# Configuration and Environment

CLI flags and environment variables

- `--sock` / `YANPM_AGENT_SOCK` (default: `./yanpm-agent.sock`)
  - Path to the Unix socket file the agent will bind to.
  - If the socket directory does not exist the agent attempts to create it and set mode `0770`.

- `--nginx-config-dir` / `YANPM_NGINX_CONFIG_DIR` (default: `/etc/nginx/conf.d`)
  - Directory where nginx fragments are written. The agent writes fragments into a subdirectory named by the agent (internal use).

- `--sock-perm` / `YANPM_AGENT_SOCK_PERM` (default: `660`)
  - A 3-digit octal permission string applied to the socket file (best-effort). The program validates this is a 3-digit octal string.
  - If the final digit is greater than `0` a warning is logged because that allows "others" access.

- `--sock-gid` / `YANPM_AGENT_SOCK_GID` (default: current user's primary group)
  - GID to set on the socket file (best-effort).

Validation rules and behavior

- `sock_perm` must be exactly 3 octal digits (characters 0-7). The agent rejects invalid values at startup.
- When an existing path exists at the socket location the agent verifies it is a unix socket; if so it removes it before binding. If the path exists and is not a socket, startup fails.
- Setting permissions (`set_permissions`) and changing GID (`chown`) are attempted but non-fatal: failures are logged as warnings and the agent continues.

Notes about nginx config directory

- The agent writes fragments into a subdirectory (internal) of the configured `nginx_config_dir`. Ensure nginx is configured to include that subdirectory so fragments are picked up, or use `write_config` then trigger a reload.