rename Fence to Greywall as GreyHaven sandboxing component

Rebrand the project from Fence to Greywall, the sandboxing layer of the GreyHaven platform. This updates: - Go module path to gitea.app.monadical.io/monadical/greywall - Binary name, CLI help text, and all usage examples - Config paths (~/.config/greywall/greywall.json), env vars (GREYWALL_*) - Log prefixes ([greywall:*]), temp file prefixes (greywall-*) - All documentation, scripts, CI workflows, and example files - README rewritten with GreyHaven branding and Fence attribution Directory/file renames: cmd/fence → cmd/greywall, pkg/fence → pkg/greywall, docs/why-fence.md → docs/why-greywall.md, example JSON files, and banner.
2026-02-10 16:00:24 -06:00
parent 481616455a
commit da3a2ac3a4
68 changed files with 586 additions and 586 deletions
--- a/examples/01-dev-server/README.md
+++ b/examples/01-dev-server/README.md
@@ -1,6 +1,6 @@
 # Dev Server + Redis Demo

-This demo shows how fence controls network access: allowing specific external domains while blocking (or allowing) localhost connections.
+This demo shows how greywall controls network access: allowing specific external domains while blocking (or allowing) localhost connections.

 ## Prerequisites

@@ -21,7 +21,7 @@ npm install
 This shows that requests to Redis (local service) works, but external requests are blocked.

 ```bash
-fence -p 3000 --settings fence-external-blocked.json npm start
+greywall -p 3000 --settings greywall-external-blocked.json npm start
 ```

 Test it:
@@ -39,7 +39,7 @@ curl http://localhost:3000/api/external
 This shows the opposite: whitelisted external domains work, but Redis (localhost) is blocked.

 ```bash
-fence -p 3000 --settings fence-external-only.json npm start
+greywall -p 3000 --settings greywall-external-only.json npm start
 ```

 You will immediately notice that Redis connection is blocked on app startup:
@@ -62,8 +62,8 @@ curl http://localhost:3000/api/users

 | Config | Redis (localhost) | External (httpbin.org) |
 |--------|-------------------|------------------------|
-| `fence-external-blocked.json` | ✓ Allowed | ✗ Blocked |
-| `fence-external-only.json` | ✗ Blocked | ✓ Allowed |
+| `greywall-external-blocked.json` | ✓ Allowed | ✗ Blocked |
+| `greywall-external-only.json` | ✗ Blocked | ✓ Allowed |

 ## Key Settings

@@ -75,7 +75,7 @@ curl http://localhost:3000/api/users

 ## Note: Node.js Proxy Support

-Node.js's native `http`/`https` modules don't respect proxy environment variables. This demo uses [`undici`](https://github.com/nodejs/undici) with `ProxyAgent` to route requests through fence's proxy:
+Node.js's native `http`/`https` modules don't respect proxy environment variables. This demo uses [`undici`](https://github.com/nodejs/undici) with `ProxyAgent` to route requests through greywall's proxy:

 ```javascript
 import { ProxyAgent, fetch } from "undici";
@@ -86,4 +86,4 @@ const response = await fetch(url, {
 });
 ```

-Without this, external HTTP requests would fail with connection errors (the sandbox blocks them) rather than going through fence's proxy.
+Without this, external HTTP requests would fail with connection errors (the sandbox blocks them) rather than going through greywall's proxy.
--- a/examples/01-dev-server/app.js
+++ b/examples/01-dev-server/app.js
@@ -2,7 +2,7 @@
 * Demo Express app that:
 * 1. Serves an API on port 3000
 * 2. Connects to Redis on localhost:6379
- * 3. Attempts to call external APIs (blocked by fence)
+ * 3. Attempts to call external APIs (blocked by greywall)
 *
 * This demonstrates allowLocalOutbound - the app can reach
 * local services (Redis) but not the external internet.
@@ -60,7 +60,7 @@ async function fetchExternal(url) {
    signal: AbortSignal.timeout(5000),
  };

-  // Use proxy if available (set by fence)
+  // Use proxy if available (set by greywall)
  if (proxyUrl) {
    options.dispatcher = new ProxyAgent(proxyUrl);
  }
@@ -84,7 +84,7 @@ app.get("/", (req, res) => {
      "/api/users": "List all users from Redis",
      "/api/users/:id": "Get user by ID from Redis",
      "/api/health": "Health check",
-      "/api/external": "Try to call external API (blocked by fence)",
+      "/api/external": "Try to call external API (blocked by greywall)",
    },
  });
 });
@@ -160,20 +160,20 @@ app.get("/api/external", async (req, res) => {

  try {
    const result = await fetchExternal("https://httpbin.org/get");
-    // Check if we're using a proxy (indicates fence is running)
+    // Check if we're using a proxy (indicates greywall is running)
    const usingProxy = !!(process.env.HTTPS_PROXY || process.env.HTTP_PROXY);
    res.json({
      status: "success",
      message: usingProxy
        ? "✓ Request allowed (httpbin.org is whitelisted)"
-        : "⚠️ No proxy detected - not running in fence",
+        : "⚠️ No proxy detected - not running in greywall",
      proxy: usingProxy ? process.env.HTTPS_PROXY : null,
      data: result,
    });
  } catch (error) {
    res.json({
      status: "blocked",
-      message: "✓ External call blocked by fence",
+      message: "✓ External call blocked by greywall",
      error: error.message,
    });
  }
--- a/examples/01-dev-server/greywall-external-blocked.json
+++ b/examples/01-dev-server/greywall-external-blocked.json
--- a/examples/01-dev-server/greywall-external-only.json
+++ b/examples/01-dev-server/greywall-external-only.json
--- a/examples/01-dev-server/package.json
+++ b/examples/01-dev-server/package.json
@@ -1,7 +1,7 @@
 {
  "name": "dev-server-demo",
  "version": "1.0.0",
-  "description": "Demo: Dev server with Redis in fence sandbox",
+  "description": "Demo: Dev server with Redis in greywall sandbox",
  "type": "module",
  "main": "app.js",
  "scripts": {