Add full monorepo: virtual-banker, backend, frontend, docs, scripts, deployment

Co-authored-by: Cursor <cursoragent@cursor.com>

scripts/complete-explorer-api-access.sh

@@ -0,0 +1,210 @@
+#!/usr/bin/env bash
+# Complete all steps to provide explorer API access:
+# 1) Start Blockscout in VMID 5000
+# 2) Deploy frontend and nginx config (location /api/ -> port 4000)
+# 3) Wait for API to respond
+# 4) Run verification
+#
+# Run from the Proxmox host that has VMID 5000, or from your machine with:
+#   EXPLORER_VM_HOST=root@192.168.11.12 bash scripts/complete-explorer-api-access.sh
+# (uses PROXMOX_R630_02 from repo .env if set and EXPLORER_VM_HOST is not)
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+REPO_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
+[ -f "$REPO_ROOT/../.env" ] && source "$REPO_ROOT/../.env" 2>/dev/null || true
+[ -f "$REPO_ROOT/.env" ] && source "$REPO_ROOT/.env" 2>/dev/null || true
+
+VMID="${EXPLORER_VMID:-5000}"
+EXPLORER_NODE="${EXPLORER_VM_HOST:-${PROXMOX_R630_02:-192.168.11.12}}"
+# If EXPLORER_VM_HOST is user@host, use it; else we have only IP
+if [[ "$EXPLORER_NODE" == *"@"* ]]; then
+    SSH_TARGET="$EXPLORER_NODE"
+else
+    SSH_TARGET="root@$EXPLORER_NODE"
+fi
+
+# --- Remote mode: no pct here, run on Proxmox node via SSH ---
+if ! command -v pct &>/dev/null || ! pct list 2>/dev/null | grep -q "^$VMID "; then
+    if [ -n "${EXPLORER_VM_HOST:-}" ] || [ -n "${PROXMOX_R630_02:-}" ]; then
+        echo "=============================================="
+        echo "Running on Proxmox node via SSH: $SSH_TARGET"
+        echo "=============================================="
+        FRONTEND_FILE="$REPO_ROOT/frontend/public/index.html"
+        if [ ! -f "$FRONTEND_FILE" ]; then
+            echo "❌ Frontend not found: $FRONTEND_FILE"
+            exit 1
+        fi
+        scp -o StrictHostKeyChecking=no -o ConnectTimeout=10 "$FRONTEND_FILE" "$SSH_TARGET:/tmp/explorer-index.html" || exit 1
+        scp -o StrictHostKeyChecking=no -o ConnectTimeout=10 "$SCRIPT_DIR/complete-explorer-api-access.sh" "$SSH_TARGET:/tmp/complete-explorer-api-access.sh" || true
+        scp -o StrictHostKeyChecking=no -o ConnectTimeout=10 "$SCRIPT_DIR/verify-explorer-api-access.sh" "$SSH_TARGET:/tmp/verify-explorer-api-access.sh" 2>/dev/null || true
+        ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 "$SSH_TARGET" "FRONTEND_SOURCE=/tmp/explorer-index.html EXPLORER_VM_HOST= bash /tmp/complete-explorer-api-access.sh"
+        exit $?
+    else
+        echo "❌ pct not found and EXPLORER_VM_HOST / PROXMOX_R630_02 not set."
+        echo "   Run this script on the Proxmox host that has VMID $VMID, or set:"
+        echo "   EXPLORER_VM_HOST=root@<proxmox-node-ip>"
+        exit 1
+    fi
+fi
+
+# --- Local mode: we have pct and VMID 5000 ---
+EXEC_PREFIX="pct exec $VMID --"
+FRONTEND_SOURCE="${FRONTEND_SOURCE:-$REPO_ROOT/frontend/public/index.html}"
+
+echo "=============================================="
+echo "Complete Explorer API Access (VMID $VMID)"
+echo "=============================================="
+echo ""
+
+# Step 1: Start Blockscout
+echo "=== Step 1: Starting Blockscout ==="
+$EXEC_PREFIX bash -c '
+set -e
+BLOCKSCOUT_DIR="/opt/blockscout"
+if [ -f "$BLOCKSCOUT_DIR/docker-compose.yml" ]; then
+    cd "$BLOCKSCOUT_DIR"
+    docker compose up -d blockscout 2>/dev/null || docker compose up -d 2>/dev/null || true
+else
+    CONTAINER=$(docker ps -a --format "{{.Names}}" 2>/dev/null | grep -E "blockscout" | grep -v postgres | head -1)
+    if [ -n "$CONTAINER" ]; then
+        docker start $CONTAINER 2>/dev/null || true
+    fi
+fi
+' 2>/dev/null || true
+echo "✅ Blockscout start requested"
+sleep 3
+echo ""
+
+# Step 2: Deploy frontend
+echo "=== Step 2: Deploying frontend ==="
+if [ ! -f "$FRONTEND_SOURCE" ]; then
+    echo "❌ Frontend not found: $FRONTEND_SOURCE"
+    exit 1
+fi
+$EXEC_PREFIX mkdir -p /var/www/html
+$EXEC_PREFIX chown -R www-data:www-data /var/www/html 2>/dev/null || true
+pct push $VMID "$FRONTEND_SOURCE" /var/www/html/index.html 2>/dev/null || true
+$EXEC_PREFIX chown www-data:www-data /var/www/html/index.html 2>/dev/null || true
+echo "✅ Frontend deployed"
+echo ""
+
+# Step 3: Nginx config (location /api/ -> 4000)
+echo "=== Step 3: Configuring nginx ==="
+$EXEC_PREFIX bash << 'NGINX_EOF'
+set -e
+cat > /etc/nginx/sites-available/blockscout << 'NGINX_CONF'
+# HTTP server - redirect to HTTPS
+server {
+    listen 80;
+    listen [::]:80;
+    server_name explorer.d-bis.org 192.168.11.140;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/html;
+    }
+
+    location /api/ {
+        proxy_pass http://127.0.0.1:4000;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        add_header Access-Control-Allow-Origin *;
+    }
+
+    location = / {
+        root /var/www/html;
+        try_files /index.html =404;
+    }
+
+    location / {
+        return 301 https://$host$request_uri;
+    }
+}
+
+# HTTPS server
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name explorer.d-bis.org 192.168.11.140;
+
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+
+    access_log /var/log/nginx/blockscout-access.log;
+    error_log /var/log/nginx/blockscout-error.log;
+
+    location = / {
+        root /var/www/html;
+        try_files /index.html =404;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
+        root /var/www/html;
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+    }
+
+    location /api/ {
+        proxy_pass http://127.0.0.1:4000;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_read_timeout 300s;
+        add_header Access-Control-Allow-Origin *;
+        add_header Access-Control-Allow-Methods "GET, POST, OPTIONS";
+        add_header Access-Control-Allow-Headers "Content-Type";
+    }
+}
+NGINX_CONF
+
+ln -sf /etc/nginx/sites-available/blockscout /etc/nginx/sites-enabled/blockscout 2>/dev/null || true
+nginx -t 2>/dev/null && systemctl reload nginx 2>/dev/null || systemctl restart nginx 2>/dev/null || true
+echo "✅ Nginx configured and reloaded"
+NGINX_EOF
+echo ""
+
+# Step 4: Wait for Blockscout on port 4000
+echo "=== Step 4: Waiting for Blockscout API (port 4000) ==="
+WAIT_MAX="${BLOCKSCOUT_WAIT_MAX:-45}"
+WAIT_DONE=0
+while [ $WAIT_DONE -lt $WAIT_MAX ]; do
+    if $EXEC_PREFIX curl -sS -f -o /dev/null -w "%{http_code}" --connect-timeout 3 http://127.0.0.1:4000/api/v2/stats 2>/dev/null | grep -q 200; then
+        echo "✅ Blockscout API responding"
+        break
+    fi
+    sleep 5
+    WAIT_DONE=$((WAIT_DONE + 5))
+    echo "   ... waiting (${WAIT_DONE}s)"
+done
+if [ $WAIT_DONE -ge $WAIT_MAX ]; then
+    echo "⚠️  Blockscout did not respond within ${WAIT_MAX}s. Continuing verification anyway."
+fi
+echo ""
+
+# Step 5: Verify
+echo "=== Step 5: Verification ==="
+BASE_URL="${EXPLORER_BASE_URL:-https://explorer.d-bis.org}"
+VERIFY_SCRIPT="$SCRIPT_DIR/verify-explorer-api-access.sh"
+[ -f /tmp/verify-explorer-api-access.sh ] && VERIFY_SCRIPT="/tmp/verify-explorer-api-access.sh"
+if [ -f "$VERIFY_SCRIPT" ]; then
+    bash "$VERIFY_SCRIPT" "$BASE_URL" || true
+else
+    echo "Verification script not found; manual check:"
+    echo "  curl -sS -o /dev/null -w '%{http_code}' $BASE_URL/api/v2/stats"
+fi
+
+echo ""
+echo "=============================================="
+echo "Complete. Test: curl -I $BASE_URL/api/v2/stats"
+echo "=============================================="