Operations

Service

On honor the gateway is installed as an rc.d service:

sudo service e2b-compat status
sudo service e2b-compat restart
tail -f /var/log/e2b-compat.log

After editing Rust, build and install before expecting behavior to change:

mise run e2b:install-service-honor
ssh honor 'sudo service e2b-compat restart'

Admin dashboard

Visit the site admin dashboard at http://localhost:4327/admin/ while the gateway tunnel is open on http://localhost:3001. The Astro dev server proxies live probes to COPPICE_ADMIN_GATEWAY or, by default, http://127.0.0.1:3001. It renders feature receipts, live gateway probes, running machines, template state, bhyve pool state, lifecycle events, snapshot lineage, and VNET diagnostic health.

The node workbench mirrors the Proxmox operator shape. Use /admin/#/node/honor/services for read-only rc.d status and /admin/#/node/honor/network for interface, bridge, route, default-route, and pf status. Use /admin/#/node/honor/disks for live zpool, zfs, df, and gpart inventory. These views are probes only; package upgrades, service restarts, bridge edits, pool repairs, and pf rule edits remain explicit task-backed operations rather than implicit page loads.

Machine rows link back to /ui/ so an operator can open a shell/browser/desktop for a live sandbox. Snapshot + fork is exposed there for manual investigation.

Metrics and receipts

/metrics is Prometheus text. It includes gateway counters, per-sandbox samples, bhyve pool gauges, template verification counters, command counters, and lifecycle/webhook counters.

Site claims are backed by files under benchmarks/results/. If a feature does not have a receipt, the site should say so.

Pool control

bhyve templates use a declarative pool controller. Set targets through the gateway or CLI; the controller replenishes available entries up to the configured target and avoids the old “pool empty” failure mode.

Recovery posture

Do not destroy live bridges or reload root pf casually. Use tools/coppice-net-setup.sh for idempotent network setup. If VNET wedges, capture diagnostics first, then reboot only when someone is present for GELI unlock.