2 Commits

Author	SHA1	Message	Date
Devin AI	ded7d24924	PR AA follow-up: manual-rollback loud-failure summary + keep-min-5 backup-prune cron + root-only initial-keys handoff file ... - deploy-currencicombo-8604.sh: on readiness timeout, print loud failure summary (journalctl tails + exact --rollback command with specific backup path) instead of silently exiting. Deliberately does NOT auto-rollback; first cutovers often fail because of env/migration mistakes and auto-restore hides the failure state ops needs. - install.sh: on first run, write the three API keys + EVENT_SIGNING_SECRET to /root/currencicombo-first-keys.txt (0600, root:root) as a handoff copy. Canonical values still live in /etc/currencicombo/orchestrator.env. Log one pointer line (not the secrets themselves) to journald. Handoff file is NOT regenerated if orchestrator.env already exists. - install-prune-cron.sh (new, opt-in): installs /etc/cron.daily/ currencicombo-prune-backups that deletes entries older than 30 days from /var/lib/currencicombo/backups/ WHILE always keeping the newest 5 regardless of age. Enforced via newest-first sort + i<KEEP_MIN skip. - webapp-nginx.conf: drop the misleading /events/* 421 guard-rail. The orchestrator's SSE endpoint is /api/plans/:id/events/stream (under /api/), so one /api/* guard-rail covers both normal REST and SSE. - README.md: corrected NPMplus rule table to TWO rules (/api/* with SSE-friendly proxy_buffering=off + 24h read_timeout + Connection "" + http/1.1, and /); added post-cutover smoke checks section with a concrete SSE streaming test that catches silent proxy_buffering=on misconfig; documented the /root/currencicombo-first-keys.txt handoff and the install-prune-cron.sh workflow; replaced stale 'not auto-pruned' note. Verification: - shellcheck --severity=warning: clean on all 3 scripts. - bash -n: clean on install-prune-cron.sh. - install-prune-cron.sh --dry-run: prints the pruner body with resolved env values as expected. - install.sh --dry-run: walks through user/dirs/nginx-apt steps, then fails fast on missing psql (expected on a build box without Postgres). Co-Authored-By: Nakamoto, S <defi@defi-oracle.io>	2026-04-22 23:30:34 +00:00
Devin AI	361776ab2e	PR AA: Phoenix / systemd deployment scaffolding (migrate Phoenix off Next.js stub) ... Closes the gap between Gitea main (b48eb2a, Vite portal + Node orchestrator, 29 PRs merged, 167 tests) and what's actually serving curucombo.xn--vov0g.com (Next.js 'ISO-20022 Combo Flow' app from an unpushed local b118b2b checkout). After this PR is merged and the runbook in scripts/deployment/README.md is followed on CT 8604, the Phoenix deployment will serve d-bis/CurrenciCombo main. Artifacts (all under scripts/deployment/): - systemd/currencicombo-orchestrator.service - Node orchestrator, EnvironmentFile=/etc/currencicombo/orchestrator.env, full systemd hardening (ProtectSystem=strict, PrivateTmp, no caps). - systemd/currencicombo-webapp.service - nginx serving Vite SPA on :3000 via RuntimeDirectory=/run/currencicombo-webapp. - webapp-nginx.conf - self-contained nginx config; intentionally 421s on /api/* and /events/* so an NPMplus misconfig fails loudly instead of silently returning index.html. - .env.prod.example - template for /etc/currencicombo/orchestrator.env. Documents every EXT-* blocker env var 1:1 with the Proxmox repo's check-external-dependencies.sh. - install.sh - idempotent host setup: user, dirs, nginx, fresh Postgres role/DB (--force-recreate-db to wipe), Redis autodetect, env file with auto-generated EVENT_SIGNING_SECRET + 3 API keys, systemd units enabled but not started. --dry-run supported. - deploy-currencicombo-8604.sh - build-and-swap deploy driver (the script deploy-targets.json / phoenix-deploy-api calls): git fetch/reset, orchestrator tsc build, portal vite build with VITE_ORCHESTRATOR_URL baked in, migrations, timestamped backup, systemctl stop, rsync, systemctl start, smoke /ready + portal /, grep EXT-* from journalctl. --ref, --dry-run, --skip-migrate, --skip-build, --rollback. - README.md - architecture diagram, first-time setup (8 steps), NPMplus ingress rule table, subsequent- deploy one-liner, rollback, troubleshooting table, cutover-from- pre-existing-Next.js sequence, explicit list of Proxmox-side follow-ups. Target-agnostic: no IP / hostname / VLAN hardcoded. The only file that embeds the public hostname is README.md (for documentation) and the default VITE_ORCHESTRATOR_URL in deploy-currencicombo-8604.sh (which is overridable via env). Single-origin NPMplus routing (confirmed with user): curucombo.\xe6\x9b\xbc\xe6\x9d\x8e.com/api/* -> 10.160.0.14:8080 (orchestrator) curucombo.\xe6\x9b\xbc\xe6\x9d\x8e.com/events/* -> 10.160.0.14:8080 (SSE) curucombo.\xe6\x9b\xbc\xe6\x9d\x8e.com/* -> 10.160.0.14:3000 (Vite SPA) Verified on this box (headless): - shellcheck --severity=warning: clean on both scripts. - bash -n: clean on both scripts. - systemd-analyze verify: both unit files parse cleanly (only complaint is /usr/sbin/nginx not being executable, expected -- nginx is installed at deploy time). - install.sh --dry-run: fails fast with the expected FATAL on hosts without psql (build box). On CT 8604 with Postgres+Redis already installed, it walks through every step. - deploy-currencicombo-8604.sh --help: prints the usage. No runtime code changes. Non-UI. Complements PR #30 (docker-compose sandbox) which remains the local-dev path. Proxmox-side follow-up (separate commit on /home/intlc/projects/proxmox after this PR merges and cutover runs cleanly): - Update phoenix-deploy-api/deploy-targets.json to point at scripts/deployment/deploy-currencicombo-8604.sh. - Retire the inaccurate "Next.js webapp with ignoreBuildErrors" language in EXTERNAL_DEPENDENCY_BLOCKERS.md. Co-Authored-By: Nakamoto, S <defi@defi-oracle.io>	2026-04-22 23:05:18 +00:00