- deploy-currencicombo-8604.sh: on readiness timeout, print loud failure
summary (journalctl tails + exact --rollback command with specific
backup path) instead of silently exiting. Deliberately does NOT
auto-rollback; first cutovers often fail because of env/migration
mistakes and auto-restore hides the failure state ops needs.
- install.sh: on first run, write the three API keys + EVENT_SIGNING_SECRET
to /root/currencicombo-first-keys.txt (0600, root:root) as a handoff
copy. Canonical values still live in /etc/currencicombo/orchestrator.env.
Log one pointer line (not the secrets themselves) to journald.
Handoff file is NOT regenerated if orchestrator.env already exists.
- install-prune-cron.sh (new, opt-in): installs /etc/cron.daily/
currencicombo-prune-backups that deletes entries older than 30 days
from /var/lib/currencicombo/backups/ WHILE always keeping the newest
5 regardless of age. Enforced via newest-first sort + i<KEEP_MIN skip.
- webapp-nginx.conf: drop the misleading /events/* 421 guard-rail. The
orchestrator's SSE endpoint is /api/plans/:id/events/stream (under
/api/), so one /api/* guard-rail covers both normal REST and SSE.
- README.md: corrected NPMplus rule table to TWO rules (/api/* with
SSE-friendly proxy_buffering=off + 24h read_timeout + Connection ""
+ http/1.1, and /); added post-cutover smoke checks section with a
concrete SSE streaming test that catches silent proxy_buffering=on
misconfig; documented the /root/currencicombo-first-keys.txt handoff
and the install-prune-cron.sh workflow; replaced stale 'not auto-pruned'
note.
Verification:
- shellcheck --severity=warning: clean on all 3 scripts.
- bash -n: clean on install-prune-cron.sh.
- install-prune-cron.sh --dry-run: prints the pruner body with resolved
env values as expected.
- install.sh --dry-run: walks through user/dirs/nginx-apt steps, then
fails fast on missing psql (expected on a build box without Postgres).
Co-Authored-By: Nakamoto, S <defi@defi-oracle.io>
Closes the gap between Gitea main (b48eb2a, Vite portal + Node
orchestrator, 29 PRs merged, 167 tests) and what's actually serving
curucombo.xn--vov0g.com (Next.js 'ISO-20022 Combo Flow' app from an
unpushed local b118b2b checkout). After this PR is merged and the
runbook in scripts/deployment/README.md is followed on CT 8604, the
Phoenix deployment will serve d-bis/CurrenciCombo main.
Artifacts (all under scripts/deployment/):
- systemd/currencicombo-orchestrator.service - Node orchestrator,
EnvironmentFile=/etc/currencicombo/orchestrator.env, full systemd
hardening (ProtectSystem=strict, PrivateTmp, no caps).
- systemd/currencicombo-webapp.service - nginx serving Vite
SPA on :3000 via RuntimeDirectory=/run/currencicombo-webapp.
- webapp-nginx.conf - self-contained nginx
config; intentionally 421s on /api/* and /events/* so an NPMplus
misconfig fails loudly instead of silently returning index.html.
- .env.prod.example - template for
/etc/currencicombo/orchestrator.env. Documents every EXT-* blocker
env var 1:1 with the Proxmox repo's check-external-dependencies.sh.
- install.sh - idempotent host setup:
user, dirs, nginx, fresh Postgres role/DB (--force-recreate-db to
wipe), Redis autodetect, env file with auto-generated
EVENT_SIGNING_SECRET + 3 API keys, systemd units enabled but not
started. --dry-run supported.
- deploy-currencicombo-8604.sh - build-and-swap deploy
driver (the script deploy-targets.json / phoenix-deploy-api calls):
git fetch/reset, orchestrator tsc build, portal vite build with
VITE_ORCHESTRATOR_URL baked in, migrations, timestamped backup,
systemctl stop, rsync, systemctl start, smoke /ready + portal /,
grep EXT-* from journalctl. --ref, --dry-run, --skip-migrate,
--skip-build, --rollback.
- README.md - architecture diagram,
first-time setup (8 steps), NPMplus ingress rule table, subsequent-
deploy one-liner, rollback, troubleshooting table, cutover-from-
pre-existing-Next.js sequence, explicit list of Proxmox-side
follow-ups.
Target-agnostic: no IP / hostname / VLAN hardcoded. The only file that
embeds the public hostname is README.md (for documentation) and the
default VITE_ORCHESTRATOR_URL in deploy-currencicombo-8604.sh (which
is overridable via env).
Single-origin NPMplus routing (confirmed with user):
curucombo.\xe6\x9b\xbc\xe6\x9d\x8e.com/api/* -> 10.160.0.14:8080 (orchestrator)
curucombo.\xe6\x9b\xbc\xe6\x9d\x8e.com/events/* -> 10.160.0.14:8080 (SSE)
curucombo.\xe6\x9b\xbc\xe6\x9d\x8e.com/* -> 10.160.0.14:3000 (Vite SPA)
Verified on this box (headless):
- shellcheck --severity=warning: clean on both scripts.
- bash -n: clean on both scripts.
- systemd-analyze verify: both unit files parse cleanly (only complaint
is /usr/sbin/nginx not being executable, expected -- nginx is
installed at deploy time).
- install.sh --dry-run: fails fast with the expected FATAL on hosts
without psql (build box). On CT 8604 with Postgres+Redis already
installed, it walks through every step.
- deploy-currencicombo-8604.sh --help: prints the usage.
No runtime code changes. Non-UI. Complements PR #30 (docker-compose
sandbox) which remains the local-dev path.
Proxmox-side follow-up (separate commit on /home/intlc/projects/proxmox
after this PR merges and cutover runs cleanly):
- Update phoenix-deploy-api/deploy-targets.json to point at
scripts/deployment/deploy-currencicombo-8604.sh.
- Retire the inaccurate "Next.js webapp with ignoreBuildErrors"
language in EXTERNAL_DEPENDENCY_BLOCKERS.md.
Co-Authored-By: Nakamoto, S <defi@defi-oracle.io>
Blockscout /api/v2/stats returns average_block_time in milliseconds;
ReportingPage displays it as `${value.toFixed(1)}s` which rendered
~4424s instead of the real ~4.4s. Normalize in the service layer so
every caller gets seconds regardless of upstream format.
Co-Authored-By: Nakamoto, S <defi@defi-oracle.io>
Extends the POC from #2 beyond the Dashboard so every portal page that
can benefit from on-chain signal now pulls from live backends while
preserving its existing UX. Pages without an on-chain analogue (the
IFRS/GAAP/IPSAS report rows, the dbis_core compliance alerts) stay on
sample data with an explicit 'mocked' note.
New shared primitives
---------------------
src/hooks/useLatestTransactions.ts — polls SolaceScan /transactions every 15s
src/hooks/useAddressTransactions.ts — per-address tx feed, 60s polling
src/components/portal/LiveTransactionsPanel.tsx — reusable live-tx card
src/components/portal/LiveChainBanner.tsx — slim status banner
src/components/portal/OnChainBalanceTag.tsx — shared live/off-chain pill
Per-page wiring
---------------
AccountsPage — on-chain pill + META balance + SolaceScan link on
each account row that carries a walletAddress;
overlay renders only on wallet rows (negative check).
SettlementsPage — replaces the static 'Settlement Rate' tile with a
live Chain-138 block + tx-today tile; adds a
LiveTransactionsPanel above the CSD queue so the
page no longer renders identical output when RPC
is dead.
ReportingPage — new On-Chain Reporting Snapshot row (Blockscout
/stats: block depth, total tx, total addrs,
utilisation, avg block time). Clear note that
the IFRS/GAAP/IPSAS rows come from dbis_core and
are still mocked.
TreasuryPage — two new summary tiles: live Chain-138 gas +
aggregated on-chain custody (META) from sample
wallet addresses. Uses the same
useOnChainBalances hook as Accounts.
CompliancePage — AML monitor strip with wallet selector; dedicated
'On-Chain Tx Feed' card shows IN/OUT per tracked
wallet via SolaceScan. dbis_core alerts still
mocked (no public deploy).
TransactionBuilder — LiveChainBanner inserted above the composer so
users know chain health + gas + latency before
composing; transaction-builder-module made a
flex column so the banner doesn't cover the
canvas.
Assertions baked into every live widget
---------------------------------------
- RPC failure flips colour + text to 'degraded'/'—' (no silent freeze).
- Loading state is distinct from both live and degraded.
- Each overlay is only rendered where real data differs from sample data
(walletAddress rows for balances, tracked custody for AML, etc.) so a
page without live overlays is proof-of-scope, not proof-of-brokenness.
Verified locally
----------------
- tsc --noEmit: clean
- npm run build: clean (2066 modules, 565 ms)
Still intentionally mocked
--------------------------
- proxmox.ts — CF-Access protected; a BFF route is now open in
orchestrator PR (see companion PR for /api/proxmox/*).
- dbisCore.ts — no public deployment exists yet.
- Added quick start instructions in README.md for first-time setup, including commands for complete setup, verification, and service start.
- Revised FINAL_STATUS.md to reflect the project's infrastructure completion and readiness for execution, detailing scripts created and documentation status.
- Added multi-platform deployment architecture details (Web App, PWA, DApp) to README.md.
- Included comprehensive troubleshooting guides and fix scripts in README.md.
- Enhanced CHANGELOG.md with new features, fixes, and improvements, including TypeScript error resolutions and updated documentation structure.
- Revised development setup instructions in DEV_SETUP.md to reflect changes in script usage and environment variable setup.
- Revised the development setup section in CURRENT_STATUS.md for clarity and completeness.
- Improved environment variable validation with default values in env.ts.
- Enhanced error handling in errorHandler.ts to provide clearer feedback on validation issues.
- Added a new section in CURRENT_STATUS.md detailing prerequisites and quick start instructions for development setup.
- Updated environment variable validation to include defaults for missing variables in env.ts.
- Improved error handling in errorHandler.ts for better validation feedback.
- Made various code adjustments across services to ensure robustness and clarity.
- Added AccessControl to ComboHandler for role-based access management.
- Implemented gas estimation for plan execution and improved gas limit checks.
- Updated execution and preparation methods to enforce step count limits and role restrictions.
- Enhanced error handling in orchestrator API endpoints with AppError for better validation feedback.
- Integrated request timeout middleware for improved request management.
- Updated Swagger documentation to reflect new API structure and parameters.
- Integrated ECDSA for signature verification in ComboHandler.
- Updated event emissions to include additional parameters for better tracking.
- Improved gas tracking during execution of combo plans.
- Enhanced database interactions for storing and retrieving plans, including conflict resolution and status updates.
- Added new dependencies for security and database management in orchestrator.
