Adopt 3-unit systemd socket activation (brainstorm.socket + brainstorm.service running systemd-socket-proxyd + brainstorm-backend.service with Restart=no) as the canonical pattern for any vendored dae

Decision

Adopt 3-unit systemd socket activation (brainstorm.socket + brainstorm.service running systemd-socket-proxyd + brainstorm-backend.service with Restart=no) as the canonical pattern for any vendored daemon that has its own idle-exit contract. Retire the “Restart=always for always-on companions” pattern for brainstorm.service.

Rationale

2-week crash loop (380+ restarts) was caused by Restart=always fighting upstream’s 30-min idle exit. Premortem confirms 3-unit pattern is robust against the failure modes that would matter — plugin upgrades (already mitigated by brainstorm-launch.sh wrapper from 2026-04-25 incident), distro changes (extremely low probability), operator confusion (mitigated by runbook). Cold-start 140ms is invisible for a visual UI. Path 2 (disable upstream timeout) would require patching vendored code every plugin release. Path 3 (leave it) violates Law 3 + Law 9. Live-tested: cold/warm/reactivation all HTTP 200, restart counter now 0.

Alternatives Rejected

Outcome

Pending

Related

• promote-skill-first-principle-from-advisory-autoloader-addit
• fix-sfdescribereporttype-hang-via-two-layer-timeout-enforcem
• systemd-socket-activation-for-non-listenfds-daemons-with-col
• two-layer-salesforce-mcp-timeout-enforcement-final-session-l
• adopt-the-sfc-gh-gpope-cortex-agent-routing-pattern-as-a-can