d-bis/proxmox
4
0
Fork 0
Code Issues 1 Pull Requests 9 Actions Packages Projects Releases Wiki Activity
Files
f0f0a4bb844eefe6c19e9568c3af9b2d387e5a2e
proxmox/docs/archive/deployment-reports/SANKOFA_DEPLOYMENT_REVIEW.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

215 lines
6.6 KiB
Markdown
Raw Blame History

# Sankofa Deployment - Complete Review
**Date:** 2026-01-20
**Status:** 🟡 **PARTIALLY COMPLETE** - Core infrastructure deployed, services need completion
---
## ✅ Successfully Completed
### 1. Configuration & Prerequisites
- ✅ Created `.env.r630-01` configuration file
- ✅ Verified Sankofa project exists
- ✅ Verified SSH access to r630-01
### 2. Container Deployment
-**All 4 LXC containers deployed:**
- VMID 7803: sankofa-postgres-1 (10.160.0.13) - PostgreSQL
- VMID 7802: sankofa-keycloak-1 (10.160.0.12) - Keycloak
- VMID 7800: sankofa-api-1 (10.160.0.10) - API
- VMID 7801: sankofa-portal-1 (10.160.0.11) - Portal
- ✅ All containers running
- ✅ All containers have correct IP addresses
### 3. Network Configuration
-**Fixed critical network issue:**
- Containers initially connected to wrong bridge (vmbr0 instead of vmbr0v160)
- Updated all containers to use vmbr0v160 (VLAN 160)
- All containers can now reach gateway 10.160.0.1
- Internet connectivity working
### 4. PostgreSQL Setup
- ✅ PostgreSQL 16 installed
- ✅ PostgreSQL service running
- ✅ Database `sankofa` created
- ✅ User `sankofa` created
- ✅ Network access configured (10.160.0.0/22)
- ✅ Extensions enabled (uuid-ossp, pg_stat_statements)
- ⚠️ **Note:** Database password: `cqCcMzXtC1rc5AEilsodqnjl` (should be updated in .env.r630-01)
---
## 🟡 In Progress / Needs Completion
### 5. Keycloak Setup
- ✅ Java 21 installed
- ✅ Keycloak database created (keycloak database on PostgreSQL)
- ✅ Keycloak downloaded
- ❌ Keycloak build/configuration incomplete
- **Issue:** `./bin/kc.sh` not found - Keycloak extraction/installation needs completion
### 6. API Service Deployment
- ⏸️ **Not Started** - Waiting for Keycloak completion
- Requires:
- Node.js 18 installation
- pnpm installation
- Project files copy
- Dependencies installation
- Environment configuration
- Database migrations
- Build and service setup
### 7. Portal Service Deployment
- ⏸️ **Not Started** - Waiting for Keycloak completion
- Requires:
- Node.js 18 installation
- pnpm installation
- Project files copy
- Dependencies installation
- Environment configuration
- Build (Next.js)
- Service setup
---
## 📋 Remaining Steps
### Phase 4: Complete Service Setup
1. **Complete Keycloak Setup:**
- Fix Keycloak installation
- Configure Keycloak to use PostgreSQL
- Create admin user
- Create API and Portal clients
- Start Keycloak service
2. **Deploy API Service:**
```bash
cd /home/intlc/projects/proxmox/scripts
./deploy-api-r630-01.sh
```
3. **Deploy Portal Service:**
```bash
cd /home/intlc/projects/proxmox/scripts
./deploy-portal-r630-01.sh
```
### Phase 5: Verification & Documentation
4. **Verify Services:**
- Check all services are running
- Test health endpoints:
- API: `http://10.160.0.10:4000/health`
- Portal: `http://10.160.0.11:3000`
- Keycloak: `http://10.160.0.12:8080/health/ready`
5. **Update Cutover Plan:**
- Document actual IPs/ports in `docs/04-configuration/SANKOFA_CUTOVER_PLAN.md`
- Update TBD table with:
- `sankofa.nexus` → VMID 7801 (Portal), IP 10.160.0.11, Port 3000
- `www.sankofa.nexus` → VMID 7801 (Portal), IP 10.160.0.11, Port 3000
- `phoenix.sankofa.nexus` → VMID 7800 (API), IP 10.160.0.10, Port 4000
- `www.phoenix.sankofa.nexus` → VMID 7800 (API), IP 10.160.0.10, Port 4000
- `the-order.sankofa.nexus` → TBD (determine service)
6. **Test Internal Connectivity:**
- Test from NPMplus container to all Sankofa services
- Verify firewall rules allow access
### Phase 6: Cutover
7. **Update NPMplus Proxy Hosts:**
- Update 5 proxy hosts (IDs: 21-25)
- Change from `192.168.11.140:80` to actual service IPs/ports
- Verify SSL certificates still work
8. **Post-Cutover Validation:**
- Test DNS resolution
- Test HTTPS requests
- Verify SSL certificates
- Test service functionality
9. **Update Documentation:**
- Update source-of-truth JSON
- Update comprehensive architecture doc
- Update streamlined table doc
---
## 🔧 Known Issues & Fixes Applied
### Issue 1: Network Connectivity (FIXED ✅)
**Problem:** Containers couldn't reach gateway 10.160.0.1
**Root Cause:** Containers connected to vmbr0 instead of vmbr0v160
**Solution:** Updated container network config to use vmbr0v160 bridge
**Status:** ✅ Resolved - All containers can reach gateway
### Issue 2: PostgreSQL Configuration (FIXED ✅)
**Problem:** PostgreSQL listen_addresses configuration error
**Root Cause:** sed command replaced wrong line
**Solution:** Fixed postgresql.conf with correct listen_addresses setting
**Status:** ✅ Resolved - PostgreSQL accepting network connections
### Issue 3: Keycloak Installation (IN PROGRESS ⚠️)
**Problem:** Keycloak build script failing - `./bin/kc.sh` not found
**Root Cause:** Keycloak extraction/installation incomplete
**Solution Needed:** Complete Keycloak installation and configuration
---
## 📊 Current Deployment Status
| Component | Status | IP Address | Port | Notes |
|-----------|--------|------------|------|-------|
| PostgreSQL | ✅ Running | 10.160.0.13 | 5432 | Database ready |
| Keycloak | 🟡 Partial | 10.160.0.12 | 8080 | Installation incomplete |
| API | ⏸️ Pending | 10.160.0.10 | 4000 | Not deployed |
| Portal | ⏸️ Pending | 10.160.0.11 | 3000 | Not deployed |
---
## 🎯 Next Immediate Actions
1. **Complete Keycloak Setup:**
- Fix Keycloak installation script
- Complete Keycloak configuration
- Start Keycloak service
2. **Deploy API Service:**
- Run `./deploy-api-r630-01.sh`
- Verify API is running and healthy
3. **Deploy Portal Service:**
- Run `./deploy-portal-r630-01.sh`
- Verify Portal is running and healthy
4. **Update Cutover Plan:**
- Document all actual IPs/ports
- Replace TBD placeholders
5. **Perform Cutover:**
- Update NPMplus proxy hosts
- Verify end-to-end routing
---
## 📝 Important Notes
- **Database Password:** `cqCcMzXtC1rc5AEilsodqnjl` - Update in `.env.r630-01`
- **Network:** All containers on VLAN 160 (10.160.0.0/22)
- **Gateway:** 10.160.0.1 (working)
- **No Tunnels:** Per user request, Cloudflare tunnels will not be used
- **Containers:** All using unprivileged mode, connected to vmbr0v160
---
## 🔗 Related Files
- Deployment Scripts: `/home/intlc/projects/proxmox/scripts/`
- Configuration: `/home/intlc/projects/proxmox/scripts/.env.r630-01`
- Cutover Plan: `docs/04-configuration/SANKOFA_CUTOVER_PLAN.md`
- Deployment Guide: `scripts/DEPLOYMENT_README_R630-01.md`
---
**Last Updated:** 2026-01-20
**Next Review:** After Keycloak setup completion
Reference in New Issue View Git Blame Copy Permalink