AIRO, GoDaddy, ioDAEMON & it's AIRO cross platform founders.

To optimize ioDAEMON.com for both human users and AI agents (such as TorianGPT and CameronGPT), the front-page architecture must leverage a "Loop Logic" design. This allows the ACTFM ENERGY (Self-Evolving Technology Function Matrix) to function as a bridge between intent and the automated execution environments of GoDaddy Airo and GoDaddy WebBuilder.
Front Page "Loop Logic" Architecture
Semantic Header (Human-First / Machine-Primary):
Human View: High-impact "ACTFM ENERGY" branding with a clear call-to-action for "Open AIRO" integration.
Machine View: JSON-LD schema defining ioDAEMON as an AutomatedSystems entity with specific integrationEndpoints for GoDaddy APIs.
ACTFM ENERGY - The Self-Evolving Matrix:
Function: This section serves as the core "Technology Function Matrix" (TFM). It uses real-time data loops to autonomously construct and refine digital assets.
AIRO Integration: Automated outputs are formatted specifically for GoDaddy Airo, enabling the platform to feed business insights directly into Airo's "Site Designer" and marketing agents.
Open AIRO Node (TorianGPT + CameronGPT):
Modular Agents: A dedicated interface for TorianGPT (system logic/structure) and CameronGPT (content/creative execution).
Output Wise to GoDaddy: These agents utilize GoDaddy's Website Builder API to programmatically push changes, SEO optimizations, and social media content directly to a user's GoDaddy dashboard.
Machine-Parsable Site Map (Bottom Navigation):
A technical manifest or .well-known directory that allows AIRO's modular architecture to "crawl" ioDAEMON’s matrix for the latest functional updates.
By structuring the site this way, ioDAEMON.com functions as a "living" node where the ACTFM ENERGY constantly updates the Technology Function Matrix, providing a seamless, automated handoff to the GoDaddy Airo ecosystem.
These articles detail GoDaddy's Website Builder and Airo's API capabilities for AI-assisted site design and third-party integration:Articles – Good toelated to your company – recent changes to operations, the latest company softball game – or the industry you’re in. General business trends (think national and even international) are great article fodder, too.

// main.go
// ioDAEMON.com × GoDaddy “Front Door / Engine Room” — system-wide ACTFM loop (single-file Go)
// - Terminates TLS (Let's Encrypt) for your domain
// - Routes traffic to APP and API upstreams (reverse proxy)
// - Accepts GoDaddy/Airo “construction events” via /intake/godaddy (webhook-style)
// - Runs an ACTFM self-evolving loop (scan → decide → act → record) on a heartbeat
// - Supports live config reload via SIGHUP
//
// NOTE: “magically integrate” with GoDaddy internals :
// GoDaddy/DNS points to this edge gateway; GoDaddy/Airo outputs can be POSTed here as events.
//
// Build:
//   go mod init iodaemon-edge
//   go get golang.org/x/crypto/acme/autocert gopkg.in/yaml.v3
//   go build -o iodaemon-edge main.go
//
// Run (example):
//   export IOD_DOMAIN="iodaemon.com"
//   export IOD_EMAIL="admin@iodaemon.com"
//   export IOD_APP_UPSTREAM="http://127.0.0.1:3000"
//   export IOD_API_UPSTREAM="http://127.0.0.1:8080"
//   export IOD_LISTEN_HTTP=":80"
//   export IOD_LISTEN_HTTPS=":443"
//   export IOD_CONFIG="./iodaemon.yml"
//   ./iodaemon-edge
//
// DNS (GoDaddy):
//   A @ -> your server IP
//   A app -> your server IP
//   A api -> your server IP
//   (or CNAME app/api to a hostname that resolves to your edge)
//
// Optional config file (iodaemon.yml) can override env defaults; hot reload with: kill -HUP <pid>

package main

import (
"context"
"crypto/sha256"
"encoding/json"
"errors"
"fmt"
"golang.org/x/crypto/acme/autocert"
"gopkg.in/yaml.v3"
"io"
"log"
"math"
"net"
"net/http"
"net/http/httputil"
"net/url"
"os"
"os/signal"
"path/filepath"
"strings"
"sync"
"sync/atomic"
"syscall"
"time"
)

type Mode string

const (
Observe  Mode = "OBSERVE"  // record-only
Enforce  Mode = "ENFORCE"  // apply safe automatic actions
Lockdown Mode = "LOCKDOWN" // aggressively reject unknown/abusive traffic
)

type Config struct {
Domain       string `yaml:"domain"`
Email        string `yaml:"email"`
ListenHTTP   string `yaml:"listen_http"`
ListenHTTPS  string `yaml:"listen_https"`
AppUpstream  string `yaml:"app_upstream"`
APIUpstream  string `yaml:"api_upstream"`
Mode         Mode   `yaml:"mode"`
ConfigPath   string `yaml:"-"`
DataDir      string `yaml:"data_dir"`
HeartbeatSec int    `yaml:"heartbeat_sec"`

// Simple WAF / limits
MaxBodyBytes          int64   `yaml:"max_body_bytes"`
RateLimitRPS          float64 `yaml:"rate_limit_rps"`
RateLimitBurst        int     `yaml:"rate_limit_burst"`
LockdownAllowCIDRs    []string `yaml:"lockdown_allow_cidrs"`
RequireWebhookToken   bool    `yaml:"require_webhook_token"`
WebhookTokenEnvVar    string  `yaml:"webhook_token_env"`
TrustedProxyCIDRs     []string `yaml:"trusted_proxy_cidrs"`

// ACTFM thresholds
ErrorRateLockdown float64 `yaml:"error_rate_lockdown"` // if observed error-rate >= this -> lockdown
LatencyP95LockdownMS int64 `yaml:"latency_p95_lockdown_ms"`
}

func defaultConfig() Config {
return Config{
Domain:       getenv("IOD_DOMAIN", "example.com"),
Email:        getenv("IOD_EMAIL", "admin@example.com"),
ListenHTTP:   getenv("IOD_LISTEN_HTTP", ":80"),
ListenHTTPS:  getenv("IOD_LISTEN_HTTPS", ":443"),
AppUpstream:  getenv("IOD_APP_UPSTREAM", "http://127.0.0.1:3000"),
APIUpstream:  getenv("IOD_API_UPSTREAM", "http://127.0.0.1:8080"),
Mode:         Mode(getenv("IOD_MODE", string(Observe))),
ConfigPath:   getenv("IOD_CONFIG", "./iodaemon.yml"),
DataDir:      getenv("IOD_DATA", "./data"),
HeartbeatSec: atoi(getenv("IOD_HEARTBEAT_SEC", "60"), 60),

MaxBodyBytes:        int64(atoi(getenv("IOD_MAX_BODY", "1048576"), 1048576)),
RateLimitRPS:        atof(getenv("IOD_RPS", "25"), 25),
RateLimitBurst:      atoi(getenv("IOD_BURST", "50"), 50),
LockdownAllowCIDRs:  splitCSV(getenv("IOD_LOCKDOWN_ALLOW_CIDRS", "")),
RequireWebhookToken: getenv("IOD_WEBHOOK_TOKEN_REQUIRED", "1") != "0",
WebhookTokenEnvVar:  getenv("IOD_WEBHOOK_TOKEN_ENV", "IOD_WEBHOOK_TOKEN"),
TrustedProxyCIDRs:   splitCSV(getenv("IOD_TRUSTED_PROXY_CIDRS", "")),

ErrorRateLockdown:     atof(getenv("IOD_ERR_LOCKDOWN", "0.08"), 0.08),
LatencyP95LockdownMS:  int64(atoi(getenv("IOD_P95_LOCKDOWN_MS", "1800"), 1800)),
}
}

func (c Config) Validate() error {
switch c.Mode {
case Observe, Enforce, Lockdown:
default:
return fmt.Errorf("invalid mode: %q", c.Mode)
}
if c.Domain == "" {
return errors.New("domain required")
}
if c.AppUpstream == "" || c.APIUpstream == "" {
return errors.New("upstreams required")
}
if c.HeartbeatSec < 10 {
return errors.New("heartbeat_sec too small (min 10)")
}
if c.MaxBodyBytes < 1 {
return errors.New("max_body_bytes must be > 0")
}
if c.RateLimitRPS <= 0 || math.IsNaN(c.RateLimitRPS) {
return errors.New("rate_limit_rps must be > 0")
}
if c.RateLimitBurst < 1 {
return errors.New("rate_limit_burst must be > 0")
}
if c.ErrorRateLockdown <= 0 || c.ErrorRateLockdown > 1 {
return errors.New("error_rate_lockdown must be in (0,1]")
}
if c.LatencyP95LockdownMS < 1 {
return errors.New("latency_p95_lockdown_ms must be > 0")
}
return nil
}

type AtomicConfig struct{ v atomic.Value }

func (a *AtomicConfig) Load() Config {
x := a.v.Load()
if x == nil {
return defaultConfig()
}
return x.(Config)
}
func (a *AtomicConfig) Store(c Config) { a.v.Store(c) }

type Metrics struct {
ReqTotal     uint64
Req4xx       uint64
Req5xx       uint64
LatencyP95MS int64
}

type RingLatency struct {
mu   sync.Mutex
buf  []int64
i    int
full bool
}

func NewRingLatency(n int) *RingLatency { return &RingLatency{buf: make([]int64, n)} }
func (r *RingLatency) Add(ms int64) {
r.mu.Lock()
defer r.mu.Unlock()
r.buf[r.i] = ms
r.i++
if r.i >= len(r.buf) {
r.i = 0
r.full = true
}
}
func (r *RingLatency) P95() int64 {
r.mu.Lock()
defer r.mu.Unlock()
var data []int64
if r.full {
data = append([]int64{}, r.buf...)
} else {
data = append([]int64{}, r.buf[:r.i]...)
}
if len(data) == 0 {
return 0
}
// quickselect-ish: just sort; small ring sizes are fine
// (keep it single-file and stable)
for i := 0; i < len(data); i++ {
for j := i + 1; j < len(data); j++ {
if data[j] < data[i] {
data[i], data[j] = data[j], data[i]
}
}
}
idx := int(math.Ceil(float64(len(data))*0.95)) - 1
if idx < 0 {
idx = 0
}
return data[idx]
}

type Event struct {
TS        time.Time       `json:"ts"`
Source    string          `json:"source"` // "godaddy-airo", "manual", etc.
Type      string          `json:"type"`   // "site_draft", "logo", "marketing_post", "note"
Domain    string          `json:"domain"`
Payload   json.RawMessage `json:"payload"`
Checksum  string          `json:"checksum"`
RemoteIP  string          `json:"remote_ip"`
UserAgent string          `json:"user_agent"`
}

type Queue struct {
ch chan Event
}

func NewQueue(n int) *Queue { return &Queue{ch: make(chan Event, n)} }
func (q *Queue) Enqueue(e Event) bool {
select {
case q.ch <- e:
return true
default:
return false
}
}

type TokenBucket struct {
mu       sync.Mutex
rps      float64
burst    float64
tokens   float64
lastFill time.Time
}

func NewTokenBucket(rps float64, burst int) *TokenBucket {
return &TokenBucket{
rps:      rps,
burst:    float64(burst),
tokens:   float64(burst),
lastFill: time.Now(),
}
}
func (b *TokenBucket) Allow() bool {
b.mu.Lock()
defer b.mu.Unlock()
now := time.Now()
elapsed := now.Sub(b.lastFill).Seconds()
b.lastFill = now
b.tokens = math.Min(b.burst, b.tokens+elapsed*b.rps)
if b.tokens >= 1 {
b.tokens -= 1
return true
}
return false
}

func main() {
log.SetFlags(log.LstdFlags | log.LUTC | log.Lmicroseconds)

var cfg AtomicConfig
cfg.Store(defaultConfig())

// Load config file if exists
if err := loadConfigFile(&cfg); err != nil {
log.Printf("config load warning: %v", err)
}
c := cfg.Load()
if err := c.Validate(); err != nil {
log.Fatalf("config invalid: %v", err)
}
_ = os.MkdirAll(c.DataDir, 0o755)

// Hot reload on SIGHUP
go func() {
sigc := make(chan os.Signal, 2)
signal.Notify(sigc, syscall.SIGHUP)
for range sigc {
if err := loadConfigFile(&cfg); err != nil {
log.Printf("config reload failed: %v", err)
continue
}
log.Printf("config reloaded OK; mode=%s", cfg.Load().Mode)
}
}()

// Observability + ACTFM state
var reqTotal, req4xx, req5xx atomic.Uint64
latRing := NewRingLatency(512)

// Queue for construction events
queue := NewQueue(2048)

// ACL sets
lockdownAllow := mustParseCIDRs(c.LockdownAllowCIDRs)
trustedProxy := mustParseCIDRs(c.TrustedProxyCIDRs)

// Reverse proxies
appProxy := mustProxy(c.AppUpstream)
apiProxy := mustProxy(c.APIUpstream)

// Rate limit bucket (global for simplicity; you can shard by IP later)
bucket := NewTokenBucket(c.RateLimitRPS, c.RateLimitBurst)

// HTTP handler
mux := http.NewServeMux()

// Health / status
mux.HandleFunc("/actfm/health", func(w http.ResponseWriter, r *http.Request) {
cc := cfg.Load()
p95 := latRing.P95()
total := reqTotal.Load()
x4 := req4xx.Load()
x5 := req5xx.Load()
errRate := 0.0
if total > 0 {
errRate = float64(x5) / float64(total)
}
out := map[string]any{
"domain":       cc.Domain,
"mode":         cc.Mode,
"uptime_sec":   int64(time.Since(startedAt).Seconds()),
"req_total":    total,
"req_4xx":      x4,
"req_5xx":      x5,
"latency_p95":  p95,
"error_rate_5xx": errRate,
"heartbeat_sec": cc.HeartbeatSec,
}
w.Header().Set("Content-Type", "application/json")
_ = json.NewEncoder(w).Encode(out)
})

// Intake endpoint for GoDaddy/Airo outputs (webhook-style)
mux.HandleFunc("/intake/godaddy", func(w http.ResponseWriter, r *http.Request) {
cc := cfg.Load()

if r.Method != http.MethodPost {
http.Error(w, "POST only", http.StatusMethodNotAllowed)
return
}

// optional shared token
if cc.RequireWebhookToken {
want := os.Getenv(cc.WebhookTokenEnvVar)
if want == "" {
http.Error(w, "webhook token not set on server", http.StatusServiceUnavailable)
return
}
got := r.Header.Get("X-Webhook-Token")
if subtleConstantTimeEq(got, want) == false {
http.Error(w, "unauthorized", http.StatusUnauthorized)
return
}
}

r.Body = http.MaxBytesReader(w, r.Body, cc.MaxBodyBytes)
body, err := io.ReadAll(r.Body)
if err != nil {
http.Error(w, "bad body", http.StatusBadRequest)
return
}
sum := sha256.Sum256(body)

ev := Event{
TS:        time.Now().UTC(),
Source:    "godaddy-airo",
Type:      r.URL.Query().Get("type"),
Domain:    cc.Domain,
Payload:   json.RawMessage(body),
Checksum:  fmt.Sprintf("%x", sum[:]),
RemoteIP:  clientIP(r, trustedProxy),
UserAgent: r.UserAgent(),
}
if ev.Type == "" {
ev.Type = "note"
}
if ok := queue.Enqueue(ev); !ok {
http.Error(w, "queue full", http.StatusServiceUnavailable)
return
}
w.WriteHeader(http.StatusAccepted)
_, _ = w.Write([]byte("accepted\n"))
})

// Router: app / api split
mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
cc := cfg.Load()

// global rate limit
if !bucket.Allow() {
req4xx.Add(1)
http.Error(w, "rate limited", http.StatusTooManyRequests)
return
}

// lockdown: only allow listed CIDRs if configured
if cc.Mode == Lockdown && len(lockdownAllow) > 0 {
ip := net.ParseIP(clientIP(r, trustedProxy))
if ip == nil || !ipInAnyCIDR(ip, lockdownAllow) {
req4xx.Add(1)
http.Error(w, "lockdown", http.StatusForbidden)
return
}
}

// route
host := strings.ToLower(stripPort(r.Host))
start := time.Now()

// basic routing rules:
// - api.<domain> or path /api/ -> API upstream
// - everything else -> APP upstream
if host == "api."+cc.Domain || strings.HasPrefix(r.URL.Path, "/api/") {
apiProxy.ServeHTTP(w, r)
} else if host == "app."+cc.Domain {
appProxy.ServeHTTP(w, r)
} else {
// default: serve app (landing) from app upstream; keep it simple.
appProxy.ServeHTTP(w, r)
}

// record latency + count (status code capture via wrapper)
_ = start
})

// Wrap mux with metrics/status capturing
handler := withMetrics(mux, &reqTotal, &req4xx, &req5xx, latRing)

// ACTFM loop: consume events + compute basic metrics + take bounded actions
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
go actfmLoop(ctx, &cfg, queue, &reqTotal, &req4xx, &req5xx, latRing)

// TLS manager (Let's Encrypt)
c = cfg.Load()
m := &autocert.Manager{
Prompt:     autocert.AcceptTOS,
Email:      c.Email,
Cache:      autocert.DirCache(filepath.Join(c.DataDir, "autocert")),
HostPolicy: autocert.HostWhitelist(c.Domain, "app."+c.Domain, "api."+c.Domain),
}

// HTTP server (for ACME + redirect)
httpSrv := &http.Server{
Addr:    c.ListenHTTP,
Handler: m.HTTPHandler(http.HandlerFunc(redirectToHTTPS)),
}

// HTTPS server
httpsSrv := &http.Server{
Addr:      c.ListenHTTPS,
Handler:   handler,
TLSConfig: m.TLSConfig(),
}

// Start servers
go func() {
log.Printf("HTTP (ACME/redirect) listening on %s", c.ListenHTTP)
if err := httpSrv.ListenAndServe(); err != nil && !errors.Is(err, http.ErrServerClosed) {
log.Fatalf("http server error: %v", err)
}
}()
go func() {
log.Printf("HTTPS listening on %s for %s (+ app/api subdomains)", c.ListenHTTPS, c.Domain)
if err := httpsSrv.ListenAndServeTLS("", ""); err != nil && !errors.Is(err, http.ErrServerClosed) {
log.Fatalf("https server error: %v", err)
}
}()

// Graceful shutdown
stop := make(chan os.Signal, 2)
signal.Notify(stop, os.Interrupt, syscall.SIGTERM)
<-stop
log.Printf("shutdown requested")

shCtx, shCancel := context.WithTimeout(context.Background(), 10*time.Second)
defer shCancel()
_ = httpsSrv.Shutdown(shCtx)
_ = httpSrv.Shutdown(shCtx)
log.Printf("shutdown complete")
}

var startedAt = time.Now()

func redirectToHTTPS(w http.ResponseWriter, r *http.Request) {
target := "https://" + stripPort(r.Host) + r.URL.RequestURI()
http.Redirect(w, r, target, http.StatusMovedPermanently)
}

func mustProxy(raw string) *httputil.ReverseProxy {
u, err := url.Parse(raw)
if err != nil {
log.Fatalf("bad upstream %q: %v", raw, err)
}
rp := httputil.NewSingleHostReverseProxy(u)
orig := rp.Director
rp.Director = func(r *http.Request) {
orig(r)
// harden hop-by-hop headers
r.Header.Del("Proxy-Connection")
r.Header.Del("Connection")
r.Header.Del("Keep-Alive")
r.Header.Del("TE")
r.Header.Del("Trailer")
r.Header.Del("Transfer-Encoding")
r.Header.Del("Upgrade")
// preserve client ip chain
if ip := clientIP(r, nil); ip != "" {
r.Header.Set("X-Real-IP", ip)
}
}
rp.ErrorHandler = func(w http.ResponseWriter, r *http.Request, e error) {
http.Error(w, "upstream error", http.StatusBadGateway)
}
return rp
}

type statusWriter struct {
http.ResponseWriter
code int
}

func (s *statusWriter) WriteHeader(statusCode int) {
s.code = statusCode
s.ResponseWriter.WriteHeader(statusCode)
}

func withMetrics(next http.Handler, total, x4, x5 *atomic.Uint64, ring *RingLatency) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
sw := &statusWriter{ResponseWriter: w, code: 200}
start := time.Now()
total.Add(1)

// Basic security headers (tune CSP per your frontend)
sw.Header().Set("X-Content-Type-Options", "nosniff")
sw.Header().Set("X-Frame-Options", "DENY")
sw.Header().Set("Referrer-Policy", "no-referrer")
sw.Header().Set("Permissions-Policy", "geolocation=()")

next.ServeHTTP(sw, r)

ms := time.Since(start).Milliseconds()
ring.Add(ms)

if sw.code >= 400 && sw.code < 500 {
x4.Add(1)
}
if sw.code >= 500 {
x5.Add(1)
}
})
}

func actfmLoop(
ctx context.Context,
cfg *AtomicConfig,
queue *Queue,
total, x4, x5 *atomic.Uint64,
latRing *RingLatency,
) {
ticker := time.NewTicker(time.Duration(cfg.Load().HeartbeatSec) * time.Second)
defer ticker.Stop()

// event log file
for {
select {
case <-ctx.Done():
return
case ev := <-queue.ch:
cc := cfg.Load()
appendEvent(cc, ev)
case <-ticker.C:
cc := cfg.Load()
p95 := latRing.P95()
t := total.Load()
e5 := x5.Load()

errRate := 0.0
if t > 0 {
errRate = float64(e5) / float64(t)
}

// ACTFM DECISION (bounded):
// If system is unhealthy, tighten mode (ENFORCE -> LOCKDOWN).
// If healthy and currently LOCKDOWN, relax to ENFORCE.
// OBSERVE never auto-switches (record-only).
newMode := cc.Mode
if cc.Mode != Observe {
if errRate >= cc.ErrorRateLockdown || (p95 > 0 && p95 >= cc.LatencyP95LockdownMS) {
newMode = Lockdown
} else {
// relax
if cc.Mode == Lockdown {
newMode = Enforce
}
}
}

// Record heartbeat
hb := map[string]any{
"ts":            time.Now().UTC().Format(time.RFC3339Nano),
"mode":          cc.Mode,
"new_mode":      newMode,
"req_total":     t,
"req_4xx":       x4.Load(),
"req_5xx":       e5,
"latency_p95_ms": p95,
"error_rate_5xx": errRate,
}
appendJSON(cc, "actfm_heartbeat.jsonl", hb)

// Apply mode switch
if newMode != cc.Mode {
cc.Mode = newMode
cfg.Store(cc)
appendJSON(cc, "actfm_actions.jsonl", map[string]any{
"ts":     time.Now().UTC().Format(time.RFC3339Nano),
"action": "MODE_SWITCH",
"from":   string(hb["mode"].(Mode)),
"to":     string(newMode),
"reason": "thresholds",
})
log.Printf("ACTFM: mode switch %s -> %s (errRate=%.4f p95=%dms)", hb["mode"], newMode, errRate, p95)
} else {
log.Printf("ACTFM: heartbeat mode=%s errRate=%.4f p95=%dms", cc.Mode, errRate, p95)
}
}
}
}

func appendEvent(c Config, ev Event) {
appendJSON(c, "events.jsonl", ev)
}

func appendJSON(c Config, filename string, v any) {
p := filepath.Join(c.DataDir, filename)
f, err := os.OpenFile(p, os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0o644)
if err != nil {
log.Printf("appendJSON open error: %v", err)
return
}
defer f.Close()
enc := json.NewEncoder(f)
if err := enc.Encode(v); err != nil {
log.Printf("appendJSON encode error: %v", err)
}
}

func loadConfigFile(ac *AtomicConfig) error {
cc := ac.Load()
path := cc.ConfigPath
if path == "" {
return nil
}
b, err := os.ReadFile(path)
if err != nil {
// don't fail hard if missing
if os.IsNotExist(err) {
return nil
}
return err
}
var fc Config
if err := yaml.Unmarshal(b, &fc); err != nil {
return err
}

// Merge: file overrides env defaults
base := defaultConfig()
merged := base

apply := func(dst *string, src string) { if src != "" { *dst = src } }
apply(&merged.Domain, fc.Domain)
apply(&merged.Email, fc.Email)
apply(&merged.ListenHTTP, fc.ListenHTTP)
apply(&merged.ListenHTTPS, fc.ListenHTTPS)
apply(&merged.AppUpstream, fc.AppUpstream)
apply(&merged.APIUpstream, fc.APIUpstream)
if fc.Mode != "" {
merged.Mode = fc.Mode
}
if fc.DataDir != "" {
merged.DataDir = fc.DataDir
}
if fc.HeartbeatSec != 0 {
merged.HeartbeatSec = fc.HeartbeatSec
}
if fc.MaxBodyBytes != 0 {
merged.MaxBodyBytes = fc.MaxBodyBytes
}
if fc.RateLimitRPS != 0 {
merged.RateLimitRPS = fc.RateLimitRPS
}
if fc.RateLimitBurst != 0 {
merged.RateLimitBurst = fc.RateLimitBurst
}
if len(fc.LockdownAllowCIDRs) > 0 {
merged.LockdownAllowCIDRs = fc.LockdownAllowCIDRs
}
merged.RequireWebhookToken = fc.RequireWebhookToken
if fc.WebhookTokenEnvVar != "" {
merged.WebhookTokenEnvVar = fc.WebhookTokenEnvVar
}
if len(fc.TrustedProxyCIDRs) > 0 {
merged.TrustedProxyCIDRs = fc.TrustedProxyCIDRs
}
if fc.ErrorRateLockdown != 0 {
merged.ErrorRateLockdown = fc.ErrorRateLockdown
}
if fc.LatencyP95LockdownMS != 0 {
merged.LatencyP95LockdownMS = fc.LatencyP95LockdownMS
}

merged.ConfigPath = path

if err := merged.Validate(); err != nil {
return err
}
ac.Store(merged)
return nil
}

// --- helpers ---

func getenv(k, def string) string {
v := strings.TrimSpace(os.Getenv(k))
if v == "" {
return def
}
return v
}
func atoi(s string, def int) int {
n, err := fmt.SscanjjjJHAIRO