cross-domain slice 1: events as a fed-sx peer + allocate-a-post-to-a-calendar (LIVE)

The first cross-domain federated workflow — behaviors defined by TYPES, across domains.

- events.rose-ash.com is now a fed-sx PEER: a lib/host instance with SX_DOMAIN=events whose 'calendar'
  TYPE declares an on-allocate behavior. Replaces the Python events service (no strangler). serve.sh
  gates domain types/behaviors on SX_DOMAIN (blog=article publish/digest; events=calendar+allocate).
- DIRECTED cross-domain delivery: an activity with :to <peer-base> is delivered to that peer's inbox
  (∪ followers). The wire gains 'to'. So 'allocate' targets the events peer specifically.
- host/blog--allocate-activity/allocate! + POST /:slug/allocate?calendar=<id>; the events calendar
  type's allocate-link DAG (an execute-fold effect) fires on receipt.
- docker-compose: the sx_events service (own store, shared SX_FED_SECRET, externalnet for a future
  events.rose-ash.com Caddy route).

LIVE PROOF: publish 'Gig Night' on blog.rose-ash.com → POST /gig-night/allocate?calendar=main → the
events peer RECEIVES the directed, signed activity (/activities: 'allocate article gig-night') and
its calendar type's on-allocate behavior FIRES (/flows: 'linked gig-night'). blog 218/218, full
conformance green.

NEXT: events runs lib/events (real calendars/recurrence/ticketing); link event→post; shop
(lib/commerce) sells tickets — same federated, type-declared shape.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
2026-07-02 20:25:37 +00:00
parent 43c085e8e8
commit 355bcbefdc
5 changed files with 85 additions and 32 deletions

View File

@@ -36,9 +36,12 @@ services:
OCAMLRUNPARAM: "b"
# TA-live ACTOR MODEL: A's actor identity + base URL. A is FOLLOWED (B follows it), so A has no
# SX_FOLLOW; it delivers its activities to its followers. SX_FED_SECRET signs/verifies fed POSTs.
SX_DOMAIN: "blog"
SX_ACTOR: "blog.rose-ash.com"
SX_SELF_URL: "http://sx_host:8000"
SX_FED_SECRET: "rose-ash-fed-2026-shared-a3f9"
# Cross-domain: where to send "allocate a post to a calendar" activities (the events peer).
SX_EVENTS_BASE: "http://sx_events:8000"
volumes:
# SX source (hot-reload on container restart)
- ./spec:/app/spec:ro
@@ -82,13 +85,12 @@ services:
- default
restart: unless-stopped
# A second host instance — a federation PEER (B). Host A federates its emitted activities to B's
# /inbox; B's engine fires ITS OWN behaviors on A's state changes ("everything works over fed-sx").
# B has its own durable store + no peers (receives without re-federating). Reached on the default
# network only (not exposed via Caddy).
sx_host_b:
# The EVENTS domain — a fed-sx peer running lib/host with SX_DOMAIN=events (a "calendar" type whose
# on-allocate behavior links posts federated from blog). Replaces the Python events service. Blog
# sends directed "allocate" activities to its /inbox. Own durable store; same shared fed secret.
sx_events:
image: registry.rose-ash.com:5000/sx_docs:latest
container_name: sx-dev-sx_host_b-1
container_name: sx-dev-sx_events-1
entrypoint: ["bash", "/app/lib/host/serve.sh"]
working_dir: /app
environment:
@@ -98,15 +100,13 @@ services:
SX_HTTP_HOST: "0.0.0.0"
SX_PERSIST_DIR: /data/persist
SX_ADMIN_USER: admin
SX_ADMIN_PASSWORD: "sx-host-b-camper-2026"
SX_SESSION_SECRET: "ta-host-b-sess-9d2e1f"
SX_ADMIN_PASSWORD: "sx-events-camper-2026"
SX_SESSION_SECRET: "events-sess-9d2e1f"
SX_SERVING_JIT: "1"
OCAMLRUNPARAM: "b"
# TA-live ACTOR MODEL: B's identity + base. B FOLLOWS A (SX_FOLLOW = A's base) at boot, so A
# delivers its activities to B. Same shared SX_FED_SECRET so signatures verify across A↔B.
SX_ACTOR: "sx_host_b"
SX_SELF_URL: "http://sx_host_b:8000"
SX_FOLLOW: "http://sx_host:8000"
SX_DOMAIN: "events"
SX_ACTOR: "events.rose-ash.com"
SX_SELF_URL: "http://sx_events:8000"
SX_FED_SECRET: "rose-ash-fed-2026-shared-a3f9"
volumes:
- ./spec:/app/spec:ro
@@ -115,10 +115,9 @@ services:
- ./web:/app/web:ro
- ./shared/static:/app/shared/static:ro
- ./hosts/ocaml/_build/default/bin/sx_server.exe:/app/bin/sx_server:ro
- /root/sx-host-b-persist:/data/persist
- /root/sx-events-persist:/data/persist
networks:
# externalnet too, so a Caddy route (e.g. blog-b.rose-ash.com) can reverse_proxy to B — the
# public-domain step is external Caddy + DNS config (not in this repo). default = A↔B fed traffic.
# externalnet too, so Caddy can reverse_proxy events.rose-ash.com → here (external DNS/route).
- externalnet
- default
restart: unless-stopped