# ops-agent config for the Mac build host (mbp).
#
# The agent listens ONLY on the tailnet interface and authorizes every request
# by resolving the caller via `tailscale whois`, then running the step under
# `caller-grant ∩ this-host-grant`. Copy to ~/.config/ops-agent/config.toml.

# Bind the tailnet address (not 0.0.0.0) so the agent is unreachable off-tailnet.
# Replace with mbp's actual tailnet IP. 8765 mirrors the ACL example.
listen = "100.64.0.2:8765"

# What THIS host is allowed to do — the ceiling for every caller. The Mac signs.
[grant]
actuate = ["build", "sign", "notarize", "staple", "package"]
observe = ["build-log"]

# Callers this agent trusts. `identity` is a tailnet node name (e.g. `fw13`) or a
# tag (e.g. `tag:builder`). The effective grant is this list ∩ [grant] above.
[[allow]]
identity = "fw13"            # the Sando/Bento daemon host
actuate  = ["build", "sign", "notarize", "staple", "package"]
observe  = ["build-log"]