scripts/deploy-sankofa-r630-01.sh

#!/usr/bin/env bash
# Deploy Sankofa Services to r630-01
# Sankofa/Phoenix/PanTel service layer on VLAN 160 (10.160.0.0/22)
# VMID Range: 7800-8999

set -euo pipefail

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
SANKOFA_PROJECT="/home/intlc/projects/Sankofa"

# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'

log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_success() { echo -e "${GREEN}[✓]${NC} $1"; }
log_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
log_error() { echo -e "${RED}[ERROR]${NC} $1"; }

# Configuration
PROXMOX_NODE="r630-01"
PROXMOX_HOST="192.168.11.11"
# r630-01 has: local, local-lvm, thin1 available
PROXMOX_STORAGE="${PROXMOX_STORAGE:-thin1}"
CONTAINER_OS_TEMPLATE="local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.zst"

# Sankofa Configuration
SANKOFA_VLAN="160"
SANKOFA_SUBNET="10.160.0.0/22"
SANKOFA_GATEWAY="10.160.0.1"

# VMID Allocation (Sankofa range: 7800-8999)
VMID_SANKOFA_POSTGRES=7803
VMID_SANKOFA_API=7800
VMID_SANKOFA_PORTAL=7801
VMID_SANKOFA_KEYCLOAK=7802

# Service IPs (VLAN 160)
SANKOFA_POSTGRES_IP="10.160.0.13"
SANKOFA_API_IP="10.160.0.10"
SANKOFA_PORTAL_IP="10.160.0.11"
SANKOFA_KEYCLOAK_IP="10.160.0.12"

# Resource allocation
SANKOFA_POSTGRES_MEMORY="2048"   # 2GB
SANKOFA_POSTGRES_CORES="2"
SANKOFA_POSTGRES_DISK="50"       # 50GB

SANKOFA_API_MEMORY="4096"        # 4GB
SANKOFA_API_CORES="4"
SANKOFA_API_DISK="50"           # 50GB

SANKOFA_PORTAL_MEMORY="4096"     # 4GB
SANKOFA_PORTAL_CORES="4"
SANKOFA_PORTAL_DISK="50"         # 50GB

SANKOFA_KEYCLOAK_MEMORY="2048"   # 2GB
SANKOFA_KEYCLOAK_CORES="2"
SANKOFA_KEYCLOAK_DISK="30"       # 30GB

# SSH function
ssh_r630_01() {
    ssh -o StrictHostKeyChecking=no -o ConnectTimeout=5 root@"$PROXMOX_HOST" "$@"
}

# Check if container exists
container_exists() {
    local vmid=$1
    ssh_r630_01 "pct list 2>/dev/null | grep -q '^\s*$vmid\s'" 2>/dev/null
}

# Get container IP address
get_container_ip() {
    local vmid=$1
    ssh_r630_01 "pct exec $vmid -- ip -4 addr show eth0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}'" 2>/dev/null || echo ""
}

# Create Sankofa container
create_sankofa_container() {
    local vmid=$1
    local hostname=$2
    local ip_address=$3
    local memory=$4
    local cores=$5
    local disk=$6
    local service_type=$7
    
    log_info "Creating Sankofa $service_type: $hostname (VMID: $vmid, IP: $ip_address)"
    
    if container_exists "$vmid"; then
        log_warn "Container $vmid ($hostname) already exists, skipping creation"
        return 0
    fi
    
    # Network configuration - use static IP for VLAN 160
    # Note: For unprivileged containers, VLAN tagging may need bridge configuration
    local network_config="bridge=vmbr0,name=eth0,ip=${ip_address}/22,gw=${SANKOFA_GATEWAY},type=veth"
    
    log_info "Creating container $vmid on $PROXMOX_NODE..."
    ssh_r630_01 "pct create $vmid \
        $CONTAINER_OS_TEMPLATE \
        --storage $PROXMOX_STORAGE \
        --hostname $hostname \
        --memory $memory \
        --cores $cores \
        --rootfs $PROXMOX_STORAGE:$disk \
        --net0 '$network_config' \
        --unprivileged 1 \
        --swap 512 \
        --onboot 1 \
        --timezone America/Los_Angeles \
        --features nesting=1,keyctl=1" 2>&1
    
    if container_exists "$vmid"; then
        log_success "Container $vmid created successfully"
        
        # Start container
        log_info "Starting container $vmid..."
        ssh_r630_01 "pct start $vmid" 2>&1 || true
        
        # Wait for container to be ready
        log_info "Waiting for container to be ready..."
        sleep 10
        
        # Basic setup
        log_info "Configuring container $vmid..."
        ssh_r630_01 "pct exec $vmid -- bash -c 'export DEBIAN_FRONTEND=noninteractive; apt-get update -qq && apt-get install -y -qq curl wget git build-essential sudo'" 2>&1 | grep -vE "(perl: warning|locale:)" || true
        
        log_success "Sankofa $service_type container $vmid ($hostname) deployed successfully"
        return 0
    else
        log_error "Failed to create container $vmid"
        return 1
    fi
}

# Main deployment
main() {
    echo ""
    log_info "========================================="
    log_info "Sankofa Deployment to r630-01"
    log_info "========================================="
    echo ""
    log_info "Target Node: $PROXMOX_NODE ($PROXMOX_HOST)"
    log_info "Storage: $PROXMOX_STORAGE"
    log_info "VLAN: $SANKOFA_VLAN ($SANKOFA_SUBNET)"
    log_info "VMID Range: 7800-8999"
    echo ""
    
    # Check connectivity to r630-01
    log_info "Checking connectivity to $PROXMOX_NODE..."
    if ! ssh_r630_01 "pvecm status >/dev/null 2>&1"; then
        log_error "Cannot connect to $PROXMOX_NODE. Please check SSH access."
        exit 1
    fi
    log_success "Connected to $PROXMOX_NODE"
    echo ""
    
    # Check if containers already exist
    log_info "Checking existing Sankofa containers..."
    existing_containers=()
    if container_exists "$VMID_SANKOFA_POSTGRES"; then
        existing_containers+=("$VMID_SANKOFA_POSTGRES:sankofa-postgres-1")
        log_warn "Container $VMID_SANKOFA_POSTGRES (sankofa-postgres-1) already exists"
    fi
    if container_exists "$VMID_SANKOFA_API"; then
        existing_containers+=("$VMID_SANKOFA_API:sankofa-api-1")
        log_warn "Container $VMID_SANKOFA_API (sankofa-api-1) already exists"
    fi
    if container_exists "$VMID_SANKOFA_PORTAL"; then
        existing_containers+=("$VMID_SANKOFA_PORTAL:sankofa-portal-1")
        log_warn "Container $VMID_SANKOFA_PORTAL (sankofa-portal-1) already exists"
    fi
    if container_exists "$VMID_SANKOFA_KEYCLOAK"; then
        existing_containers+=("$VMID_SANKOFA_KEYCLOAK:sankofa-keycloak-1")
        log_warn "Container $VMID_SANKOFA_KEYCLOAK (sankofa-keycloak-1) already exists"
    fi
    
    if [[ ${#existing_containers[@]} -gt 0 ]]; then
        log_warn "Some Sankofa containers already exist:"
        for container in "${existing_containers[@]}"; do
            echo "  - $container"
        done
        echo ""
        read -p "Continue with deployment? (y/N): " -n 1 -r
        echo
        if [[ ! $REPLY =~ ^[Yy]$ ]]; then
            log_info "Deployment cancelled"
            exit 0
        fi
    fi
    echo ""
    
    # Deploy PostgreSQL first (required by other services)
    log_info "Deploying PostgreSQL database..."
    create_sankofa_container \
        "$VMID_SANKOFA_POSTGRES" \
        "sankofa-postgres-1" \
        "$SANKOFA_POSTGRES_IP" \
        "$SANKOFA_POSTGRES_MEMORY" \
        "$SANKOFA_POSTGRES_CORES" \
        "$SANKOFA_POSTGRES_DISK" \
        "PostgreSQL"
    echo ""
    
    # Deploy Keycloak (required by API and Portal)
    log_info "Deploying Keycloak identity service..."
    create_sankofa_container \
        "$VMID_SANKOFA_KEYCLOAK" \
        "sankofa-keycloak-1" \
        "$SANKOFA_KEYCLOAK_IP" \
        "$SANKOFA_KEYCLOAK_MEMORY" \
        "$SANKOFA_KEYCLOAK_CORES" \
        "$SANKOFA_KEYCLOAK_DISK" \
        "Keycloak"
    echo ""
    
    # Deploy Sankofa API
    log_info "Deploying Sankofa API service..."
    create_sankofa_container \
        "$VMID_SANKOFA_API" \
        "sankofa-api-1" \
        "$SANKOFA_API_IP" \
        "$SANKOFA_API_MEMORY" \
        "$SANKOFA_API_CORES" \
        "$SANKOFA_API_DISK" \
        "API"
    echo ""
    
    # Deploy Sankofa Portal
    log_info "Deploying Sankofa Portal service..."
    create_sankofa_container \
        "$VMID_SANKOFA_PORTAL" \
        "sankofa-portal-1" \
        "$SANKOFA_PORTAL_IP" \
        "$SANKOFA_PORTAL_MEMORY" \
        "$SANKOFA_PORTAL_CORES" \
        "$SANKOFA_PORTAL_DISK" \
        "Portal"
    echo ""
    
    # Summary
    log_success "========================================="
    log_success "Sankofa Container Deployment Complete"
    log_success "========================================="
    echo ""
    log_info "Deployed containers on $PROXMOX_NODE:"
    echo "  - VMID $VMID_SANKOFA_POSTGRES: sankofa-postgres-1 ($SANKOFA_POSTGRES_IP)"
    echo "  - VMID $VMID_SANKOFA_KEYCLOAK: sankofa-keycloak-1 ($SANKOFA_KEYCLOAK_IP)"
    echo "  - VMID $VMID_SANKOFA_API: sankofa-api-1 ($SANKOFA_API_IP)"
    echo "  - VMID $VMID_SANKOFA_PORTAL: sankofa-portal-1 ($SANKOFA_PORTAL_IP)"
    echo ""
    log_info "Next steps:"
    echo "  1. Run: ./scripts/setup-postgresql-r630-01.sh"
    echo "  2. Run: ./scripts/setup-keycloak-r630-01.sh"
    echo "  3. Run: ./scripts/deploy-api-r630-01.sh"
    echo "  4. Run: ./scripts/deploy-portal-r630-01.sh"
    echo "  5. Configure networking and firewall rules"
    echo "  6. Set up Cloudflare tunnels for external access"
    echo ""
}

# Run main function
main "$@"
Organize docs directory: move 25 files to appropriate locations - Created docs/00-meta/ for documentation meta files (11 files) - Created docs/archive/reports/ for reports (5 files) - Created docs/archive/issues/ for issue tracking (2 files) - Created docs/bridge/contracts/ for Solidity contracts (3 files) - Created docs/04-configuration/metamask/ for Metamask configs (3 files) - Created docs/scripts/ for documentation scripts (2 files) - Root directory now contains only 3 essential files (89.3% reduction) All recommended actions from docs directory review complete. 2026-01-06 03:32:20 -08:00			`#!/usr/bin/env bash`
			`# Deploy Sankofa Services to r630-01`
			`# Sankofa/Phoenix/PanTel service layer on VLAN 160 (10.160.0.0/22)`
			`# VMID Range: 7800-8999`

			`set -euo pipefail`

			`SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"`
			`PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"`
			`SANKOFA_PROJECT="/home/intlc/projects/Sankofa"`

			`# Colors`
			`RED='\033[0;31m'`
			`GREEN='\033[0;32m'`
			`YELLOW='\033[1;33m'`
			`BLUE='\033[0;34m'`
			`NC='\033[0m'`

			`log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }`
			`log_success() { echo -e "${GREEN}[✓]${NC} $1"; }`
			`log_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }`
			`log_error() { echo -e "${RED}[ERROR]${NC} $1"; }`

			`# Configuration`
			`PROXMOX_NODE="r630-01"`
			`PROXMOX_HOST="192.168.11.11"`
			`# r630-01 has: local, local-lvm, thin1 available`
			`PROXMOX_STORAGE="${PROXMOX_STORAGE:-thin1}"`
			`CONTAINER_OS_TEMPLATE="local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.zst"`

			`# Sankofa Configuration`
			`SANKOFA_VLAN="160"`
			`SANKOFA_SUBNET="10.160.0.0/22"`
			`SANKOFA_GATEWAY="10.160.0.1"`

			`# VMID Allocation (Sankofa range: 7800-8999)`
			`VMID_SANKOFA_POSTGRES=7803`
			`VMID_SANKOFA_API=7800`
			`VMID_SANKOFA_PORTAL=7801`
			`VMID_SANKOFA_KEYCLOAK=7802`

			`# Service IPs (VLAN 160)`
			`SANKOFA_POSTGRES_IP="10.160.0.13"`
			`SANKOFA_API_IP="10.160.0.10"`
			`SANKOFA_PORTAL_IP="10.160.0.11"`
			`SANKOFA_KEYCLOAK_IP="10.160.0.12"`

			`# Resource allocation`
			`SANKOFA_POSTGRES_MEMORY="2048" # 2GB`
			`SANKOFA_POSTGRES_CORES="2"`
			`SANKOFA_POSTGRES_DISK="50" # 50GB`

			`SANKOFA_API_MEMORY="4096" # 4GB`
			`SANKOFA_API_CORES="4"`
			`SANKOFA_API_DISK="50" # 50GB`

			`SANKOFA_PORTAL_MEMORY="4096" # 4GB`
			`SANKOFA_PORTAL_CORES="4"`
			`SANKOFA_PORTAL_DISK="50" # 50GB`

			`SANKOFA_KEYCLOAK_MEMORY="2048" # 2GB`
			`SANKOFA_KEYCLOAK_CORES="2"`
			`SANKOFA_KEYCLOAK_DISK="30" # 30GB`

			`# SSH function`
			`ssh_r630_01() {`
			`ssh -o StrictHostKeyChecking=no -o ConnectTimeout=5 root@"$PROXMOX_HOST" "$@"`
			`}`

			`# Check if container exists`
			`container_exists() {`
			`local vmid=$1`
			`ssh_r630_01 "pct list 2>/dev/null \| grep -q '^\s*$vmid\s'" 2>/dev/null`
			`}`

			`# Get container IP address`
			`get_container_ip() {`
			`local vmid=$1`
			`ssh_r630_01 "pct exec $vmid -- ip -4 addr show eth0 \| grep -oP '(?<=inet\s)\d+(\.\d+){3}'" 2>/dev/null \|\| echo ""`
			`}`

			`# Create Sankofa container`
			`create_sankofa_container() {`
			`local vmid=$1`
			`local hostname=$2`
			`local ip_address=$3`
			`local memory=$4`
			`local cores=$5`
			`local disk=$6`
			`local service_type=$7`

			`log_info "Creating Sankofa $service_type: $hostname (VMID: $vmid, IP: $ip_address)"`

			`if container_exists "$vmid"; then`
			`log_warn "Container $vmid ($hostname) already exists, skipping creation"`
			`return 0`
			`fi`

			`# Network configuration - use static IP for VLAN 160`
			`# Note: For unprivileged containers, VLAN tagging may need bridge configuration`
			`local network_config="bridge=vmbr0,name=eth0,ip=${ip_address}/22,gw=${SANKOFA_GATEWAY},type=veth"`

			`log_info "Creating container $vmid on $PROXMOX_NODE..."`
			`ssh_r630_01 "pct create $vmid \`
			`$CONTAINER_OS_TEMPLATE \`
			`--storage $PROXMOX_STORAGE \`
			`--hostname $hostname \`
			`--memory $memory \`
			`--cores $cores \`
			`--rootfs $PROXMOX_STORAGE:$disk \`
			`--net0 '$network_config' \`
			`--unprivileged 1 \`
			`--swap 512 \`
			`--onboot 1 \`
			`--timezone America/Los_Angeles \`
			`--features nesting=1,keyctl=1" 2>&1`

			`if container_exists "$vmid"; then`
			`log_success "Container $vmid created successfully"`

			`# Start container`
			`log_info "Starting container $vmid..."`
			`ssh_r630_01 "pct start $vmid" 2>&1 \|\| true`

			`# Wait for container to be ready`
			`log_info "Waiting for container to be ready..."`
			`sleep 10`

			`# Basic setup`
			`log_info "Configuring container $vmid..."`
			`ssh_r630_01 "pct exec $vmid -- bash -c 'export DEBIAN_FRONTEND=noninteractive; apt-get update -qq && apt-get install -y -qq curl wget git build-essential sudo'" 2>&1 \| grep -vE "(perl: warning\|locale:)" \|\| true`

			`log_success "Sankofa $service_type container $vmid ($hostname) deployed successfully"`
			`return 0`
			`else`
			`log_error "Failed to create container $vmid"`
			`return 1`
			`fi`
			`}`

			`# Main deployment`
			`main() {`
			`echo ""`
			`log_info "========================================="`
			`log_info "Sankofa Deployment to r630-01"`
			`log_info "========================================="`
			`echo ""`
			`log_info "Target Node: $PROXMOX_NODE ($PROXMOX_HOST)"`
			`log_info "Storage: $PROXMOX_STORAGE"`
			`log_info "VLAN: $SANKOFA_VLAN ($SANKOFA_SUBNET)"`
			`log_info "VMID Range: 7800-8999"`
			`echo ""`

			`# Check connectivity to r630-01`
			`log_info "Checking connectivity to $PROXMOX_NODE..."`
			`if ! ssh_r630_01 "pvecm status >/dev/null 2>&1"; then`
			`log_error "Cannot connect to $PROXMOX_NODE. Please check SSH access."`
			`exit 1`
			`fi`
			`log_success "Connected to $PROXMOX_NODE"`
			`echo ""`

			`# Check if containers already exist`
			`log_info "Checking existing Sankofa containers..."`
			`existing_containers=()`
			`if container_exists "$VMID_SANKOFA_POSTGRES"; then`
			`existing_containers+=("$VMID_SANKOFA_POSTGRES:sankofa-postgres-1")`
			`log_warn "Container $VMID_SANKOFA_POSTGRES (sankofa-postgres-1) already exists"`
			`fi`
			`if container_exists "$VMID_SANKOFA_API"; then`
			`existing_containers+=("$VMID_SANKOFA_API:sankofa-api-1")`
			`log_warn "Container $VMID_SANKOFA_API (sankofa-api-1) already exists"`
			`fi`
			`if container_exists "$VMID_SANKOFA_PORTAL"; then`
			`existing_containers+=("$VMID_SANKOFA_PORTAL:sankofa-portal-1")`
			`log_warn "Container $VMID_SANKOFA_PORTAL (sankofa-portal-1) already exists"`
			`fi`
			`if container_exists "$VMID_SANKOFA_KEYCLOAK"; then`
			`existing_containers+=("$VMID_SANKOFA_KEYCLOAK:sankofa-keycloak-1")`
			`log_warn "Container $VMID_SANKOFA_KEYCLOAK (sankofa-keycloak-1) already exists"`
			`fi`

			`if [[ ${#existing_containers[@]} -gt 0 ]]; then`
			`log_warn "Some Sankofa containers already exist:"`
			`for container in "${existing_containers[@]}"; do`
			`echo " - $container"`
			`done`
			`echo ""`
			`read -p "Continue with deployment? (y/N): " -n 1 -r`
			`echo`
			`if [[ ! $REPLY =~ ^[Yy]$ ]]; then`
			`log_info "Deployment cancelled"`
			`exit 0`
			`fi`
			`fi`
			`echo ""`

			`# Deploy PostgreSQL first (required by other services)`
			`log_info "Deploying PostgreSQL database..."`
			`create_sankofa_container \`
			`"$VMID_SANKOFA_POSTGRES" \`
			`"sankofa-postgres-1" \`
			`"$SANKOFA_POSTGRES_IP" \`
			`"$SANKOFA_POSTGRES_MEMORY" \`
			`"$SANKOFA_POSTGRES_CORES" \`
			`"$SANKOFA_POSTGRES_DISK" \`
			`"PostgreSQL"`
			`echo ""`

			`# Deploy Keycloak (required by API and Portal)`
			`log_info "Deploying Keycloak identity service..."`
			`create_sankofa_container \`
			`"$VMID_SANKOFA_KEYCLOAK" \`
			`"sankofa-keycloak-1" \`
			`"$SANKOFA_KEYCLOAK_IP" \`
			`"$SANKOFA_KEYCLOAK_MEMORY" \`
			`"$SANKOFA_KEYCLOAK_CORES" \`
			`"$SANKOFA_KEYCLOAK_DISK" \`
			`"Keycloak"`
			`echo ""`

			`# Deploy Sankofa API`
			`log_info "Deploying Sankofa API service..."`
			`create_sankofa_container \`
			`"$VMID_SANKOFA_API" \`
			`"sankofa-api-1" \`
			`"$SANKOFA_API_IP" \`
			`"$SANKOFA_API_MEMORY" \`
			`"$SANKOFA_API_CORES" \`
			`"$SANKOFA_API_DISK" \`
			`"API"`
			`echo ""`

			`# Deploy Sankofa Portal`
			`log_info "Deploying Sankofa Portal service..."`
			`create_sankofa_container \`
			`"$VMID_SANKOFA_PORTAL" \`
			`"sankofa-portal-1" \`
			`"$SANKOFA_PORTAL_IP" \`
			`"$SANKOFA_PORTAL_MEMORY" \`
			`"$SANKOFA_PORTAL_CORES" \`
			`"$SANKOFA_PORTAL_DISK" \`
			`"Portal"`
			`echo ""`

			`# Summary`
			`log_success "========================================="`
			`log_success "Sankofa Container Deployment Complete"`
			`log_success "========================================="`
			`echo ""`
			`log_info "Deployed containers on $PROXMOX_NODE:"`
			`echo " - VMID $VMID_SANKOFA_POSTGRES: sankofa-postgres-1 ($SANKOFA_POSTGRES_IP)"`
			`echo " - VMID $VMID_SANKOFA_KEYCLOAK: sankofa-keycloak-1 ($SANKOFA_KEYCLOAK_IP)"`
			`echo " - VMID $VMID_SANKOFA_API: sankofa-api-1 ($SANKOFA_API_IP)"`
			`echo " - VMID $VMID_SANKOFA_PORTAL: sankofa-portal-1 ($SANKOFA_PORTAL_IP)"`
			`echo ""`
			`log_info "Next steps:"`
			`echo " 1. Run: ./scripts/setup-postgresql-r630-01.sh"`
			`echo " 2. Run: ./scripts/setup-keycloak-r630-01.sh"`
			`echo " 3. Run: ./scripts/deploy-api-r630-01.sh"`
			`echo " 4. Run: ./scripts/deploy-portal-r630-01.sh"`
			`echo " 5. Configure networking and firewall rules"`
			`echo " 6. Set up Cloudflare tunnels for external access"`
			`echo ""`
			`}`

			`# Run main function`
			`main "$@"`