Add full monorepo: virtual-banker, backend, frontend, docs, scripts, deployment

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-10 11:32:49 -08:00
parent aafcd913c2
commit 88bc76da91
815 changed files with 125522 additions and 264 deletions
--- a/scripts/fix-nginx-conflicts-vmid5000.sh
+++ b/scripts/fix-nginx-conflicts-vmid5000.sh
@@ -0,0 +1,219 @@
+#!/bin/bash
+
+# Fix nginx conflicting server name warnings on VMID 5000
+# Run this directly in VMID 5000
+
+set -euo pipefail
+
+echo "=========================================="
+echo "Fixing Nginx Configuration Conflicts"
+echo "=========================================="
+echo ""
+
+# Step 1: List all enabled sites
+echo "=== Step 1: Checking Enabled Sites ==="
+echo "Enabled nginx sites:"
+ls -la /etc/nginx/sites-enabled/ 2>/dev/null || echo "No sites-enabled directory"
+echo ""
+
+# Step 2: Find all config files with conflicting server names
+echo "=== Step 2: Finding Conflicting Configurations ==="
+echo "Files containing 'explorer.d-bis.org':"
+grep -r "explorer.d-bis.org" /etc/nginx/sites-enabled/ /etc/nginx/sites-available/ 2>/dev/null | cut -d: -f1 | sort -u
+echo ""
+
+# Step 3: Backup existing configs
+echo "=== Step 3: Backing Up Existing Configs ==="
+BACKUP_DIR="/root/nginx-backup-$(date +%Y%m%d-%H%M%S)"
+mkdir -p "$BACKUP_DIR"
+cp -r /etc/nginx/sites-available/* "$BACKUP_DIR/" 2>/dev/null || true
+cp -r /etc/nginx/sites-enabled/* "$BACKUP_DIR/enabled/" 2>/dev/null || true
+echo "✅ Backups saved to: $BACKUP_DIR"
+echo ""
+
+# Step 4: Remove all enabled sites
+echo "=== Step 4: Removing All Enabled Sites ==="
+rm -f /etc/nginx/sites-enabled/*
+echo "✅ All enabled sites removed"
+echo ""
+
+# Step 5: Create a single clean configuration
+echo "=== Step 5: Creating Clean Configuration ==="
+CONFIG_FILE="/etc/nginx/sites-available/blockscout"
+
+cat > "$CONFIG_FILE" << 'EOF'
+# HTTP server - redirect to HTTPS
+server {
+    listen 80;
+    listen [::]:80;
+    server_name explorer.d-bis.org 192.168.11.140;
+
+    # Allow Let's Encrypt challenges
+    location /.well-known/acme-challenge/ {
+        root /var/www/html;
+        try_files $uri =404;
+    }
+
+    # Redirect all other HTTP to HTTPS
+    location / {
+        return 301 https://$host$request_uri;
+    }
+}
+
+# HTTPS server - Blockscout Explorer
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name explorer.d-bis.org 192.168.11.140;
+
+    # SSL configuration (if certificates exist)
+    ssl_certificate /etc/letsencrypt/live/explorer.d-bis.org/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/explorer.d-bis.org/privkey.pem;
+    
+    # Fallback to self-signed if Let's Encrypt not available
+    if (!-f /etc/letsencrypt/live/explorer.d-bis.org/fullchain.pem) {
+        ssl_certificate /etc/nginx/ssl/blockscout.crt;
+        ssl_certificate_key /etc/nginx/ssl/blockscout.key;
+    }
+    
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384';
+    ssl_prefer_server_ciphers off;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+
+    # Security headers
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+
+    # Logging
+    access_log /var/log/nginx/blockscout-access.log;
+    error_log /var/log/nginx/blockscout-error.log;
+
+    # Blockscout Explorer endpoint - proxy to Blockscout
+    location / {
+        proxy_pass http://127.0.0.1:4000;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header Connection "";
+        proxy_buffering off;
+        proxy_request_buffering off;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $connection_upgrade;
+        proxy_read_timeout 300s;
+        proxy_connect_timeout 75s;
+    }
+
+    # API endpoint (for Blockscout API)
+    location /api/ {
+        proxy_pass http://127.0.0.1:4000;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_read_timeout 300s;
+        proxy_connect_timeout 75s;
+        add_header Access-Control-Allow-Origin *;
+        add_header Access-Control-Allow-Methods "GET, POST, OPTIONS";
+        add_header Access-Control-Allow-Headers "Content-Type";
+    }
+
+    # Health check endpoint
+    location /health {
+        access_log off;
+        proxy_pass http://127.0.0.1:4000/api/v2/status;
+        proxy_set_header Host $host;
+        add_header Content-Type application/json;
+    }
+}
+
+# WebSocket upgrade mapping
+map $http_upgrade $connection_upgrade {
+    default upgrade;
+    '' close;
+}
+EOF
+
+echo "✅ Clean configuration created: $CONFIG_FILE"
+echo ""
+
+# Step 6: Enable the site
+echo "=== Step 6: Enabling Blockscout Site ==="
+ln -sf "$CONFIG_FILE" /etc/nginx/sites-enabled/blockscout
+echo "✅ Site enabled"
+echo ""
+
+# Step 7: Test configuration
+echo "=== Step 7: Testing Configuration ==="
+if nginx -t 2>&1 | grep -q "test is successful"; then
+    echo "✅ Nginx configuration is valid"
+    CONFIG_VALID=true
+    # Show warnings if any (but they should be gone now)
+    nginx -t 2>&1 | grep -i warn || echo "No warnings!"
+else
+    echo "❌ Nginx configuration has errors"
+    nginx -t
+    exit 1
+fi
+echo ""
+
+# Step 8: Restart nginx
+if [ "$CONFIG_VALID" = true ]; then
+    echo "=== Step 8: Restarting Nginx ==="
+    if systemctl restart nginx; then
+        echo "✅ Nginx restarted successfully"
+    else
+        echo "❌ Failed to restart nginx"
+        systemctl status nginx --no-pager -l
+        exit 1
+    fi
+    echo ""
+    
+    sleep 2
+    
+    if systemctl is-active --quiet nginx; then
+        echo "✅ Nginx is running"
+    else
+        echo "❌ Nginx failed to start"
+        exit 1
+    fi
+fi
+echo ""
+
+# Step 9: Test endpoints
+echo "=== Step 9: Testing Endpoints ==="
+echo "Testing HTTP redirect..."
+HTTP_STATUS=$(curl -s -o /dev/null -w "%{http_code}" http://localhost/ 2>/dev/null || echo "000")
+echo "HTTP status: $HTTP_STATUS"
+
+echo "Testing API endpoint..."
+API_STATUS=$(curl -s -o /dev/null -w "%{http_code}" http://localhost/api/v2/stats 2>/dev/null || echo "000")
+echo "API status: $API_STATUS"
+
+if [ "$API_STATUS" = "200" ]; then
+    echo "✅ API endpoint working"
+    curl -s http://localhost/api/v2/stats | head -3
+else
+    echo "⚠️  API endpoint returned status: $API_STATUS"
+fi
+echo ""
+
+echo "=========================================="
+echo "Summary"
+echo "=========================================="
+echo "✅ Configuration cleaned up"
+echo "✅ Single config file: $CONFIG_FILE"
+echo "✅ Nginx restarted"
+echo "✅ Backup saved to: $BACKUP_DIR"
+echo ""
+echo "To view logs:"
+echo "  tail -f /var/log/nginx/blockscout-access.log"
+echo "  tail -f /var/log/nginx/blockscout-error.log"
+echo ""
+