PR AA: Phoenix / systemd deployment scaffolding (migrate Phoenix off Next.js stub) #31

Closed

nsatoshi wants to merge 2 commits from devin/1776898782-pr-aa-phoenix-migration into main

Author SHA1 Message Date

Author	SHA1	Message	Date
Devin AI	ded7d24924	PR AA follow-up: manual-rollback loud-failure summary + keep-min-5 backup-prune cron + root-only initial-keys handoff file Some checks failed CI / Frontend Lint (pull_request) Failing after 7s Details CI / Frontend Type Check (pull_request) Failing after 7s Details CI / Frontend Build (pull_request) Failing after 6s Details CI / Frontend E2E Tests (pull_request) Failing after 7s Details CI / Orchestrator Build (pull_request) Failing after 7s Details CI / Orchestrator Unit Tests (pull_request) Failing after 6s Details CI / Orchestrator E2E (Testcontainers) (pull_request) Has been skipped Details CI / Contracts Compile (pull_request) Failing after 5s Details CI / Contracts Test (pull_request) Failing after 6s Details Code Quality / SonarQube Analysis (pull_request) Failing after 20s Details Code Quality / Code Quality Checks (pull_request) Failing after 7s Details Security Scan / Dependency Vulnerability Scan (pull_request) Failing after 4s Details Security Scan / OWASP ZAP Scan (pull_request) Failing after 4s Details - deploy-currencicombo-8604.sh: on readiness timeout, print loud failure summary (journalctl tails + exact --rollback command with specific backup path) instead of silently exiting. Deliberately does NOT auto-rollback; first cutovers often fail because of env/migration mistakes and auto-restore hides the failure state ops needs. - install.sh: on first run, write the three API keys + EVENT_SIGNING_SECRET to /root/currencicombo-first-keys.txt (0600, root:root) as a handoff copy. Canonical values still live in /etc/currencicombo/orchestrator.env. Log one pointer line (not the secrets themselves) to journald. Handoff file is NOT regenerated if orchestrator.env already exists. - install-prune-cron.sh (new, opt-in): installs /etc/cron.daily/ currencicombo-prune-backups that deletes entries older than 30 days from /var/lib/currencicombo/backups/ WHILE always keeping the newest 5 regardless of age. Enforced via newest-first sort + i<KEEP_MIN skip. - webapp-nginx.conf: drop the misleading /events/* 421 guard-rail. The orchestrator's SSE endpoint is /api/plans/:id/events/stream (under /api/), so one /api/* guard-rail covers both normal REST and SSE. - README.md: corrected NPMplus rule table to TWO rules (/api/* with SSE-friendly proxy_buffering=off + 24h read_timeout + Connection "" + http/1.1, and /); added post-cutover smoke checks section with a concrete SSE streaming test that catches silent proxy_buffering=on misconfig; documented the /root/currencicombo-first-keys.txt handoff and the install-prune-cron.sh workflow; replaced stale 'not auto-pruned' note. Verification: - shellcheck --severity=warning: clean on all 3 scripts. - bash -n: clean on install-prune-cron.sh. - install-prune-cron.sh --dry-run: prints the pruner body with resolved env values as expected. - install.sh --dry-run: walks through user/dirs/nginx-apt steps, then fails fast on missing psql (expected on a build box without Postgres). Co-Authored-By: Nakamoto, S <defi@defi-oracle.io>	2026-04-22 23:30:34 +00:00
Devin AI	361776ab2e	PR AA: Phoenix / systemd deployment scaffolding (migrate Phoenix off Next.js stub) Some checks failed CI / Frontend Lint (pull_request) Failing after 7s Details CI / Frontend Type Check (pull_request) Failing after 6s Details CI / Frontend Build (pull_request) Failing after 8s Details CI / Frontend E2E Tests (pull_request) Failing after 8s Details CI / Orchestrator Build (pull_request) Failing after 7s Details CI / Orchestrator Unit Tests (pull_request) Failing after 6s Details CI / Orchestrator E2E (Testcontainers) (pull_request) Has been skipped Details CI / Contracts Compile (pull_request) Failing after 6s Details CI / Contracts Test (pull_request) Failing after 7s Details Code Quality / SonarQube Analysis (pull_request) Failing after 19s Details Code Quality / Code Quality Checks (pull_request) Failing after 6s Details Security Scan / Dependency Vulnerability Scan (pull_request) Failing after 4s Details Security Scan / OWASP ZAP Scan (pull_request) Failing after 5s Details Closes the gap between Gitea main (`b48eb2a`, Vite portal + Node orchestrator, 29 PRs merged, 167 tests) and what's actually serving curucombo.xn--vov0g.com (Next.js 'ISO-20022 Combo Flow' app from an unpushed local `b118b2b` checkout). After this PR is merged and the runbook in scripts/deployment/README.md is followed on CT 8604, the Phoenix deployment will serve d-bis/CurrenciCombo main. Artifacts (all under scripts/deployment/): - systemd/currencicombo-orchestrator.service - Node orchestrator, EnvironmentFile=/etc/currencicombo/orchestrator.env, full systemd hardening (ProtectSystem=strict, PrivateTmp, no caps). - systemd/currencicombo-webapp.service - nginx serving Vite SPA on :3000 via RuntimeDirectory=/run/currencicombo-webapp. - webapp-nginx.conf - self-contained nginx config; intentionally 421s on /api/* and /events/* so an NPMplus misconfig fails loudly instead of silently returning index.html. - .env.prod.example - template for /etc/currencicombo/orchestrator.env. Documents every EXT-* blocker env var 1:1 with the Proxmox repo's check-external-dependencies.sh. - install.sh - idempotent host setup: user, dirs, nginx, fresh Postgres role/DB (--force-recreate-db to wipe), Redis autodetect, env file with auto-generated EVENT_SIGNING_SECRET + 3 API keys, systemd units enabled but not started. --dry-run supported. - deploy-currencicombo-8604.sh - build-and-swap deploy driver (the script deploy-targets.json / phoenix-deploy-api calls): git fetch/reset, orchestrator tsc build, portal vite build with VITE_ORCHESTRATOR_URL baked in, migrations, timestamped backup, systemctl stop, rsync, systemctl start, smoke /ready + portal /, grep EXT-* from journalctl. --ref, --dry-run, --skip-migrate, --skip-build, --rollback. - README.md - architecture diagram, first-time setup (8 steps), NPMplus ingress rule table, subsequent- deploy one-liner, rollback, troubleshooting table, cutover-from- pre-existing-Next.js sequence, explicit list of Proxmox-side follow-ups. Target-agnostic: no IP / hostname / VLAN hardcoded. The only file that embeds the public hostname is README.md (for documentation) and the default VITE_ORCHESTRATOR_URL in deploy-currencicombo-8604.sh (which is overridable via env). Single-origin NPMplus routing (confirmed with user): curucombo.\xe6\x9b\xbc\xe6\x9d\x8e.com/api/* -> 10.160.0.14:8080 (orchestrator) curucombo.\xe6\x9b\xbc\xe6\x9d\x8e.com/events/* -> 10.160.0.14:8080 (SSE) curucombo.\xe6\x9b\xbc\xe6\x9d\x8e.com/* -> 10.160.0.14:3000 (Vite SPA) Verified on this box (headless): - shellcheck --severity=warning: clean on both scripts. - bash -n: clean on both scripts. - systemd-analyze verify: both unit files parse cleanly (only complaint is /usr/sbin/nginx not being executable, expected -- nginx is installed at deploy time). - install.sh --dry-run: fails fast with the expected FATAL on hosts without psql (build box). On CT 8604 with Postgres+Redis already installed, it walks through every step. - deploy-currencicombo-8604.sh --help: prints the usage. No runtime code changes. Non-UI. Complements PR #30 (docker-compose sandbox) which remains the local-dev path. Proxmox-side follow-up (separate commit on /home/intlc/projects/proxmox after this PR merges and cutover runs cleanly): - Update phoenix-deploy-api/deploy-targets.json to point at scripts/deployment/deploy-currencicombo-8604.sh. - Retire the inaccurate "Next.js webapp with ignoreBuildErrors" language in EXTERNAL_DEPENDENCY_BLOCKERS.md. Co-Authored-By: Nakamoto, S <defi@defi-oracle.io>	2026-04-22 23:05:18 +00:00

Devin AI

ded7d24924

PR AA follow-up: manual-rollback loud-failure summary + keep-min-5 backup-prune cron + root-only initial-keys handoff file

CI / Frontend Lint (pull_request) Failing after 7s

Details

CI / Frontend Type Check (pull_request) Failing after 7s

Details

CI / Frontend Build (pull_request) Failing after 6s

Details

CI / Frontend E2E Tests (pull_request) Failing after 7s

Details

CI / Orchestrator Build (pull_request) Failing after 7s

Details

CI / Orchestrator Unit Tests (pull_request) Failing after 6s

Details

CI / Orchestrator E2E (Testcontainers) (pull_request) Has been skipped

Details

CI / Contracts Compile (pull_request) Failing after 5s

Details

CI / Contracts Test (pull_request) Failing after 6s

Details

Code Quality / SonarQube Analysis (pull_request) Failing after 20s

Details

Code Quality / Code Quality Checks (pull_request) Failing after 7s

Details

Security Scan / Dependency Vulnerability Scan (pull_request) Failing after 4s

Details

Security Scan / OWASP ZAP Scan (pull_request) Failing after 4s

Details

- deploy-currencicombo-8604.sh: on readiness timeout, print loud failure
  summary (journalctl tails + exact --rollback command with specific
  backup path) instead of silently exiting. Deliberately does NOT
  auto-rollback; first cutovers often fail because of env/migration
  mistakes and auto-restore hides the failure state ops needs.
- install.sh: on first run, write the three API keys + EVENT_SIGNING_SECRET
  to /root/currencicombo-first-keys.txt (0600, root:root) as a handoff
  copy. Canonical values still live in /etc/currencicombo/orchestrator.env.
  Log one pointer line (not the secrets themselves) to journald.
  Handoff file is NOT regenerated if orchestrator.env already exists.
- install-prune-cron.sh (new, opt-in): installs /etc/cron.daily/
  currencicombo-prune-backups that deletes entries older than 30 days
  from /var/lib/currencicombo/backups/ WHILE always keeping the newest
  5 regardless of age. Enforced via newest-first sort + i<KEEP_MIN skip.
- webapp-nginx.conf: drop the misleading /events/* 421 guard-rail. The
  orchestrator's SSE endpoint is /api/plans/:id/events/stream (under
  /api/), so one /api/* guard-rail covers both normal REST and SSE.
- README.md: corrected NPMplus rule table to TWO rules (/api/* with
  SSE-friendly proxy_buffering=off + 24h read_timeout + Connection ""
  + http/1.1, and /); added post-cutover smoke checks section with a
  concrete SSE streaming test that catches silent proxy_buffering=on
  misconfig; documented the /root/currencicombo-first-keys.txt handoff
  and the install-prune-cron.sh workflow; replaced stale 'not auto-pruned'
  note.

Verification:
- shellcheck --severity=warning: clean on all 3 scripts.
- bash -n: clean on install-prune-cron.sh.
- install-prune-cron.sh --dry-run: prints the pruner body with resolved
  env values as expected.
- install.sh --dry-run: walks through user/dirs/nginx-apt steps, then
  fails fast on missing psql (expected on a build box without Postgres).

Co-Authored-By: Nakamoto, S <defi@defi-oracle.io>

2026-04-22 23:30:34 +00:00

Devin AI

361776ab2e

PR AA: Phoenix / systemd deployment scaffolding (migrate Phoenix off Next.js stub)

CI / Frontend Lint (pull_request) Failing after 7s

Details

CI / Frontend Type Check (pull_request) Failing after 6s

Details

CI / Frontend Build (pull_request) Failing after 8s

Details

CI / Frontend E2E Tests (pull_request) Failing after 8s

Details

CI / Orchestrator Build (pull_request) Failing after 7s

Details

CI / Orchestrator Unit Tests (pull_request) Failing after 6s

Details

CI / Orchestrator E2E (Testcontainers) (pull_request) Has been skipped

Details

CI / Contracts Compile (pull_request) Failing after 6s

Details

CI / Contracts Test (pull_request) Failing after 7s

Details

Code Quality / SonarQube Analysis (pull_request) Failing after 19s

Details

Code Quality / Code Quality Checks (pull_request) Failing after 6s

Details

Security Scan / Dependency Vulnerability Scan (pull_request) Failing after 4s

Details

Security Scan / OWASP ZAP Scan (pull_request) Failing after 5s

Details

Closes the gap between Gitea main (b48eb2a, Vite portal + Node
orchestrator, 29 PRs merged, 167 tests) and what's actually serving
curucombo.xn--vov0g.com (Next.js 'ISO-20022 Combo Flow' app from an
unpushed local b118b2b checkout). After this PR is merged and the
runbook in scripts/deployment/README.md is followed on CT 8604, the
Phoenix deployment will serve d-bis/CurrenciCombo main.

Artifacts (all under scripts/deployment/):
- systemd/currencicombo-orchestrator.service  - Node orchestrator,
  EnvironmentFile=/etc/currencicombo/orchestrator.env, full systemd
  hardening (ProtectSystem=strict, PrivateTmp, no caps).
- systemd/currencicombo-webapp.service        - nginx serving Vite
  SPA on :3000 via RuntimeDirectory=/run/currencicombo-webapp.
- webapp-nginx.conf                            - self-contained nginx
  config; intentionally 421s on /api/* and /events/* so an NPMplus
  misconfig fails loudly instead of silently returning index.html.
- .env.prod.example                            - template for
  /etc/currencicombo/orchestrator.env. Documents every EXT-* blocker
  env var 1:1 with the Proxmox repo's check-external-dependencies.sh.
- install.sh                                   - idempotent host setup:
  user, dirs, nginx, fresh Postgres role/DB (--force-recreate-db to
  wipe), Redis autodetect, env file with auto-generated
  EVENT_SIGNING_SECRET + 3 API keys, systemd units enabled but not
  started. --dry-run supported.
- deploy-currencicombo-8604.sh                 - build-and-swap deploy
  driver (the script deploy-targets.json / phoenix-deploy-api calls):
  git fetch/reset, orchestrator tsc build, portal vite build with
  VITE_ORCHESTRATOR_URL baked in, migrations, timestamped backup,
  systemctl stop, rsync, systemctl start, smoke /ready + portal /,
  grep EXT-* from journalctl. --ref, --dry-run, --skip-migrate,
  --skip-build, --rollback.
- README.md                                    - architecture diagram,
  first-time setup (8 steps), NPMplus ingress rule table, subsequent-
  deploy one-liner, rollback, troubleshooting table, cutover-from-
  pre-existing-Next.js sequence, explicit list of Proxmox-side
  follow-ups.

Target-agnostic: no IP / hostname / VLAN hardcoded. The only file that
embeds the public hostname is README.md (for documentation) and the
default VITE_ORCHESTRATOR_URL in deploy-currencicombo-8604.sh (which
is overridable via env).

Single-origin NPMplus routing (confirmed with user):
  curucombo.\xe6\x9b\xbc\xe6\x9d\x8e.com/api/*     -> 10.160.0.14:8080  (orchestrator)
  curucombo.\xe6\x9b\xbc\xe6\x9d\x8e.com/events/*  -> 10.160.0.14:8080  (SSE)
  curucombo.\xe6\x9b\xbc\xe6\x9d\x8e.com/*         -> 10.160.0.14:3000  (Vite SPA)

Verified on this box (headless):
- shellcheck --severity=warning: clean on both scripts.
- bash -n: clean on both scripts.
- systemd-analyze verify: both unit files parse cleanly (only complaint
  is /usr/sbin/nginx not being executable, expected -- nginx is
  installed at deploy time).
- install.sh --dry-run: fails fast with the expected FATAL on hosts
  without psql (build box). On CT 8604 with Postgres+Redis already
  installed, it walks through every step.
- deploy-currencicombo-8604.sh --help: prints the usage.

No runtime code changes. Non-UI. Complements PR #30 (docker-compose
sandbox) which remains the local-dev path.

Proxmox-side follow-up (separate commit on /home/intlc/projects/proxmox
after this PR merges and cutover runs cleanly):
- Update phoenix-deploy-api/deploy-targets.json to point at
  scripts/deployment/deploy-currencicombo-8604.sh.
- Retire the inaccurate "Next.js webapp with ignoreBuildErrors"
  language in EXTERNAL_DEPENDENCY_BLOCKERS.md.

Co-Authored-By: Nakamoto, S <defi@defi-oracle.io>

2026-04-22 23:05:18 +00:00

PR AA: Phoenix / systemd deployment scaffolding (migrate Phoenix off Next.js stub) #31

2 Commits