From b9d3c10d015016772973c851054368ea0a459783 Mon Sep 17 00:00:00 2001 From: defiQUG Date: Fri, 27 Mar 2026 00:27:10 -0700 Subject: [PATCH] ops: CCIP relay systemd unit, TsunamiSwap VM 5010 inventory script - config/systemd/ccip-relay.service for /opt/smom-dbis-138/services/relay/start-relay.sh - tsunamiswap-vm-5010-provision.sh checks qm status on PROXMOX_HOST - AGENTS.md pointers for relay and TsunamiSwap Made-with: Cursor --- AGENTS.md | 2 ++ config/systemd/ccip-relay.service | 23 +++++++++++++++ .../tsunamiswap-vm-5010-provision.sh | 28 +++++++++++++++++++ 3 files changed, 53 insertions(+) create mode 100644 config/systemd/ccip-relay.service create mode 100755 scripts/deployment/tsunamiswap-vm-5010-provision.sh diff --git a/AGENTS.md b/AGENTS.md index b0e9fa1..acb33a9 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -18,6 +18,8 @@ Orchestration for Proxmox VE, Chain 138 (`smom-dbis-138/`), explorers, NPMplus, | Live vs template (read-only SSH) | `bash scripts/verify/audit-proxmox-operational-template.sh` | | Config validation | `bash scripts/validation/validate-config-files.sh` | | Sankofa portal → CT 7801 (build + restart) | `./scripts/deployment/sync-sankofa-portal-7801.sh` (`--dry-run` first); sets `NEXTAUTH_URL` on CT via `sankofa-portal-ensure-nextauth-on-ct.sh` | +| The Order portal (`https://the-order.sankofa.nexus`) | OSJ management UI (secure auth); source repo **the_order** at `~/projects/the_order`. NPM upstream defaults to portal 7801 until order-haproxy (10210) is set via `THE_ORDER_UPSTREAM_*` in `update-npmplus-proxy-hosts-api.sh`. **`www.the-order.sankofa.nexus`** is updated to **301** to the apex hostname (same as www.sankofa / www.phoenix). | +| Portal login + Keycloak systemd + `.env` (prints password once) | `./scripts/deployment/enable-sankofa-portal-login-7801.sh` (`--dry-run` first) | | Completable (no LAN) | `./scripts/run-completable-tasks-from-anywhere.sh` | | Operator (LAN + secrets) | `./scripts/run-all-operator-tasks-from-lan.sh` (use `--skip-backup` if `NPM_PASSWORD` unset) | diff --git a/config/systemd/ccip-relay.service b/config/systemd/ccip-relay.service new file mode 100644 index 0000000..87c6ff7 --- /dev/null +++ b/config/systemd/ccip-relay.service @@ -0,0 +1,23 @@ +# Install on Proxmox host (e.g. r630-01) where /opt/smom-dbis-138/services/relay exists: +# sudo cp config/systemd/ccip-relay.service /etc/systemd/system/ccip-relay.service +# sudo systemctl daemon-reload && sudo systemctl enable --now ccip-relay +# +# Uses start-relay.sh (loads parent .env and relay/.env.local). + +[Unit] +Description=CCIP relay service (Chain 138 to Mainnet) +After=network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=root +WorkingDirectory=/opt/smom-dbis-138/services/relay +ExecStart=/bin/bash /opt/smom-dbis-138/services/relay/start-relay.sh +Restart=on-failure +RestartSec=15 +StartLimitIntervalSec=300 +StartLimitBurst=5 + +[Install] +WantedBy=multi-user.target diff --git a/scripts/deployment/tsunamiswap-vm-5010-provision.sh b/scripts/deployment/tsunamiswap-vm-5010-provision.sh new file mode 100755 index 0000000..94b2f66 --- /dev/null +++ b/scripts/deployment/tsunamiswap-vm-5010-provision.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash +# TsunamiSwap VM 5010 — inventory check + example qm lines (always informational). +# Ref: docs/00-meta/OPERATOR_READY_CHECKLIST.md section 5c. +# +# Usage: ./scripts/deployment/tsunamiswap-vm-5010-provision.sh +# Env: PROXMOX_HOST (default 192.168.11.11), TSUNAMI_VMID (5010) +# +set -euo pipefail +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" +# shellcheck source=/dev/null +source "${PROJECT_ROOT}/config/ip-addresses.conf" 2>/dev/null || true + +PROXMOX_HOST="${PROXMOX_HOST:-${PROXMOX_HOST_R630_01:-192.168.11.11}}" +VMID="${TSUNAMI_VMID:-5010}" +SSH_OPTS="-o BatchMode=yes -o ConnectTimeout=15 -o StrictHostKeyChecking=accept-new" + +echo "=== TsunamiSwap VM ${VMID} on ${PROXMOX_HOST} ===" +if ssh $SSH_OPTS "root@${PROXMOX_HOST}" "qm status ${VMID} 2>/dev/null" | grep -q .; then + echo "Status: VMID ${VMID} exists." + ssh $SSH_OPTS "root@${PROXMOX_HOST}" "qm status ${VMID}" + exit 0 +fi + +echo "Status: VMID ${VMID} not found (still to provision)." +echo "Checklist target: r630-01, 8 vCPU, 16 GB RAM, ~160 GB, IP e.g. 192.168.11.91." +echo "Create with your Proxmox template/ISO, then run setup/deploy scripts if available." +exit 0