docs/temporary/DEPLOYMENT_CHECKLIST.md

# Deployment Checklist

## Phase 1: Infrastructure Setup ✅

- [x] Proxmox connections verified
- [x] Environment variables configured
- [x] Setup scripts created
- [ ] Service VMs created
- [ ] OS installed on VMs
- [ ] Network configured (static IPs)

## Phase 2: Cloudflare Tunnel

- [ ] Cloudflare Tunnel VM created
- [ ] cloudflared installed
- [ ] Tunnel authenticated
- [ ] Tunnel created
- [ ] Configuration file created
- [ ] Systemd service configured
- [ ] DNS records configured
- [ ] Zero Trust policies configured
- [ ] Tunnel tested and verified

## Phase 3: Kubernetes (K3s)

- [ ] K3s VM created
- [ ] K3s installed
- [ ] Cluster verified
- [ ] kubectl configured
- [ ] Namespaces created
- [ ] Ingress controller deployed
- [ ] Cert-manager deployed

## Phase 4: Git Server

- [ ] Git Server VM created
- [ ] Gitea/GitLab installed
- [ ] Initial configuration completed
- [ ] GitOps repository created
- [ ] SSH keys configured

## Phase 5: Observability

- [ ] Observability VM created
- [ ] Prometheus deployed
- [ ] Grafana deployed
- [ ] Dashboards configured
- [ ] Alerting rules configured

## Phase 6: HC Stack Services

- [ ] Hyperledger Besu deployed
- [ ] Hyperledger Firefly deployed
- [ ] Chainlink CCIP deployed
- [ ] Blockscout deployed
- [ ] Services verified

## Phase 7: Security & Hardening

- [ ] Proxmox RBAC accounts created
- [ ] API tokens generated
- [ ] Firewall rules configured
- [ ] SSH hardening completed
- [ ] Backup strategy implemented

## Phase 8: Documentation

- [ ] Network diagrams updated
- [ ] Runbooks created
- [ ] Access matrix documented
- [ ] IP address list documented
Initial commit: loc_az_hci (smom-dbis-138 excluded via .gitignore) Co-authored-by: Cursor <cursoragent@cursor.com> 2026-02-08 09:04:46 -08:00			`# Deployment Checklist`

			`## Phase 1: Infrastructure Setup ✅`

			`- [x] Proxmox connections verified`
			`- [x] Environment variables configured`
			`- [x] Setup scripts created`
			`- [ ] Service VMs created`
			`- [ ] OS installed on VMs`
			`- [ ] Network configured (static IPs)`

			`## Phase 2: Cloudflare Tunnel`

			`- [ ] Cloudflare Tunnel VM created`
			`- [ ] cloudflared installed`
			`- [ ] Tunnel authenticated`
			`- [ ] Tunnel created`
			`- [ ] Configuration file created`
			`- [ ] Systemd service configured`
			`- [ ] DNS records configured`
			`- [ ] Zero Trust policies configured`
			`- [ ] Tunnel tested and verified`

			`## Phase 3: Kubernetes (K3s)`

			`- [ ] K3s VM created`
			`- [ ] K3s installed`
			`- [ ] Cluster verified`
			`- [ ] kubectl configured`
			`- [ ] Namespaces created`
			`- [ ] Ingress controller deployed`
			`- [ ] Cert-manager deployed`

			`## Phase 4: Git Server`

			`- [ ] Git Server VM created`
			`- [ ] Gitea/GitLab installed`
			`- [ ] Initial configuration completed`
			`- [ ] GitOps repository created`
			`- [ ] SSH keys configured`

			`## Phase 5: Observability`

			`- [ ] Observability VM created`
			`- [ ] Prometheus deployed`
			`- [ ] Grafana deployed`
			`- [ ] Dashboards configured`
			`- [ ] Alerting rules configured`

			`## Phase 6: HC Stack Services`

			`- [ ] Hyperledger Besu deployed`
			`- [ ] Hyperledger Firefly deployed`
			`- [ ] Chainlink CCIP deployed`
			`- [ ] Blockscout deployed`
			`- [ ] Services verified`

			`## Phase 7: Security & Hardening`

			`- [ ] Proxmox RBAC accounts created`
			`- [ ] API tokens generated`
			`- [ ] Firewall rules configured`
			`- [ ] SSH hardening completed`
			`- [ ] Backup strategy implemented`

			`## Phase 8: Documentation`

			`- [ ] Network diagrams updated`
			`- [ ] Runbooks created`
			`- [ ] Access matrix documented`
			`- [ ] IP address list documented`