color:#f92672">=</span> fields<span style="color:#f92672">.</span>Dict(required<span style="color:#f92672">=</span><span style="color:#66d9ef">False</span>) </span></span></code></pre></div><ul> <li><strong><code>action = 'created'</code> only</strong>: Rejects comment edit (<code>edited</code>) or delete (<code>deleted</code>) events.</li> <li><strong>Required field validation</strong>: Returns 400 error if <code>comment</code>, <code>discussion</code>, <code>repository</code> are missing.</li> <li><strong>ValidationError → Audit log</strong>: Invalid requests are logged in the audit log.</li> </ul> <hr> <h2 id="input-sanitization">Input Sanitization </h2><p>User comments are external input, so they must be processed:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-python" data-lang="python"><span style="display:flex;"><span><span style="color:#66d9ef">def</span> <span style="color:#a6e22e">sanitize_comment</span>(body: str) <span style="color:#f92672">-&gt;</span> str: </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;&#34;&#34;User input sanitization&#34;&#34;&#34;</span> </span></span><span style="display:flex;"><span> body <span style="color:#f92672">=</span> re<span style="color:#f92672">.</span>sub(<span style="color:#e6db74">r</span><span style="color:#e6db74">&#39;&lt;[^&gt;]+&gt;&#39;</span>, <span style="color:#e6db74">&#39;&#39;</span>, body) <span style="color:#75715e"># Remove HTML tags</span> </span></span><span style="display:flex;"><span> body <span style="color:#f92672">=</span> html<span style="color:#f92672">.</span>escape(body) <span style="color:#75715e"># Escape special characters</span> </span></span><span style="display:flex;"><span> body <span style="color:#f92672">=</span> body[:<span style="color:#ae81ff">1000</span>] <span style="color:#75715e"># Length limit</span> </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">return</span> body </span></span></code></pre></div><p>Where this sanitization is applied:</p> <ul> <li>Comment body (<code>comment_body</code>)</li> <li>Discussion title and body (<code>discussion_title</code>, <code>discussion_body</code>)</li> <li>Original author name (<code>original_author</code>)</li> <li>Quoted part when posting AI response</li> </ul> <h3 id="username-masking">Username Masking </h3><p>We do not log the full username:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-python" data-lang="python"><span style="display:flex;"><span><span style="color:#66d9ef">def</span> <span style="color:#a6e22e">mask_username</span>(username: str) <span style="color:#f92672">-&gt;</span> str: </span></span><span style="display:flex;"><span> <span style="color:#e6db74">&#34;&#34;&#34;Username masking&#34;&#34;&#34;</span> </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">if</span> <span style="color:#f92672">not</span> username <span style="color:#f92672">or</span> len(username) <span style="color:#f92672">&lt;</span> <span style="color:#ae81ff">4</span>: </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">return</span> <span style="color:#e6db74">&#34;***&#34;</span> </span></span><span style="display:flex;"><span> <span style="color:#66d9ef">return</span> <span style="color:#e6db74">f</span><span style="color:#e6db74">&#34;</span><span style="color:#e6db74">{</span>username[:<span style="color:#ae81ff">3</span>]<span style="color:#e6db74">}</span><span style="color:#e6db74">***&#34;</span> </span></span></code></pre></div><p>Logs will only display masked names like <code>yar***</code>. This strikes a balance between privacy protection and debugging convenience.</p> <hr> <h2 id="rate-limiting">Rate Limiting </h2><p>Apply rate limiting per endpoint using Flask-Limiter:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-python" data-lang="python"><span style="display:flex;"><span>limiter <span style="color:#f92672">=</span> Limiter( </span></span><span style="display:flex;"><span> app<span style="color:#f92672">=</span>app, </span></span><span style="display:flex;"><span> key_func<span style="color:#f92672">=</span>get_remote_address, </span></span><span style="display:flex;"><span> default_limits<span style="color:#f92672">=</span>[<span style="color:#e6db74">&#34;10 per minute&#34;</span>], </span></span><span style="display:flex;"><span> storage_uri<span style="color:#f92672">=</span><span style="color:#e6db74">&#34;memory://&#34;</span> </span></span><span style="display:flex;"><span>) </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">@app.route</span>(<span style="color:#e6db74">&#39;/webhook&#39;</span>, methods<span style="color:#f92672">=</span>[<span style="color:#e6db74">&#39;POST&#39;</span>]) </span></span><span style="display:flex;"><span><span style="color:#a6e22e">@limiter.limit</span>(<span style="color:#e6db74">&#34;10 per minute&#34;</span>) </span></span><span style="display:flex;"><span><span style="color:#66d9ef">def</span> <span style="color:#a6e22e">github_webhook</span>(): </span></span><span style="display:flex;"><span> <span style="color:#f92672">...</span> </span></span></code></pre></div><ul> <li><strong>10 requests per minute limit</strong>: A figure considering normal Webhook call frequency</li> <li><strong><code>get_remote_address</code></strong>: Limits based on client IP</li> <li><strong><code>memory://</code></strong>: In-memory storage (suitable for single process)</li> </ul> <hr> <h2 id="systemd-security-directives">systemd Security Directives </h2><p>Part 3 will cover systemd deployment in detail, but security-related directives are explained here:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-ini" data-lang="ini"><span style="display:flex;"><span><span style="color:#66d9ef">[Service]</span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Security hardening</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">NoNewPrivileges</span><span style="color:#f92672">=</span><span style="color:#e6db74">true # Prevent privilege escalation</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">PrivateTmp</span><span style="color:#f92672">=</span><span style="color:#e6db74">true # Provide isolated /tmp</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">ProtectSystem</span><span style="color:#f92672">=</span><span style="color:#e6db74">strict # Read-only file system</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">ProtectHome</span><span style="color:#f92672">=</span><span style="color:#e6db74">false # Allow home directory access (for Claude Code config)</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">ReadWritePaths</span><span style="color:#f92672">=</span><span style="color:#e6db74">/var/www/auto-comment-worker /var/log/auto-comment-worker</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Resource limits</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">MemoryMax</span><span style="color:#f92672">=</span><span style="color:#e6db74">512M # Memory limit</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">CPUQuota</span><span style="color:#f92672">=</span><span style="color:#e6db74">50% # CPU usage limit</span> </span></span><span style="display:flex;"><span><span style="color:#a6e22e">TasksMax</span><span style="color:#f92672">=</span><span style="color:#e6db74">100 # Process count limit</span> </span></span></code></pre></div><table> <thead> <tr> <th>Directive</th> <th>Effect</th> </tr> </thead> <tbody> <tr> <td><code>NoNewPrivileges=true</code></td> <td>Privilege escalation via <code>setuid</code>, <code>setgid</code>, etc. is impossible</td> </tr> <tr> <td><code>PrivateTmp=true</code></td> <td>Isolated <code>/tmp</code> namespace, separated from other processes</td> </tr> <tr> <td><code>ProtectSystem=strict</code></td> <td>Mounts entire file system as read-only</td> </tr> <tr> <td><code>ReadWritePaths</code></td> <td>Specifies only paths allowed for writing</td> </tr> <tr> <td><code>MemoryMax=512M</code></td> <td>Protects the entire system in OOM situations</td> </tr> </tbody> </table> <h3 id="conflict-between-protectsystemstrict-and-readonlypaths">Conflict between ProtectSystem=strict and ReadOnlyPaths </h3><p>Initially, adding <code>ReadOnlyPaths=/etc/auto-comment-worker</code> caused an issue where the token file could not be read. Since <code>ProtectSystem=strict</code> already sets the entire file system to read-only, a separate <code>ReadOnlyPaths</code> is unnecessary. It was removed because it could cause conflicts in some environments.</p> <hr> <h2 id="conclusion">Conclusion </h2><p>In this Part 2, we covered file-based authentication management, the file permission validation journey, HMAC-SHA256 signature verification, input sanitization, rate limiting, and systemd security directives.</p> <p>The most important lesson in security: <strong>&ldquo;Too strict validation is as harmful as too loose validation.&rdquo;</strong> The initial code, which only allowed <code>600</code> permissions, was secure, but in the actual operating environment, it rejected files with <code>640</code> permissions, preventing the service from starting. Focusing only on actual threats (world-writable) is the correct approach.</p> <p>In the next Part 3, we will cover <strong>Deployment and Troubleshooting</strong> — systemd service configuration, nginx reverse proxy, and errors actually encountered and the resolution process.</p> <hr> <p><em>This post is Part 2 of the AgentForge blog automatic comment system series.</em></p>