{"workflows":[{"id":"hermes-health","name":"Diagnostic Hermes","risk":"read_only","description":"Vérifie Athéna, Rodin, Dr. House, gateways et derniers événements Hermes.","steps":["check http://127.0.0.1:8642/health","check http://127.0.0.1:8643/health","check http://127.0.0.1:8645/health","inspect systemctl --user is-active hermes-gateway.service","inspect systemctl --user is-active hermes-gateway-rodin.service","inspect systemctl --user is-active hermes-gateway-drhouse.service"]},{"id":"openwebui-health","name":"Diagnostic Open WebUI","risk":"read_only","description":"Vérifie Open WebUI, proxy modèle et container Docker.","steps":["check docker container open-webui","check http://127.0.0.1:8088/","check http://127.0.0.1:8650/v1/models"]},{"id":"coc-tracker-health","name":"Diagnostic CoC Tracker","risk":"read_only","description":"Vérifie service, port, HTTP et présence de game_data.json.","steps":["inspect systemctl is-active coc-tracker.service","check http://127.0.0.1:5010/","check /root/PROJECTS/coc-tracker/data/game_data.json"]},{"id":"vps-daily-report","name":"Rapport quotidien VPS","risk":"read_only","description":"État VPS, disque, mémoire, services critiques et alertes.","steps":["check disk root","check memory available","check failed systemd units","summarize latest events"]},{"id":"security-review","name":"Revue sécurité légère","risk":"read_only","description":"Cartographie ports, firewall, Tailscale, fail2ban, exposition à revoir.","steps":["inspect listening ports","inspect iptables policy","inspect fail2ban status","list services with exposure=review"]},{"id":"network-exposure-audit","name":"Audit exposition réseau","risk":"read_only","description":"Vérifie ports à l’écoute, firewall, fail2ban et services à exposition à revoir.","steps":["inspect listening ports","inspect iptables policy","inspect fail2ban status","list services with exposure=review"]},{"id":"critical-services-logs","name":"Logs services critiques","risk":"read_only","description":"Snapshot logs des services critiques du cockpit.","steps":["inspect service logs hermes-athena","inspect service logs open-webui","inspect service logs coc-tracker"]},{"id":"schedulers-check","name":"Vérification planificateurs","risk":"read_only","description":"Vérifie timers systemd, crontab root et derniers événements Agent OS.","steps":["inspect systemctl list-timers --all --no-pager","inspect root crontab","summarize latest events"]},{"id":"obsidian-wiki-status","name":"Statut Obsidian LLM Wiki","risk":"read_only","description":"Vérifie routine Obsidian, scripts LLM Wiki, hub et santé QMD.","steps":["check /root/.hermes/scripts/obsidian_llm_wiki_nightly.sh","check /root/.hermes/scripts/obsidian_llm_wiki_healthcheck.sh","check /root/.hermes/scripts/obsidian_new_session_hook.sh","check /opt/obsidian-vault/🧠 LLM Wiki/00_Index/LLM Wiki - Hub.md","inspect obsidian wiki health","inspect hermes cron jobs","inspect hermes session bridge event"]},{"id":"restart-coc-tracker","name":"Redémarrer CoC Tracker","risk":"maintenance","description":"Action confirmée qui redémarre coc-tracker.service.","steps":["control restart coc-tracker.service","inspect systemctl is-active coc-tracker.service"]},{"id":"reload-nginx","name":"Recharger Nginx","risk":"maintenance","description":"Action confirmée qui recharge nginx.service.","steps":["control reload nginx.service","inspect systemctl is-active nginx.service"]},{"id":"restart-agent-os-control","name":"Redémarrer Agent OS Control","risk":"maintenance","description":"Action confirmée qui redémarre agent-os-control.service sans bloquer la requête HTTP.","steps":["control restart agent-os-control.service","inspect systemctl is-active agent-os-control.service"]}]}