@inorainllc/wellyon
v0.5.0
Published
Wellyon server monitoring agent — streams host metrics and database statistics to your Wellyon server widget. DB credentials never leave your server.
Maintainers
Readme
@inorainllc/wellyon
Monitoring agent for the Wellyon server widget. Runs on your own Node.js/Linux server, connects outbound only to the Wellyon cloud and streams:
- host metrics (CPU, memory, disk, load, network)
- database statistics (slow queries, unused indexes, bloat, connections) for PostgreSQL, MySQL and MariaDB
- read-only query results for the widget's "Ask AI" charts
- managed database backups (opt-in):
pg_dump/mysqldumpruns locally, dumps stay on your server, only metadata is reported - system monitoring (opt-in): Docker containers + stats, Nginx status, open ports (with optional close), and top-repeated system-log patterns with time-trend detection
Your database credentials never leave this server. Only metrics, schema metadata, statistics and query result rows are transmitted.
Quick start
- In your Wellyon dashboard, add a server under Servers and copy the pairing token.
- On the server:
npx @inorainllc/wellyon init # interactive setup + enrollment
npx @inorainllc/wellyon start # run the agentFor production, run start under systemd / pm2 / a container.
Configuration
init writes wellyon-agent.json (mode 600):
{
"endpoint": "https://api.wellyon.ai",
"pairingToken": "wsa_...", // one-time; replaced by an agent token after enrollment
"serverName": "prod-db-1",
"databases": [
{
"id": "main",
"kind": "postgres",
"url": "postgres://wellyon_ro:...@localhost:5432/app",
"backup": {
"enabled": true, // permission gate — without this the agent refuses backup requests
"dir": "/var/backups/wellyon/main", // default: ~/.wellyon/backups/<id>
"keep": 7, // dumps kept locally (older pruned)
"timeoutMin": 60,
"everyHours": 24 // optional agent-side schedule; omit for on-demand only
}
},
{ "id": "orders", "kind": "mysql", "host": "127.0.0.1", "user": "wellyon_ro", "password": "...", "database": "orders" }
],
"system": {
"docker": true, // Docker containers + live CPU/mem (needs docker CLI + socket access)
"nginx": true, // nginx version/running state
"nginxStatusUrl": "http://127.0.0.1/nginx_status", // optional stub_status for live connections
"ports": true, // listening TCP ports (lsof / ss)
"allowClosePorts": false, // gate — must be true for the widget to close a port
"logs": {
"journald": true, // Linux systemd journal
"files": ["/var/log/nginx/error.log"], // extra log files to scan
"windowMinutes": 15
},
"intervalSec": 30
},
"metricsIntervalSec": 15,
"statsIntervalSec": 300
}System monitoring
All opt-in via the system block. The agent shells out to read-only tools
(docker, lsof/ss, pgrep, journalctl) — install what you want
monitored. Closing a port terminates the process bound to it and is gated
twice: system.allowClosePorts: true in this config AND the system:manage
scope on the widget token. Log analysis normalizes each line to a template
(masking timestamps/ids/ips/numbers), counts repeats, and compares windows to
flag new / rising patterns — so a flood of one error surfaces at the top.
Managed backups
Backups are off by default and gated by the local config — the cloud can
only trigger a dump for a database whose backup.enabled is true. Dumps run
locally (pg_dump -Fc for Postgres, mysqldump --single-transaction | gzip
for MySQL/MariaDB, both tools must be installed), land in backup.dir with
mode 600, and are pruned to the newest keep. The dump file never leaves
your server — Wellyon receives only name/size/duration/status metadata.
Note: dumping usually needs broader privileges than monitoring; use a
dedicated backup user or grant SELECT/LOCK TABLES to the configured one.
Lookup order: $WELLYON_CONFIG → ./wellyon-agent.json → ~/.wellyon/agent.json.
Env overrides: WELLYON_ENDPOINT, WELLYON_PAIRING_TOKEN, WELLYON_SERVER_NAME.
Security model
- Read-only DB user strongly recommended —
initprints the GRANT statements. - Every SQL statement received from the cloud passes a local sandbox: single-statement lexical gate → SQL parser gate → read-only transaction/session with a server-side statement timeout (the hard guarantee), plus row/payload caps.
- Enrollment uses a one-time pairing token; afterwards a revocable agent token
(stored in
~/.wellyon/agent-state.json, mode 600) authenticates the outbound socket. Revoking the server in the dashboard cuts the agent off.
Commands
| Command | Description |
|---|---|
| init | Interactive setup, writes config, enrolls the server |
| start | Run the agent (default) |
| test-connection | Verify Wellyon + database connectivity, then exit |
