THE KILL SWITCH UPDATE

Scenario: It's 3 AM. Your phone buzzes. PagerDuty is screaming. Your API latency is 15,000ms. Your bandwidth usage just hit 10TB in an hour.

You are being DDoS'd. Or maybe your `while(true)` loop just went rogue. It doesn't matter. You are bleeding cash.

On AWS, you'd be logging into a slow console, trying to find the "Stop Instance" button while the UI lags. We fixed that.

1. One Command to End It All

We introduced ronin kill. This is the digital equivalent of pulling the ethernet cable out of the wall. It bypasses the standard graceful shutdown procedures. It is immediate.

2. How It Works (The Edge Drop)

Standard shutdowns try to finish processing pending requests. That’s polite. But in an attack scenario, politeness is expensive.

When you invoke the Kill Switch, our control plane sends a signal to the C++ Reverse Proxy layer. We don't just stop the container; we drop the routing table entry.

Any traffic destined for your domain is rejected at the edge with a hard 444 No Response before it even enters our internal network. This saves you bandwidth costs immediately.

3. Automatic Key Rotation

If you are being attacked, your API keys might be compromised.

The Kill Switch has an optional flag: --rotate-keys. This instantly invalidates your current ENV variables containing `_KEY` or `_SECRET` and generates new ones, pushing them to your secrets manager.

4. The "Maintenance Mode" Page

Once the service is dead, you don't want users seeing a generic browser timeout. Ronin automatically serves a static, lightweight 503 Service Unavailable HTML page from the edge cache.

You can customize this page via `ronin.toml` to say "We are under maintenance" instead of "We are being destroyed by a botnet."

SLEEP SOUNDLY

Deployment shouldn't be scary. Knowing you have a panic button gives you the confidence to ship on Fridays.