d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
201 Commits 2 Branches 0 Tags
282256a387e04bbdddd8907c942e0f96b4d542bf
Commit Graph

79 Commits

Author SHA1 Message Date
defiQUG
282256a387 fix(scripts): Besu fleet ops use load-project-env and scoped VMIDs 
Prefer load-project-env over raw ip-addresses.conf; add --vmid/--apply patterns
and safer dry-run defaults across fix-all-besu, static-nodes reload, node-list
deploy, max-peers rollout, rolling upgrade, and permissions verification.

Made-with: Cursor
 2026-04-12 06:44:12 -07:00
defiQUG
dbd517b279 Sync workspace: config, docs, scripts, CI, operator rules, and submodule pointers. 
- Update dbis_core, cross-chain-pmm-lps, explorer-monorepo, metamask-integration, pr-workspace/chains
- Omit embedded publish git dirs and empty placeholders from index

Made-with: Cursor
 2026-04-12 06:12:20 -07:00
defiQUG
6fb6bd3993 fix(pmm-soak): shellcheck-clean bots/tick/bootstrap; expand CI ShellCheck 
- bootstrap: split mnemonic export (SC2155), PMM_SOAK_RPC_URL_OVERRIDE, noprofile fund-grid, ASCII echoes, help header only
- chain138-tick: document POOLS global for SC2153
- random/grid bots: log line references INTEGRATION, USD bounds, gold, gas, log_tag (SC2034)
- validate-config: ShellCheck all 11 PMM soak + chain138-pmm shell scripts incl. smoke + bootstrap

Made-with: Cursor
 2026-04-12 03:43:35 -07:00
defiQUG
dc8abb06e2 PMM soak grid: fund-grid progress/ERR trap, complete-grid START_LEG and timing, tranche RPC override, grid funding doc 
- pmm-soak-operator-fund-grid: PMM_SOAK_FUND_PROGRESS_EVERY, ERR trap, help text comments only
- pmm-soak-complete-grid-funding-operator: PMM_SOAK_START_LEG resume, per-leg and total wall time
- pmm-soak-operator-fund-full-grid-tranches: PMM_SOAK_RPC_URL_OVERRIDE, bash --noprofile --norc, manual hint
- pmm-soak-mint-mirror-usdc-deployer-shortfall: ASCII-only operator messages
- CHAIN138_GRID_6534_WALLET_FUNDING_PLAN: full-grid orchestrator, env vars, log markers

Made-with: Cursor
 2026-04-11 20:56:40 -07:00
defiQUG
c6c57fa585 fix(it-ops): same-name IP dupes informational; Cloudflare SSL full helper
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 5s
Details 
- compute_ipam_drift: exit 2 only when same IP + different guest names; add same_name_duplicate_ip_guests
- set-sankofa-zone-ssl-mode.sh: PATCH zone ssl (full|strict|flexible|off)
- Docs + bootstrap log; AGENTS Cloudflare SSL row

Made-with: Cursor
 2026-04-09 02:32:53 -07:00
defiQUG
3e7c9b9941 fix(npm): IT API TLS helper + treat certificate_id string 0 as missing
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 6s
Details 
- jq select includes certificate_id == "0" for NPM JSON quirks
- request-it-api-tls-npm.sh wraps CERT_DOMAINS_FILTER for it-api.sankofa.nexus
- Docs: TLS command, Cloudflare redirect-loop note; spec remaining items

Made-with: Cursor
 2026-04-09 02:01:50 -07:00
defiQUG
a41c3adea0 feat(it-ops): LAN bootstrap for read API, NPM proxy, Cloudflare DNS
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 6s
Details 
- bootstrap-sankofa-it-read-api-lan.sh: rsync /opt/proxmox, systemd + env file,
  repo .env keys, portal CT 7801 merge, weekly export timer; tolerate export exit 2
- upsert-it-read-api-proxy-host.sh, add-it-api-sankofa-dns.sh
- systemd example uses EnvironmentFile; docs, spec, AGENTS, read API README

Made-with: Cursor
 2026-04-09 01:50:14 -07:00
defiQUG
bd3424d78b docs(deploy): sync output points to sankofa-portal-merge-it-read-api-env
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 5s
Details 
Made-with: Cursor
 2026-04-09 01:27:14 -07:00
defiQUG
236e71f0f0 feat(portal): merge IT_READ_API_* from repo .env to CT 7801
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 6s
Details 
- Add sankofa-portal-merge-it-read-api-env-from-repo.sh (base64-safe upsert + restart)
- Document in SANKOFA_IT_OPS_KEYCLOAK_PORTAL_NEXT_STEPS.md

Made-with: Cursor
 2026-04-09 01:23:19 -07:00
defiQUG
61841b8291 feat(it-ops): live inventory, drift API, Keycloak IT role, portal sync hint 
- Add scripts/it-ops (Proxmox collector, IPAM drift, export orchestrator)
- Add sankofa-it-read-api stub with optional CORS and refresh
- Add systemd examples for read API, weekly inventory export, timer
- Add live-inventory-drift GitHub workflow (dispatch + weekly)
- Add IT controller spec, runbooks, Keycloak ensure-it-admin-role script
- Note IT_READ_API env on portal sync completion output

Made-with: Cursor
 2026-04-09 01:20:00 -07:00
defiQUG
86a250f188 fix(scripts): surgical-clean honors submodules with .git file (gitdir pointer) 
Made-with: Cursor
 2026-04-07 22:48:05 -07:00
defiQUG
b117585cfd chore(submodules): miracles deploy-package hygiene; PMM micro-trade scenario 
- miracles_in_motion: untrack api/deploy-package tsc emit (zip layout from api/dist).
- cross-chain-pmm-lps: add gas-budgeted micro-trade scenario JSON + doc.
- surgical-clean-submodule-artifacts.sh: miracles_in_motion step; SUBMODULE_HYGIENE note.

Made-with: Cursor
 2026-04-07 22:46:39 -07:00
defiQUG
08940e85aa chore(submodules): ai-mcp canonical pools; metamask untrack dist; extend surgical clean 
- ai-mcp-pmm-controller: Chain 138 allowlist matches funded PMM pool addresses.
- metamask-integration: ignore and stop tracking tsc dist/.
- surgical-clean-submodule-artifacts.sh: include metamask-integration dist/ step.
- SUBMODULE_HYGIENE: note metamask dist/ pattern.

Made-with: Cursor
 2026-04-07 22:15:11 -07:00
defiQUG
518923203e docs(submodules): document surgical artifact cleanup helper; fix gitignore probe 
Made-with: Cursor
 2026-04-07 22:10:42 -07:00
defiQUG
07e0273dbc chore(submodules): record the-order + smom artifact hygiene; add surgical clean helper 
- Bump the-order to drop tracked tsc output under packages/*/src (dist is canonical).
- Bump smom-dbis-138 to gitignore/untrack Foundry artifacts/.
- submodules-clean: print dirty count and names first.
- scripts/maintenance/surgical-clean-submodule-artifacts.sh for repeat idempotent cleanup.

Made-with: Cursor
 2026-04-07 22:10:10 -07:00
defiQUG
7a53e64c1e chore: chain138-open-snap canonical repo, submodule, publish script 
- Point AGENTS.md at Defi-Oracle-Tooling/chain138-snap-minimal; document nested submodule in SUBMODULE_RELATIONSHIP_MAP
- Bump metamask-integration submodule (chain138-snap-minimal nested submodule on Gitea)
- Add publish-chain138-open-snap.sh with canonical repo comment

Made-with: Cursor
 2026-04-05 01:18:42 -07:00
defiQUG
15cd7aa057 fix(validation): use grep instead of rg in validate-xdc-zero-relayer-env (portable cross-checks) 
Made-with: Cursor
 2026-04-01 16:19:06 -07:00
defiQUG
de1a274f6a fix(ops): Proxmox SSH user for pool clear; optional preflight RPC override 
- clear-all-transaction-pools: use PROXMOX_SSH_USER (never root@pam for SSH);
  align R630 host with ip-addresses PROXMOX_R630_01; document post-clear RPC delay
- preflight-chain138-deploy: CHAIN138_PREFLIGHT_RPC_URL for nonce/RPC checks when
  Core 2101 is restarting (e.g. after pool clear) but public RPC is up

Made-with: Cursor
 2026-04-01 11:46:20 -07:00
defiQUG
d81375117a Sync asset-scoped jurisdiction governance updates 2026-04-01 11:28:41 -07:00
defiQUG
e8e22daeb9 feat(deploy): --skip-preflight for run-all-next-steps-chain138 
Allows verify-only / read-only steps when nonce gate fails (e.g. stuck pool)
until operator clears pools with SSH access; unsafe for broadcast deploys.

Made-with: Cursor
 2026-04-01 11:24:01 -07:00
defiQUG
5e73159e80 fix(verify): submodule check informational in check-completion-status 
Default: show dirty submodule output as WARN without failing exit 1.
Set STRICT_SUBMODULE_CLEAN=1 for pre-release strict gate (submodules-clean).

Made-with: Cursor
 2026-03-31 23:20:07 -07:00
defiQUG
b85101f4c2 fix(env): safe dotenv sourcing under set -u; report API prefix fallback 
- load-project-env: _lpr_dotenv_source / _lpr_source_relaxed so smom-dbis-138/.env
  lines like ${ARBITRUM_MAINNET_RPC} do not abort scripts using set -u
- check-public-report-api: detect /token-aggregation vs apex /api/v1 for networks
- run-completable-tasks: enforce public report API (remove SKIP_EXIT bypass)
- Document verifier behavior in TOKEN_AGGREGATION_REPORT_API_RUNBOOK and verify README

Made-with: Cursor
 2026-03-31 23:18:37 -07:00
defiQUG
6390174bb7 feat(xdc-zero): Chain 138 bridge runbook, config fragments, merge helper 
- Add CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK and 07-ccip pointer doc
- Add config/xdc-zero templates, parent register fragment, README
- Add merge-endpointconfig-chain138.sh (jq merge, XDC_ZERO_ENDPOINT_DIR)
- Add xdc-zero-chain138-preflight.sh; trim XDC URL vars in load-project-env
- Wire AGENTS.md, MASTER_INDEX, verify README, .env.master.example

Made-with: Cursor
 2026-03-31 23:10:36 -07:00
defiQUG
13d0d7130e feat(gru): governance supervision profile, storage standard, naming 03–04, identity reports 
- config/gru-governance-supervision-profile.json + gru-standards-profile cross-refs
- GRU_STORAGE_GOVERNANCE_AND_SUPERVISION_STANDARD.md; GRU matrix/profile doc updates
- naming-conventions: 03 bridges/cross-chain, 04 registry JSON fields; README table complete
- validate-config-files: governance profile checks (existing jq rules)
- reports/identity-completion: templates + README for DID/governance completion path
- mlfo-gitea-avatar.svg; refreshed transaction-package-HYBX-BATCH-001.zip
- gitignore: .codex, tmp/, regenerated output audit trees/zips, token-lists/logos PNGs

Submodules remain dirty locally (commit inside each submodule separately).

Made-with: Cursor
 2026-03-31 22:52:53 -07:00
defiQUG
5c69993ce9 docs: UTRNF naming conventions (01–02), c* V2 transport verify extras 
- Add naming-conventions/ with UTRNF reference and DBIS namespace mapping
- Index from 04-configuration README and MASTER_INDEX
- check-cstar-v2-transport-stack: CompliantWrappedToken + JurisdictionalGovernance suites
- gitignore: config/production/dbis-identity-public-did-secrets.env

Made-with: Cursor
 2026-03-31 22:41:23 -07:00
defiQUG
7ac74f432b chore: sync docs, config schemas, scripts, and meta task alignment 
- Institutional / JVMTM / reserve-provenance / GRU transport + standards JSON
- Validation and verify scripts (Blockscout labels, x402, GRU preflight, P1 local path)
- Wormhole wiring in AGENTS, MCP_SETUP, MASTER_INDEX, 04-configuration README
- Meta docs, integration gaps, live verification log, architecture updates
- CI validate-config workflow updates

Operator/LAN items, submodule working trees, and public token-aggregation edge
routes remain follow-up (see TODOS_CONSOLIDATED P1).

Made-with: Cursor
 2026-03-31 22:31:39 -07:00
defiQUG
0f70fb6c90 feat(wormhole): AI docs mirror, MCP server, playbook, RAG, verify script 
- Playbook + RAG doc; Cursor rule; sync script + manifest snapshot
- mcp-wormhole-docs: resources + wormhole_doc_search (read-only)
- verify-wormhole-ai-docs-setup.sh health check

Wire pnpm-workspace + lockfile + AGENTS/MCP_SETUP/MASTER_INDEX in a follow-up if not already committed.

Made-with: Cursor
 2026-03-31 21:05:06 -07:00
defiQUG
7f3dcf2513 feat(sankofa): public web CT 7806, portal NPM/DNS defaults, Keycloak redirect helper 
- Provision/sync scripts and systemd for corporate Next on 7806; IP_SANKOFA_PUBLIC_WEB for apex NPM
- Portal stack: NEXTAUTH_URL default portal.sankofa.nexus; NPM fleet + migrate + DNS ordering
- keycloak-sankofa-ensure-client-redirects.sh (KEYCLOAK_ADMIN_PASSWORD); .env.master.example hints
- Docs: task list, inventory, FQDN/E2E/EXPECTED_WEB_CONTENT, AGENTS pointers

Made-with: Cursor
 2026-03-29 13:41:02 -07:00
defiQUG
ee95e980e9 Add RTGS later-phase sidecar deployment scaffolding
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 6s
Details
2026-03-29 02:28:15 -07:00
defiQUG
179798a9df Add RTGS control-plane deployment scaffolding
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 7s
Details
2026-03-29 02:24:12 -07:00
defiQUG
5618f95426 Add Gitea act runner bootstrap tooling
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 4s
Details
2026-03-29 01:23:57 -07:00
defiQUG
adf241c4f5 Harden RTGS XAU anchoring and update smom submodule
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
2026-03-29 01:22:07 -07:00
defiQUG
d513ac35c0 Freeze OMNL-backed SCSM first-slice status
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 6s
Details
2026-03-29 00:29:29 -07:00
defiQUG
4ef9ca58ef Deploy DBIS RTGS first-slice sidecars
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 6s
Details
2026-03-29 00:01:34 -07:00
defiQUG
d6aebf3c43 Reclassify DBIS placeholder Hyperledger CTs
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 6s
Details
2026-03-28 23:21:51 -07:00
defiQUG
6f53323eae Finalize DBIS infra verification and runtime baselines
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 6s
Details
2026-03-28 19:18:32 -07:00
defiQUG
7e546ec9e3 feat(e2e): add SSO, docs.d-bis, blockscout.defi-oracle to routing verifier 
- DOMAIN_TYPES_ALL: keycloak/admin/portal/dash, docs.d-bis.org,
  blockscout.defi-oracle.io (web)
- E2E_OPTIONAL_WHEN_FAIL: same set for soft failures off-LAN
- Optional Blockscout /api/v2/stats for blockscout.defi-oracle.io
- print-gitea-actions-urls.sh: browser URLs (Actions API not relied on)
- E2E_ENDPOINTS_LIST + FQDN inventory alignment updated

Made-with: Cursor
 2026-03-28 17:29:50 -07:00
defiQUG
da93f8dbb6 fix(storage-monitor): subshell-safe ALERTS, ordered node loop; doc fleet pass 
- Replace pipe-while with process substitution so alerts accumulate.
- Iterate ml110→r630-04 in fixed order; tolerate unreachable optional nodes.
- STORAGE_GROWTH_AND_HEALTH: 2026-03-28 follow-up (7811 syslog, 10100 resize,
  I/O pass, ZFS scrub, md0 healthy, table refresh for r630-01/02/ml110).

Made-with: Cursor
 2026-03-28 16:15:59 -07:00
defiQUG
d65baa02f2 Add Chain 138 RPC capability verification 2026-03-28 15:56:42 -07:00
defiQUG
d75c02a7ac docs(maintenance): note CT reboot vs host @reboot for 3501 net-up 
Made-with: Cursor
 2026-03-28 15:37:54 -07:00
defiQUG
e0bb17eff7 ops: oracle publisher LXC 3500/3501, CT migrate docs, Besu/RPC maintenance 
- Provision oracle-publisher on CT 3500 (quoted DATA_SOURCE URLs, dotenv).
- Host-side pct-lxc-3501-net-up for ccip-monitor eth0 after migrate.
- CoinGecko key script: avoid sed & corruption; document quoted URLs.
- Besu node list reload, fstrim/RPC scripts, storage health docs.
- Submodule smom-dbis-138: web3 v6 pin, oracle check default host r630-02.

Made-with: Cursor
 2026-03-28 15:22:23 -07:00
defiQUG
023603e0c2 chore(besu,docs): node lists (.237/.238), deploy scripts, 2138 wallet + MetaMask JSON 
- static-nodes.json + permissions-nodes.toml: add enodes for 192.168.11.237–238
- deploy-besu-node-lists-to-all.sh / restart-besu-reload-node-lists.sh: tighten Besu deploy/restart flow
- CHAIN2138_WALLET_CONFIG_VALIDATION.md, METAMASK_NETWORK_CONFIG_2138.json
- Cross-links: CHAIN138 wallet validation, MASTER_INDEX, runbook, meta fixes
- NEXT_STEPS_INDEX + TODOS_CONSOLIDATED: 2026-03-28 completable + operator run note

Made-with: Cursor
 2026-03-28 00:25:13 -07:00
defiQUG
e01c906e56 docs(ops): submodule hygiene guide, verify script, rule/doc alignment 
- Add docs/00-meta/SUBMODULE_HYGIENE.md (detached HEAD, remotes, JSON refs)
- Add scripts/verify/submodules-clean.sh (labeled dirty-tree report)
- AGENTS.md + CONTRIBUTOR_GUIDELINES + OPERATOR_READY_CHECKLIST + MASTER_INDEX
- chain138-tokens-and-pmm: DODOPMMIntegration 0x5BDc62… per ADDRESS_MATRIX
- Bump smom-dbis-138 + explorer-monorepo (config READMEs, explorer env loading)

Made-with: Cursor
 2026-03-27 22:12:46 -07:00
defiQUG
8fc4fc7811 scripts(archive): consolidated helpers and backup copies sync
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details 
Made-with: Cursor
 2026-03-27 18:51:09 -07:00
defiQUG
875454f449 scripts: deployment, NPM, verify, validation, env loader, operator helpers
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details 
Made-with: Cursor
 2026-03-27 18:51:02 -07:00
defiQUG
bad8fdc98c scripts: portal login, PMM mesh install, ops template audit, NPM verify, route matrix export
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details 
Made-with: Cursor
 2026-03-27 18:46:42 -07:00
defiQUG
2d4b35c3ee docs(stage4): archive deployment-reports README + E2E evidence hygiene 
- deployment-reports: historical notice + SOT links (no per-file edits)
- archive README: link deployment-reports folder
- E2E_ENDPOINTS_LIST: evidence retention + prune script pointer
- prune-e2e-verification-evidence.sh: dry-run default, --apply + KEEP_DAYS

Made-with: Cursor
 2026-03-27 16:41:49 -07:00
defiQUG
430431f2f6 feat(order): HAProxy on 10210, NPM → 192.168.11.39:80 
- Add order-haproxy config template and provision-order-haproxy-10210.sh (SSH to r630-01)
- Document one-time unprivileged CT idmap chown repair when apt fails
- Default THE_ORDER_UPSTREAM_* to IP_ORDER_HAPROXY:80; portal bypass via env
- Align update-sankofa-npmplus-proxy-hosts.sh, AGENTS, ALL_VMIDS, E2E notes

Made-with: Cursor
 2026-03-27 14:05:37 -07:00
defiQUG
a2645b5285 NPM: validate canonical_https for www redirects; docs and env example 
- Reject non-https, paths, and injection-prone chars in advanced_config 301 targets
- E2E list: phoenix marketing note, the-order HAProxy remediation, 2026-03-27 passes
- AGENTS.md: scoped Cloudflare token pointer; smom-dbis-138 dotenv load note
- .env.master.example: DNS script flags and scoped token guidance

Made-with: Cursor
 2026-03-27 12:29:40 -07:00
defiQUG
17b923ffdf Follow-ups: DNS dry-run/zone-only, Order NPM IDs, E2E Location assert, the-order block_exploits 
- update-all-dns-to-public-ip.sh: --dry-run (no CF API), --zone-only=ZONE, help before .env, env CLOUDFLARE_DNS_DRY_RUN/DNS_ZONE_ONLY
- update-sankofa-npmplus-proxy-hosts.sh: the-order + www.the-order by ID (env SANKOFA_NPM_ID_THE_ORDER, SANKOFA_NPM_ID_WWW_THE_ORDER, THE_ORDER_UPSTREAM_*)
- update-npmplus-proxy-hosts-api.sh: the-order.sankofa.nexus uses block_exploits false like sankofa portal
- verify-end-to-end-routing.sh: E2E_WWW_CANONICAL_BASE + Location validation (fail on wrong apex); keep local redirect vars
- docs: ALL_VMIDS www 301 lines, E2E_ENDPOINTS_LIST verifier/DNS notes; AGENTS.md Cloudflare script pointer

Made-with: Cursor
 2026-03-27 11:27:39 -07:00