d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4eead3e53fecdb2b7e629bb9f56b22ff92c61d2e
proxmox/docs/archive/deployment-reports/SANKOFA_DEPLOYMENT_REVIEW.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

6.6 KiB
Raw Blame History

Sankofa Deployment - Complete Review

Date: 2026-01-20
Status: 🟡 PARTIALLY COMPLETE - Core infrastructure deployed, services need completion

Successfully Completed

1. Configuration & Prerequisites

  • Created .env.r630-01 configuration file
  • Verified Sankofa project exists
  • Verified SSH access to r630-01

2. Container Deployment

  • All 4 LXC containers deployed:
    • VMID 7803: sankofa-postgres-1 (10.160.0.13) - PostgreSQL
    • VMID 7802: sankofa-keycloak-1 (10.160.0.12) - Keycloak
    • VMID 7800: sankofa-api-1 (10.160.0.10) - API
    • VMID 7801: sankofa-portal-1 (10.160.0.11) - Portal
  • All containers running
  • All containers have correct IP addresses

3. Network Configuration

  • Fixed critical network issue:
    • Containers initially connected to wrong bridge (vmbr0 instead of vmbr0v160)
    • Updated all containers to use vmbr0v160 (VLAN 160)
    • All containers can now reach gateway 10.160.0.1
    • Internet connectivity working

4. PostgreSQL Setup

  • PostgreSQL 16 installed
  • PostgreSQL service running
  • Database sankofa created
  • User sankofa created
  • Network access configured (10.160.0.0/22)
  • Extensions enabled (uuid-ossp, pg_stat_statements)
  • ⚠️ Note: Database password: cqCcMzXtC1rc5AEilsodqnjl (should be updated in .env.r630-01)

🟡 In Progress / Needs Completion

5. Keycloak Setup

  • Java 21 installed
  • Keycloak database created (keycloak database on PostgreSQL)
  • Keycloak downloaded
  • Keycloak build/configuration incomplete
  • Issue: ./bin/kc.sh not found - Keycloak extraction/installation needs completion

6. API Service Deployment

  • ⏸️ Not Started - Waiting for Keycloak completion
  • Requires:
    • Node.js 18 installation
    • pnpm installation
    • Project files copy
    • Dependencies installation
    • Environment configuration
    • Database migrations
    • Build and service setup

7. Portal Service Deployment

  • ⏸️ Not Started - Waiting for Keycloak completion
  • Requires:
    • Node.js 18 installation
    • pnpm installation
    • Project files copy
    • Dependencies installation
    • Environment configuration
    • Build (Next.js)
    • Service setup

📋 Remaining Steps

Phase 4: Complete Service Setup

  1. Complete Keycloak Setup:

    • Fix Keycloak installation
    • Configure Keycloak to use PostgreSQL
    • Create admin user
    • Create API and Portal clients
    • Start Keycloak service

  2. Deploy API Service:

    cd /home/intlc/projects/proxmox/scripts
./deploy-api-r630-01.sh

  3. Deploy Portal Service:

    cd /home/intlc/projects/proxmox/scripts
./deploy-portal-r630-01.sh

Phase 5: Verification & Documentation

  1. Verify Services:

    • Check all services are running
    • Test health endpoints:
      • API: http://10.160.0.10:4000/health
      • Portal: http://10.160.0.11:3000
      • Keycloak: http://10.160.0.12:8080/health/ready

  2. Update Cutover Plan:

    • Document actual IPs/ports in docs/04-configuration/SANKOFA_CUTOVER_PLAN.md
    • Update TBD table with:
      • sankofa.nexus → VMID 7801 (Portal), IP 10.160.0.11, Port 3000
      • www.sankofa.nexus → VMID 7801 (Portal), IP 10.160.0.11, Port 3000
      • phoenix.sankofa.nexus → VMID 7800 (API), IP 10.160.0.10, Port 4000
      • www.phoenix.sankofa.nexus → VMID 7800 (API), IP 10.160.0.10, Port 4000
      • the-order.sankofa.nexus → TBD (determine service)

  3. Test Internal Connectivity:

    • Test from NPMplus container to all Sankofa services
    • Verify firewall rules allow access

Phase 6: Cutover

  1. Update NPMplus Proxy Hosts:

    • Update 5 proxy hosts (IDs: 21-25)
    • Change from 192.168.11.140:80 to actual service IPs/ports
    • Verify SSL certificates still work

  2. Post-Cutover Validation:

    • Test DNS resolution
    • Test HTTPS requests
    • Verify SSL certificates
    • Test service functionality

  3. Update Documentation:

    • Update source-of-truth JSON
    • Update comprehensive architecture doc
    • Update streamlined table doc

🔧 Known Issues & Fixes Applied

Issue 1: Network Connectivity (FIXED )

Problem: Containers couldn't reach gateway 10.160.0.1
Root Cause: Containers connected to vmbr0 instead of vmbr0v160
Solution: Updated container network config to use vmbr0v160 bridge
Status: Resolved - All containers can reach gateway

Issue 2: PostgreSQL Configuration (FIXED )

Problem: PostgreSQL listen_addresses configuration error
Root Cause: sed command replaced wrong line
Solution: Fixed postgresql.conf with correct listen_addresses setting
Status: Resolved - PostgreSQL accepting network connections

Issue 3: Keycloak Installation (IN PROGRESS ⚠️)

Problem: Keycloak build script failing - ./bin/kc.sh not found
Root Cause: Keycloak extraction/installation incomplete
Solution Needed: Complete Keycloak installation and configuration

📊 Current Deployment Status

Component Status IP Address Port Notes
PostgreSQL Running 10.160.0.13 5432 Database ready
Keycloak 🟡 Partial 10.160.0.12 8080 Installation incomplete
API ⏸️ Pending 10.160.0.10 4000 Not deployed
Portal ⏸️ Pending 10.160.0.11 3000 Not deployed

🎯 Next Immediate Actions

  1. Complete Keycloak Setup:

    • Fix Keycloak installation script
    • Complete Keycloak configuration
    • Start Keycloak service

  2. Deploy API Service:

    • Run ./deploy-api-r630-01.sh
    • Verify API is running and healthy

  3. Deploy Portal Service:

    • Run ./deploy-portal-r630-01.sh
    • Verify Portal is running and healthy

  4. Update Cutover Plan:

    • Document all actual IPs/ports
    • Replace TBD placeholders

  5. Perform Cutover:

    • Update NPMplus proxy hosts
    • Verify end-to-end routing

📝 Important Notes

  • Database Password: cqCcMzXtC1rc5AEilsodqnjl - Update in .env.r630-01
  • Network: All containers on VLAN 160 (10.160.0.0/22)
  • Gateway: 10.160.0.1 (working)
  • No Tunnels: Per user request, Cloudflare tunnels will not be used
  • Containers: All using unprivileged mode, connected to vmbr0v160

🔗 Related Files

  • Deployment Scripts: /home/intlc/projects/proxmox/scripts/
  • Configuration: /home/intlc/projects/proxmox/scripts/.env.r630-01
  • Cutover Plan: docs/04-configuration/SANKOFA_CUTOVER_PLAN.md
  • Deployment Guide: scripts/DEPLOYMENT_README_R630-01.md

Last Updated: 2026-01-20
Next Review: After Keycloak setup completion

Reference in New Issue View Git Blame Copy Permalink