d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5d5d7a7db46394f3865611738e2fcfbbd13b9173
proxmox/scripts/deployment/provision-mev-control-backend-lxc.sh
defiQUG 5d5d7a7db4 Add contained MEV backend CT runbook
2026-04-12 20:25:31 -07:00

75 lines
2.8 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
# Provision a dedicated backend LXC for the MEV Control stack.
#
# Intended topology:
# - Public GUI/static nginx remains on CT 2410 (info-defi-oracle-web)
# - This backend CT runs mev-admin-api, mev-supervisor, pipeline services, and local infra
# - CT 2410 proxies /api/* to this backend CT
#
# Usage:
# bash scripts/deployment/provision-mev-control-backend-lxc.sh [--dry-run]
#
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
# shellcheck source=/dev/null
source "${PROJECT_ROOT}/config/ip-addresses.conf" 2>/dev/null || true
PROXMOX_HOST="${PROXMOX_HOST:-${PROXMOX_HOST_R630_04:-192.168.11.14}}"
VMID="${MEV_CONTROL_BACKEND_VMID:-2421}"
IP_CT="${MEV_CONTROL_BACKEND_IP:-192.168.11.219}"
HOSTNAME_CT="${MEV_CONTROL_BACKEND_HOSTNAME:-mev-control-backend}"
TEMPLATE_CT="${TEMPLATE:-local:vztmpl/debian-12-standard_12.12-1_amd64.tar.zst}"
STORAGE="${STORAGE:-local-lvm}"
NETWORK="${NETWORK:-vmbr0}"
GATEWAY="${NETWORK_GATEWAY:-192.168.11.1}"
SSH_OPTS="-o BatchMode=yes -o ConnectTimeout=15 -o StrictHostKeyChecking=accept-new"
DRY_RUN=false
[[ "${1:-}" == "--dry-run" ]] && DRY_RUN=true
echo "=== Provision MEV Control backend LXC ==="
echo "Proxmox: ${PROXMOX_HOST} VMID: ${VMID} IP: ${IP_CT}"
if $DRY_RUN; then
echo "[DRY-RUN] pct create ${VMID} on ${PROXMOX_HOST} with Docker-capable unprivileged settings"
exit 0
fi
if ssh $SSH_OPTS "root@${PROXMOX_HOST}" "pct list 2>/dev/null | grep -q '^${VMID} '"; then
echo "CT ${VMID} already exists — skipping pct create"
else
echo "Creating CT ${VMID} (${HOSTNAME_CT}) @ ${IP_CT}/24..."
ssh $SSH_OPTS "root@${PROXMOX_HOST}" bash -s <<EOF
set -euo pipefail
pct create ${VMID} ${TEMPLATE_CT} \\
--hostname ${HOSTNAME_CT} \\
--memory 32768 \\
--swap 8192 \\
--cores 16 \\
--rootfs ${STORAGE}:200 \\
--net0 name=eth0,bridge=${NETWORK},ip=${IP_CT}/24,gw=${GATEWAY} \\
--nameserver ${DNS_PRIMARY:-1.1.1.1} \\
--description 'Dedicated backend LXC: MEV admin API, supervisor, pipeline, and local infra' \\
--features nesting=1,keyctl=1 \\
--onboot 1 \\
--start 1 \\
--unprivileged 1
EOF
echo "Waiting for CT to boot..."
sleep 15
fi
ssh $SSH_OPTS "root@${PROXMOX_HOST}" "pct status ${VMID}" | grep -q running || {
echo "ERROR: CT ${VMID} not running — start with: ssh root@${PROXMOX_HOST} 'pct start ${VMID}'" >&2
exit 1
}
echo "Installing baseline packages inside CT ${VMID}..."
ssh $SSH_OPTS "root@${PROXMOX_HOST}" "pct exec ${VMID} -- bash -lc \"set -euo pipefail; export DEBIAN_FRONTEND=noninteractive; apt-get update -qq; apt-get install -y -qq curl jq git ca-certificates build-essential pkg-config libssl-dev gpg lsb-release uidmap\""
echo ""
echo "✅ Backend CT ${VMID} ready at ${IP_CT}"
echo " Next: deploy the MEV stack inside the CT and point CT 2410 /api to http://${IP_CT}:9090"
Reference in New Issue View Git Blame Copy Permalink