deploy/dalidou/cron-backup.sh

#!/usr/bin/env bash
#
# deploy/dalidou/cron-backup.sh
# ------------------------------
# Daily backup + retention cleanup via the AtoCore API.
#
# Intended to run from cron on Dalidou:
#
#   # Daily at 03:00 UTC
#   0 3 * * * /srv/storage/atocore/app/deploy/dalidou/cron-backup.sh >> /var/log/atocore-backup.log 2>&1
#
# What it does:
#   1. Creates a runtime backup (db + registry, no chroma by default)
#   2. Runs retention cleanup with --confirm to delete old snapshots
#   3. Logs results to stdout (captured by cron into the log file)
#
# Fail-open: exits 0 even on API errors so cron doesn't send noise
# emails. Check /var/log/atocore-backup.log for diagnostics.
#
# Environment variables:
#   ATOCORE_URL             default http://127.0.0.1:8100
#   ATOCORE_BACKUP_CHROMA   default false (set to "true" for cold chroma copy)
#   ATOCORE_BACKUP_DIR      default /srv/storage/atocore/backups
#   ATOCORE_BACKUP_RSYNC    optional rsync destination for off-host copies
#                           (e.g. papa@laptop:/home/papa/atocore-backups/)
#                           When set, the local snapshots tree is rsynced to
#                           the destination after cleanup. Unset = skip.
#                           SSH key auth must already be configured from this
#                           host to the destination.

set -euo pipefail

ATOCORE_URL="${ATOCORE_URL:-http://127.0.0.1:8100}"
INCLUDE_CHROMA="${ATOCORE_BACKUP_CHROMA:-false}"
BACKUP_DIR="${ATOCORE_BACKUP_DIR:-/srv/storage/atocore/backups}"
RSYNC_TARGET="${ATOCORE_BACKUP_RSYNC:-}"
TIMESTAMP="$(date -u +%Y-%m-%dT%H:%M:%SZ)"

log() { printf '[%s] %s\n' "$TIMESTAMP" "$*"; }

log "=== AtoCore daily backup starting ==="

# Step 1: Create backup
log "Step 1: creating backup (chroma=$INCLUDE_CHROMA)"
BACKUP_RESULT=$(curl -sf -X POST \
    -H "Content-Type: application/json" \
    -d "{\"include_chroma\": $INCLUDE_CHROMA}" \
    "$ATOCORE_URL/admin/backup" 2>&1) || {
    log "ERROR: backup creation failed: $BACKUP_RESULT"
    exit 0
}
log "Backup created: $BACKUP_RESULT"

# Step 2: Retention cleanup (confirm=true to actually delete)
log "Step 2: running retention cleanup"
CLEANUP_RESULT=$(curl -sf -X POST \
    -H "Content-Type: application/json" \
    -d '{"confirm": true}' \
    "$ATOCORE_URL/admin/backup/cleanup" 2>&1) || {
    log "ERROR: cleanup failed: $CLEANUP_RESULT"
    exit 0
}
log "Cleanup result: $CLEANUP_RESULT"

# Step 3: Off-host rsync (optional). Fail-open: log but don't abort
# the cron so a laptop being offline at 03:00 UTC never turns the
# local backup path red.
if [[ -n "$RSYNC_TARGET" ]]; then
    log "Step 3: rsyncing snapshots to $RSYNC_TARGET"
    if [[ ! -d "$BACKUP_DIR/snapshots" ]]; then
        log "WARN: $BACKUP_DIR/snapshots does not exist, skipping rsync"
    else
        RSYNC_OUTPUT=$(rsync -a --delete \
            -e "ssh -o ConnectTimeout=10 -o BatchMode=yes -o StrictHostKeyChecking=accept-new" \
            "$BACKUP_DIR/snapshots/" "$RSYNC_TARGET" 2>&1) && {
            log "Rsync complete"
        } || {
            log "WARN: rsync to $RSYNC_TARGET failed (offline or auth?): $RSYNC_OUTPUT"
        }
    fi
else
    log "Step 3: ATOCORE_BACKUP_RSYNC not set, skipping off-host copy"
fi

# Step 3a: Pull OpenClaw state from clawdbot (one-way import of
# SOUL.md, USER.md, MODEL-ROUTING.md, MEMORY.md, recent memory/*.md).
# Loose coupling: OpenClaw's internals don't need to change.
# Fail-open: importer failure never blocks the pipeline.
log "Step 3a: pull OpenClaw state"
OPENCLAW_IMPORT="${ATOCORE_OPENCLAW_IMPORT:-true}"
if [[ "$OPENCLAW_IMPORT" == "true" ]]; then
    python3 "$SCRIPT_DIR/../../scripts/import_openclaw_state.py" \
        --base-url "$ATOCORE_URL" \
        2>&1 | while IFS= read -r line; do log "  $line"; done || {
        log "  WARN: OpenClaw import failed (non-blocking)"
    }
else
    log "  skipped (ATOCORE_OPENCLAW_IMPORT != true)"
fi

# Step 3b: Auto-refresh vault sources so new PKM files flow in
# automatically. Fail-open: never blocks the rest of the pipeline.
log "Step 3b: auto-refresh vault sources"
REFRESH_RESULT=$(curl -sf -X POST --max-time 600 \
    "$ATOCORE_URL/ingest/sources" 2>&1) && {
    log "Sources refresh complete"
} || {
    log "WARN: sources refresh failed (non-blocking): $REFRESH_RESULT"
}

# Step 4: Batch LLM extraction on recent interactions (optional).
# Runs HOST-SIDE because claude CLI is on the host, not inside the
# Docker container. The script fetches interactions from the API,
# runs claude -p locally, and POSTs candidates back.
# Fail-open: extraction failure never blocks backup.
EXTRACT="${ATOCORE_EXTRACT_BATCH:-true}"
if [[ "$EXTRACT" == "true" ]]; then
    SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
    log "Step 4: running host-side batch LLM extraction"
    bash "$SCRIPT_DIR/batch-extract.sh" 2>&1 && {
        log "Extraction complete"
    } || {
        log "WARN: batch extraction failed (this is non-blocking)"
    }
else
    log "Step 4: ATOCORE_EXTRACT_BATCH not set to true, skipping extraction"
fi

log "=== AtoCore daily backup complete ==="
feat: cleanup endpoint, auto-extraction on capture, daily cron script - POST /admin/backup/cleanup — retention cleanup via API (dry-run by default) - record_interaction() accepts extract=True to auto-extract candidate memories from response text using the Phase 9C rule-based extractor - POST /interactions accepts extract field to enable extraction on capture - deploy/dalidou/cron-backup.sh — daily backup + cleanup for cron Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-04-11 10:28:32 -04:00			`#!/usr/bin/env bash`
			`#`
			`# deploy/dalidou/cron-backup.sh`
			`# ------------------------------`
			`# Daily backup + retention cleanup via the AtoCore API.`
			`#`
			`# Intended to run from cron on Dalidou:`
			`#`
			`# # Daily at 03:00 UTC`
			`# 0 3 * * * /srv/storage/atocore/app/deploy/dalidou/cron-backup.sh >> /var/log/atocore-backup.log 2>&1`
			`#`
			`# What it does:`
			`# 1. Creates a runtime backup (db + registry, no chroma by default)`
			`# 2. Runs retention cleanup with --confirm to delete old snapshots`
			`# 3. Logs results to stdout (captured by cron into the log file)`
			`#`
			`# Fail-open: exits 0 even on API errors so cron doesn't send noise`
			`# emails. Check /var/log/atocore-backup.log for diagnostics.`
			`#`
			`# Environment variables:`
feat: length-aware reinforcement + batch triage CLI + off-host backup - Reinforcement matcher now handles paragraph-length memories via a dual-mode threshold: short memories keep the 70% overlap rule, long memories (>15 stems) require 12 absolute overlaps AND 35% fraction so organic paraphrase can still reinforce. Diagnosis: every active memory stayed at reference_count=0 because 40-token project summaries never hit 70% overlap on real responses. - scripts/atocore_client.py gains batch-extract (fan out /interactions/{id}/extract over recent interactions) and triage (interactive promote/reject walker for the candidate queue), matching the Phase 9 reflection-loop review flow without pulling extraction into the capture hot path. - deploy/dalidou/cron-backup.sh adds an optional off-host rsync step gated on ATOCORE_BACKUP_RSYNC, fail-open when the target is offline so a laptop being off at 03:00 UTC never reds the local backup. - docs/next-steps.md records the retrieval-quality sweep: project state surfaces, chunks are on-topic but broad, active memories never reach the pack (reflection loop has no retrieval outlet yet). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-11 11:20:03 -04:00			`# ATOCORE_URL default http://127.0.0.1:8100`
			`# ATOCORE_BACKUP_CHROMA default false (set to "true" for cold chroma copy)`
			`# ATOCORE_BACKUP_DIR default /srv/storage/atocore/backups`
			`# ATOCORE_BACKUP_RSYNC optional rsync destination for off-host copies`
			`# (e.g. papa@laptop:/home/papa/atocore-backups/)`
			`# When set, the local snapshots tree is rsynced to`
			`# the destination after cleanup. Unset = skip.`
			`# SSH key auth must already be configured from this`
			`# host to the destination.`
feat: cleanup endpoint, auto-extraction on capture, daily cron script - POST /admin/backup/cleanup — retention cleanup via API (dry-run by default) - record_interaction() accepts extract=True to auto-extract candidate memories from response text using the Phase 9C rule-based extractor - POST /interactions accepts extract field to enable extraction on capture - deploy/dalidou/cron-backup.sh — daily backup + cleanup for cron Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-04-11 10:28:32 -04:00
			`set -euo pipefail`

			`ATOCORE_URL="${ATOCORE_URL:-http://127.0.0.1:8100}"`
			`INCLUDE_CHROMA="${ATOCORE_BACKUP_CHROMA:-false}"`
feat: length-aware reinforcement + batch triage CLI + off-host backup - Reinforcement matcher now handles paragraph-length memories via a dual-mode threshold: short memories keep the 70% overlap rule, long memories (>15 stems) require 12 absolute overlaps AND 35% fraction so organic paraphrase can still reinforce. Diagnosis: every active memory stayed at reference_count=0 because 40-token project summaries never hit 70% overlap on real responses. - scripts/atocore_client.py gains batch-extract (fan out /interactions/{id}/extract over recent interactions) and triage (interactive promote/reject walker for the candidate queue), matching the Phase 9 reflection-loop review flow without pulling extraction into the capture hot path. - deploy/dalidou/cron-backup.sh adds an optional off-host rsync step gated on ATOCORE_BACKUP_RSYNC, fail-open when the target is offline so a laptop being off at 03:00 UTC never reds the local backup. - docs/next-steps.md records the retrieval-quality sweep: project state surfaces, chunks are on-topic but broad, active memories never reach the pack (reflection loop has no retrieval outlet yet). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-11 11:20:03 -04:00			`BACKUP_DIR="${ATOCORE_BACKUP_DIR:-/srv/storage/atocore/backups}"`
			`RSYNC_TARGET="${ATOCORE_BACKUP_RSYNC:-}"`
feat: cleanup endpoint, auto-extraction on capture, daily cron script - POST /admin/backup/cleanup — retention cleanup via API (dry-run by default) - record_interaction() accepts extract=True to auto-extract candidate memories from response text using the Phase 9C rule-based extractor - POST /interactions accepts extract field to enable extraction on capture - deploy/dalidou/cron-backup.sh — daily backup + cleanup for cron Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-04-11 10:28:32 -04:00			`TIMESTAMP="$(date -u +%Y-%m-%dT%H:%M:%SZ)"`

			`log() { printf '[%s] %s\n' "$TIMESTAMP" "$*"; }`

			`log "=== AtoCore daily backup starting ==="`

			`# Step 1: Create backup`
			`log "Step 1: creating backup (chroma=$INCLUDE_CHROMA)"`
			`BACKUP_RESULT=$(curl -sf -X POST \`
			`-H "Content-Type: application/json" \`
			`-d "{\"include_chroma\": $INCLUDE_CHROMA}" \`
			`"$ATOCORE_URL/admin/backup" 2>&1) \|\| {`
			`log "ERROR: backup creation failed: $BACKUP_RESULT"`
			`exit 0`
			`}`
			`log "Backup created: $BACKUP_RESULT"`

			`# Step 2: Retention cleanup (confirm=true to actually delete)`
			`log "Step 2: running retention cleanup"`
			`CLEANUP_RESULT=$(curl -sf -X POST \`
			`-H "Content-Type: application/json" \`
			`-d '{"confirm": true}' \`
			`"$ATOCORE_URL/admin/backup/cleanup" 2>&1) \|\| {`
			`log "ERROR: cleanup failed: $CLEANUP_RESULT"`
			`exit 0`
			`}`
			`log "Cleanup result: $CLEANUP_RESULT"`

feat: length-aware reinforcement + batch triage CLI + off-host backup - Reinforcement matcher now handles paragraph-length memories via a dual-mode threshold: short memories keep the 70% overlap rule, long memories (>15 stems) require 12 absolute overlaps AND 35% fraction so organic paraphrase can still reinforce. Diagnosis: every active memory stayed at reference_count=0 because 40-token project summaries never hit 70% overlap on real responses. - scripts/atocore_client.py gains batch-extract (fan out /interactions/{id}/extract over recent interactions) and triage (interactive promote/reject walker for the candidate queue), matching the Phase 9 reflection-loop review flow without pulling extraction into the capture hot path. - deploy/dalidou/cron-backup.sh adds an optional off-host rsync step gated on ATOCORE_BACKUP_RSYNC, fail-open when the target is offline so a laptop being off at 03:00 UTC never reds the local backup. - docs/next-steps.md records the retrieval-quality sweep: project state surfaces, chunks are on-topic but broad, active memories never reach the pack (reflection loop has no retrieval outlet yet). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-11 11:20:03 -04:00			`# Step 3: Off-host rsync (optional). Fail-open: log but don't abort`
			`# the cron so a laptop being offline at 03:00 UTC never turns the`
			`# local backup path red.`
			`if [[ -n "$RSYNC_TARGET" ]]; then`
			`log "Step 3: rsyncing snapshots to $RSYNC_TARGET"`
			`if [[ ! -d "$BACKUP_DIR/snapshots" ]]; then`
			`log "WARN: $BACKUP_DIR/snapshots does not exist, skipping rsync"`
			`else`
			`RSYNC_OUTPUT=$(rsync -a --delete \`
			`-e "ssh -o ConnectTimeout=10 -o BatchMode=yes -o StrictHostKeyChecking=accept-new" \`
			`"$BACKUP_DIR/snapshots/" "$RSYNC_TARGET" 2>&1) && {`
			`log "Rsync complete"`
			`} \|\| {`
			`log "WARN: rsync to $RSYNC_TARGET failed (offline or auth?): $RSYNC_OUTPUT"`
			`}`
			`fi`
			`else`
			`log "Step 3: ATOCORE_BACKUP_RSYNC not set, skipping off-host copy"`
			`fi`

feat: OpenClaw state importer — one-way pull via SSH scripts/import_openclaw_state.py reads the OpenClaw file continuity layer from clawdbot (T420) via SSH and imports candidate memories into AtoCore. Loose coupling: OpenClaw's internals don't need to change, AtoCore pulls from stable markdown files. Per codex's integration proposal (docs/openclaw-atocore-integration-proposal.md): Classification: - SOUL.md -> identity candidate - USER.md -> identity candidate - MODEL-ROUTING.md -> adaptation candidate (routing rules) - MEMORY.md -> memory candidate (long-term curated) - memory/YYYY-MM-DD.md -> episodic candidate (daily logs, last 7 days) - heartbeat-state.json -> skipped (ops metadata only, not canonical) Delta detection: SHA-256 hash per file stored in project_state under atocore/status/openclaw_import_hashes. Only changed files re-import. Hashes persist across runs so no wasted work. All imports land as status=candidate. Auto-triage filters. Nothing auto-promotes — the importer is a signal producer, the pipeline decides what graduates. Discord: deferred per codex's proposal — no durable local store in current OpenClaw snapshot. Revisit if OpenClaw exposes an export. Wired into cron-backup.sh as Step 3a (before vault refresh + extraction) so OpenClaw signals flow through the same pipeline. Gated on ATOCORE_OPENCLAW_IMPORT=true (default true). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-14 10:39:27 -04:00			`# Step 3a: Pull OpenClaw state from clawdbot (one-way import of`
			`# SOUL.md, USER.md, MODEL-ROUTING.md, MEMORY.md, recent memory/*.md).`
			`# Loose coupling: OpenClaw's internals don't need to change.`
			`# Fail-open: importer failure never blocks the pipeline.`
			`log "Step 3a: pull OpenClaw state"`
			`OPENCLAW_IMPORT="${ATOCORE_OPENCLAW_IMPORT:-true}"`
			`if [[ "$OPENCLAW_IMPORT" == "true" ]]; then`
			`python3 "$SCRIPT_DIR/../../scripts/import_openclaw_state.py" \`
			`--base-url "$ATOCORE_URL" \`
			`2>&1 \| while IFS= read -r line; do log " $line"; done \|\| {`
			`log " WARN: OpenClaw import failed (non-blocking)"`
			`}`
			`else`
			`log " skipped (ATOCORE_OPENCLAW_IMPORT != true)"`
			`fi`

feat: signal-aggressive extraction + auto vault refresh in nightly cron Extraction prompt rewritten for signal-aggressive mode. The old prompt rewarded silence ("durable insight only, empty is correct") which caused quiet failures — real project signal (Schott quotes arriving, stakeholder events, blockers) was dropped as "not architectural enough". New prompt explicitly lists what to emit: 1. Project activity (mentions with context — quote received, blocker, action item) 2. Decisions and choices (architectural commitments, vendor selection) 3. Durable engineering insight (earned knowledge, generalizable) 4. Stakeholder and vendor events (emails sent, meetings scheduled) 5. Preferences and adaptations (how Antoine works) Philosophy shift: "capture more signal, let triage filter noise" replaces "extract only durable architectural facts". Auto-triage already rejects noise well, so moving the filter downstream gives us visibility into weak signals without polluting active memory. Added 'episodic' to the candidate types list to support stakeholder events with a timestamp feel. LLM_EXTRACTOR_VERSION bumped to llm-0.4.0. Also: cron-backup.sh now runs POST /ingest/sources before extraction so new PKM files flow in automatically. Fail-open, non-blocking. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-14 10:24:50 -04:00			`# Step 3b: Auto-refresh vault sources so new PKM files flow in`
			`# automatically. Fail-open: never blocks the rest of the pipeline.`
			`log "Step 3b: auto-refresh vault sources"`
			`REFRESH_RESULT=$(curl -sf -X POST --max-time 600 \`
			`"$ATOCORE_URL/ingest/sources" 2>&1) && {`
			`log "Sources refresh complete"`
			`} \|\| {`
			`log "WARN: sources refresh failed (non-blocking): $REFRESH_RESULT"`
			`}`

feat: nightly batch extraction in cron-backup.sh (Day 2) Step 4 added to the daily cron: POST /admin/extract-batch with mode=llm, persist=true, limit=50. Runs after backup + cleanup + rsync. Fail-open: extraction failure never blocks the backup. Gated on ATOCORE_EXTRACT_BATCH=true (defaults to true). The endpoint uses the last_extract_batch_run timestamp from project state to auto-resume, so the cron doesn't need to track state. curl --max-time 600 gives the LLM extractor up to 10 minutes for the batch (50 interactions × ~20s each worst case = ~17 min, but most will be no-ops if already extracted). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-12 10:51:13 -04:00			`# Step 4: Batch LLM extraction on recent interactions (optional).`
fix: host-side LLM extraction (claude CLI not in container) The claude CLI is installed on the Dalidou HOST but not inside the Docker container. The /admin/extract-batch API endpoint with mode=llm silently returned 0 candidates because shutil.which('claude') was None inside the container. Fix: extraction runs host-side via deploy/dalidou/batch-extract.sh which calls scripts/batch_llm_extract_live.py with the host's PYTHONPATH pointing at the repo's src/. The script: - Fetches interactions from the API (GET /interactions?since=...) - Runs extract_candidates_llm() locally (host has claude CLI) - POSTs candidates back to the API (POST /memory, status=candidate) - Tracks last-run timestamp via project state The cron now calls the host-side script instead of the container API endpoint for LLM mode. Rule-mode extraction in the container still works via /admin/extract-batch. The API endpoint retains the mode=llm option for environments where claude IS inside the container (future Docker image with claude CLI, or a different deployment model). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-12 10:55:22 -04:00			`# Runs HOST-SIDE because claude CLI is on the host, not inside the`
			`# Docker container. The script fetches interactions from the API,`
			`# runs claude -p locally, and POSTs candidates back.`
feat: nightly batch extraction in cron-backup.sh (Day 2) Step 4 added to the daily cron: POST /admin/extract-batch with mode=llm, persist=true, limit=50. Runs after backup + cleanup + rsync. Fail-open: extraction failure never blocks the backup. Gated on ATOCORE_EXTRACT_BATCH=true (defaults to true). The endpoint uses the last_extract_batch_run timestamp from project state to auto-resume, so the cron doesn't need to track state. curl --max-time 600 gives the LLM extractor up to 10 minutes for the batch (50 interactions × ~20s each worst case = ~17 min, but most will be no-ops if already extracted). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-12 10:51:13 -04:00			`# Fail-open: extraction failure never blocks backup.`
			`EXTRACT="${ATOCORE_EXTRACT_BATCH:-true}"`
			`if [[ "$EXTRACT" == "true" ]]; then`
fix: host-side LLM extraction (claude CLI not in container) The claude CLI is installed on the Dalidou HOST but not inside the Docker container. The /admin/extract-batch API endpoint with mode=llm silently returned 0 candidates because shutil.which('claude') was None inside the container. Fix: extraction runs host-side via deploy/dalidou/batch-extract.sh which calls scripts/batch_llm_extract_live.py with the host's PYTHONPATH pointing at the repo's src/. The script: - Fetches interactions from the API (GET /interactions?since=...) - Runs extract_candidates_llm() locally (host has claude CLI) - POSTs candidates back to the API (POST /memory, status=candidate) - Tracks last-run timestamp via project state The cron now calls the host-side script instead of the container API endpoint for LLM mode. Rule-mode extraction in the container still works via /admin/extract-batch. The API endpoint retains the mode=llm option for environments where claude IS inside the container (future Docker image with claude CLI, or a different deployment model). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-12 10:55:22 -04:00			`SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"`
			`log "Step 4: running host-side batch LLM extraction"`
			`bash "$SCRIPT_DIR/batch-extract.sh" 2>&1 && {`
			`log "Extraction complete"`
feat: nightly batch extraction in cron-backup.sh (Day 2) Step 4 added to the daily cron: POST /admin/extract-batch with mode=llm, persist=true, limit=50. Runs after backup + cleanup + rsync. Fail-open: extraction failure never blocks the backup. Gated on ATOCORE_EXTRACT_BATCH=true (defaults to true). The endpoint uses the last_extract_batch_run timestamp from project state to auto-resume, so the cron doesn't need to track state. curl --max-time 600 gives the LLM extractor up to 10 minutes for the batch (50 interactions × ~20s each worst case = ~17 min, but most will be no-ops if already extracted). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-12 10:51:13 -04:00			`} \|\| {`
fix: host-side LLM extraction (claude CLI not in container) The claude CLI is installed on the Dalidou HOST but not inside the Docker container. The /admin/extract-batch API endpoint with mode=llm silently returned 0 candidates because shutil.which('claude') was None inside the container. Fix: extraction runs host-side via deploy/dalidou/batch-extract.sh which calls scripts/batch_llm_extract_live.py with the host's PYTHONPATH pointing at the repo's src/. The script: - Fetches interactions from the API (GET /interactions?since=...) - Runs extract_candidates_llm() locally (host has claude CLI) - POSTs candidates back to the API (POST /memory, status=candidate) - Tracks last-run timestamp via project state The cron now calls the host-side script instead of the container API endpoint for LLM mode. Rule-mode extraction in the container still works via /admin/extract-batch. The API endpoint retains the mode=llm option for environments where claude IS inside the container (future Docker image with claude CLI, or a different deployment model). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-12 10:55:22 -04:00			`log "WARN: batch extraction failed (this is non-blocking)"`
feat: nightly batch extraction in cron-backup.sh (Day 2) Step 4 added to the daily cron: POST /admin/extract-batch with mode=llm, persist=true, limit=50. Runs after backup + cleanup + rsync. Fail-open: extraction failure never blocks the backup. Gated on ATOCORE_EXTRACT_BATCH=true (defaults to true). The endpoint uses the last_extract_batch_run timestamp from project state to auto-resume, so the cron doesn't need to track state. curl --max-time 600 gives the LLM extractor up to 10 minutes for the batch (50 interactions × ~20s each worst case = ~17 min, but most will be no-ops if already extracted). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-12 10:51:13 -04:00			`}`
			`else`
			`log "Step 4: ATOCORE_EXTRACT_BATCH not set to true, skipping extraction"`
			`fi`

feat: cleanup endpoint, auto-extraction on capture, daily cron script - POST /admin/backup/cleanup — retention cleanup via API (dry-run by default) - record_interaction() accepts extract=True to auto-extract candidate memories from response text using the Phase 9C rule-based extractor - POST /interactions accepts extract field to enable extraction on capture - deploy/dalidou/cron-backup.sh — daily backup + cleanup for cron Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-04-11 10:28:32 -04:00			`log "=== AtoCore daily backup complete ==="`