diff --git a/README.md b/README.md index 299efbe..7f7ae80 100644 --- a/README.md +++ b/README.md @@ -33,9 +33,9 @@ This will: ### Manual Setup -1. **Clone the repository** (if not already done): +1. **Clone the repository** (if not already done). Canonical source is **Gitea** (use Gitea for clone and internal repo references; public references such as GRU Monetary Policy and token lists remain on GitHub where applicable): ```bash - git clone + git clone https://gitea.d-bis.org/d-bis/proxmox.git cd proxmox ``` diff --git a/docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md b/docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md new file mode 100644 index 0000000..abd1304 --- /dev/null +++ b/docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md @@ -0,0 +1,159 @@ +# Sankofa Studio (FusionAI Creator) — Proxmox Deployment + +**Last Updated:** 2026-02-28 +**Status:** Active +**White-label URL:** [https://studio.sankofa.nexus](https://studio.sankofa.nexus) + +--- + +## Overview + +**Sankofa Studio** is the white-label SaaS offering of **FusionAI Creator** (multi-modal AI creative production: audio, image, video, UE5 export). It is deployed as a single Proxmox LXC (VMID **7805**) running the full stack via Docker Compose: API (port 8000), worker, Redis, and optional backend services (audio, image, video, UE5 export). The Studio UI is served at `/studio/` and the Phoenix Marketplace landing at `/marketplace/landing.html` on the same API origin. + +| Item | Value | +|------|--------| +| **VMID** | 7805 (Sankofa/Phoenix range 7800–8999) | +| **Hostname** | sankofa-studio | +| **IP** | 192.168.11.72 (`IP_SANKOFA_STUDIO` in `config/ip-addresses.conf`; .55 is VMID 10230 order-vault) | +| **Node** | Default: r630-01 (override with `NODE`) | +| **Public URL** | https://studio.sankofa.nexus | + +--- + +## Architecture + +- **Single LXC** runs Docker and the FusionAI Creator stack (orchestrator API, worker, Redis, audio/image/video/ue5_export services). +- **API** listens on `0.0.0.0:8000`; NPMplus proxies `studio.sankofa.nexus` → `http://192.168.11.72:8000`. +- **Studio UI** at `https://studio.sankofa.nexus/studio/`; **Marketplace landing** at `https://studio.sankofa.nexus/marketplace/landing.html`. + +For scaled-out deployment (separate VMs per service), see FusionAI Creator [service-topology](https://gitea.d-bis.org/d-bis/FusionAI-Creator/src/branch/main/docs/specs/service-topology.md) and optional runbook updates. + +--- + +## Prerequisites + +- Proxmox host with LXC support; Ubuntu 22.04 template: `local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.zst`. +- Git and network access from the container for clone (or copy repo into container via `REPO_PATH` on the Proxmox host). +- NPMplus (VMID 10233) and Cloudflare DNS/tunnel as per [E2E_CLOUDFLARE_DOMAINS_RUNBOOK.md](../05-network/E2E_CLOUDFLARE_DOMAINS_RUNBOOK.md). + +--- + +## Deploy (create LXC + Docker + app) + +The script uses `pct` (Proxmox Container Toolkit), which exists only on Proxmox nodes. Either run it **on** a Proxmox host or set **PROXMOX_HOST** so the script SSHs there to run `pct`. + +From the **proxmox** repo root: + +```bash +source config/ip-addresses.conf 2>/dev/null || true + +# From another machine: SSH to Proxmox to run pct (use your Proxmox node IP, e.g. 192.168.11.11 or 192.168.11.12) +PROXMOX_HOST=192.168.11.11 REPO_URL=https://gitea.d-bis.org/d-bis/FusionAI-Creator.git ./scripts/deployment/deploy-sankofa-studio-lxc.sh + +# Or from the Proxmox host itself (e.g. after cloning the repo or copying the script): +REPO_URL=https://gitea.d-bis.org/d-bis/FusionAI-Creator.git ./scripts/deployment/deploy-sankofa-studio-lxc.sh + +# With production .env (secrets, API keys, backends) +REPO_URL=https://gitea.d-bis.org/d-bis/FusionAI-Creator.git \ + ENV_FILE=/path/to/fusionai-production.env \ + ./scripts/deployment/deploy-sankofa-studio-lxc.sh + +# From another host via SSH to Proxmox +PROXMOX_HOST=192.168.11.11 REPO_URL=https://gitea.d-bis.org/d-bis/FusionAI-Creator.git \ + ./scripts/deployment/deploy-sankofa-studio-lxc.sh +``` + +- **--dry-run:** Print what would be done; no create or install. +- **--skip-create:** Assume container 7805 already exists; only install Docker (if missing), clone/copy app, and run `docker compose up -d`. + +### Env overrides + +| Variable | Default | Description | +|----------|---------|-------------| +| VMID | 7805 | Container ID | +| HOSTNAME | sankofa-studio | Container hostname | +| IP_SANKOFA_STUDIO | 192.168.11.72 | Static IP (avoid .55: used by VMID 10230 order-vault) | +| PROXMOX_HOST | (none) | SSH here to run `pct` | +| NODE | (none) | Proxmox node for `pct --node` | +| REPO_URL | (none) | Git URL to clone (preferred for remote deploy) | +| REPO_PATH | (none) | Local path to copy into container (must be on Proxmox host when PROXMOX_HOST is set) | +| ENV_FILE | (none) | Path to `.env` for FusionAI (API key, Redis, service URLs, TTS/image backends) | +| MEMORY_MB | 8192 | RAM | +| CORES | 4 | CPU cores | +| DISK_GB | 60 | Root disk | +| APP_DIR | /srv/fusionai-creator | Path inside container for the app | + +--- + +## NPMplus proxy (studio.sankofa.nexus) + +1. In NPMplus (https://192.168.11.167 or your NPMplus URL), add **Proxy Host**: + - **Domain:** `studio.sankofa.nexus` + - **Scheme:** HTTP + - **Forward hostname / IP:** `192.168.11.72` + - **Forward port:** `8000` +2. Request **SSL certificate** (Let's Encrypt or Cloudflare Origin) and enable **Force SSL**. + +--- + +## Cloudflare DNS and tunnel (E2E) + +1. **DNS:** In Cloudflare (zone `sankofa.nexus`), add **CNAME** `studio` → `.cfargotunnel.com` (Proxied), or **A** `studio` → `76.53.10.36` if using direct port forward. +2. **Tunnel (if used):** In Cloudflare Zero Trust → Networks → Tunnels, add **Public Hostname:** `studio.sankofa.nexus` → **URL** `https://192.168.11.167:443` (or your NPMplus origin; No TLS Verify if backend is HTTP). +3. **E2E check:** Run [verify-end-to-end-routing.sh](../05-network/E2E_CLOUDFLARE_DOMAINS_RUNBOOK.md) and ensure `studio.sankofa.nexus` passes DNS, SSL, and HTTPS (e.g. 200 on `/health` or `/studio/`). + +--- + +## Production .env + +Use the template [sankofa-studio.env.example](sankofa-studio.env.example) in this directory. Set in `.env` (or `ENV_FILE` when deploying): + +- `FUSIONAI_ARTIFACT_ROOT` — persistent path for artifacts (e.g. `/data/artifacts`; mount volume in compose). +- `FUSIONAI_REDIS_URL` — `redis://redis:6379/0` (compose service name). +- `FUSIONAI_API_URL` — `http://api:8000` or public URL for webhooks. +- Service URLs (inside compose): `FUSIONAI_AUDIO_SERVICE_URL=http://audio:8001`, etc. +- Optional: `FUSIONAI_API_KEY`, `FUSIONAI_TTS_BACKEND`, `FUSIONAI_IMAGE_BACKEND`, and keys (ElevenLabs, OpenAI, Replicate) per [FusionAI Creator .env.example](https://gitea.d-bis.org/d-bis/FusionAI-Creator/src/branch/main/.env.example). + +--- + +## Updating the app + +```bash +# From Proxmox host +pct exec 7805 -- bash -c 'cd /srv/fusionai-creator && git pull && docker compose up -d --build' +``` + +Or SSH into the container and run the same. + +--- + +## Health and verification + +- **Health:** `curl -s http://192.168.11.72:8000/health` +- **Studio UI:** https://studio.sankofa.nexus/studio/ +- **Marketplace landing:** https://studio.sankofa.nexus/marketplace/landing.html + +--- + +## VMID / IP reference + +See [ALL_VMIDS_ENDPOINTS.md](../04-configuration/ALL_VMIDS_ENDPOINTS.md) for 7805 and the Sankofa Phoenix table. See [RPC_ENDPOINTS_MASTER.md](../04-configuration/RPC_ENDPOINTS_MASTER.md) for edge/NPMplus context. + +--- + +## E2E flow + +For the full sequence (deploy → NPMplus → Cloudflare → verify), see **[SANKOFA_STUDIO_E2E_FLOW.md](SANKOFA_STUDIO_E2E_FLOW.md)**. Run: + +```bash +./scripts/deployment/run-sankofa-studio-e2e.sh +``` + +With `REPO_URL` set, the script deploys then prints NPMplus and Cloudflare steps. + +--- + +## Related + +- FusionAI Creator: [README](https://gitea.d-bis.org/d-bis/FusionAI-Creator), [RUNBOOK](https://gitea.d-bis.org/d-bis/FusionAI-Creator/src/branch/main/docs/RUNBOOK.md), [Sankofa Studio doc](https://gitea.d-bis.org/d-bis/FusionAI-Creator/src/branch/main/docs/sankofa-studio.md), [service-topology](https://gitea.d-bis.org/d-bis/FusionAI-Creator/src/branch/main/docs/specs/service-topology.md). +- Proxmox: [VMID_ALLOCATION_FINAL.md](../02-architecture/VMID_ALLOCATION_FINAL.md) (7800–8999 Sankofa/Phoenix), [DAPP_LXC_DEPLOYMENT.md](DAPP_LXC_DEPLOYMENT.md) (pattern for LXC deploy). diff --git a/docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md b/docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md new file mode 100644 index 0000000..deea25b --- /dev/null +++ b/docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md @@ -0,0 +1,145 @@ +# Sankofa Studio — E2E Flow (studio.sankofa.nexus → 192.168.11.72:8000) + +**Last Updated:** 2026-02-28 +**Purpose:** Execute the full E2E flow for Sankofa Studio (FusionAI Creator) at https://studio.sankofa.nexus. + +--- + +## Summary + +| Step | Action | Where | +|------|--------|--------| +| 1 | Deploy LXC 7805 + Docker + FusionAI Creator | Proxmox host or via SSH | +| 2 | Add NPMplus proxy: studio.sankofa.nexus → 192.168.11.72:8000 | NPMplus UI (192.168.11.167) | +| 3 | Add Cloudflare DNS (and tunnel if used) | Cloudflare dashboard | +| 4 | Verify health and E2E routing | From repo or LAN | + +--- + +## Step 1: Deploy LXC and app + +From the **proxmox** repo root (or from a host that can SSH to Proxmox): + +```bash +cd /home/intlc/projects/proxmox +source config/ip-addresses.conf 2>/dev/null || true + +# Option A: Deploy with Git clone (set your FusionAI-Creator repo URL) +export REPO_URL="https://gitea.d-bis.org/d-bis/FusionAI-Creator.git" +# Optional: production .env +# export ENV_FILE="/path/to/fusionai-production.env" + +# From Proxmox host: +./scripts/deployment/deploy-sankofa-studio-lxc.sh + +# Option B: From another machine via SSH to Proxmox +export PROXMOX_HOST=192.168.11.11 +./scripts/deployment/deploy-sankofa-studio-lxc.sh +``` + +- Use `--dry-run` to print commands only. +- Use `--skip-create` if container 7805 already exists (only install/deploy app). + +After deploy, confirm the API is up: + +```bash +curl -s http://192.168.11.72:8000/health +``` + +--- + +## Step 2: NPMplus proxy + +**Automated (from repo root, requires NPM_PASSWORD in .env):** + +```bash +cd /home/intlc/projects/proxmox +bash scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh +``` + +Then request SSL for the host (one of the hosts without a cert): + +```bash +FIRST_ONLY=1 bash scripts/request-npmplus-certificates.sh +# Or run without FIRST_ONLY to request for all hosts missing certs +``` + +**Manual:** In **NPMplus** (https://192.168.11.167 or your NPMplus URL): + +1. Add **Proxy Host** + - **Domain names:** `studio.sankofa.nexus` + - **Scheme:** HTTP + - **Forward hostname / IP:** `192.168.11.72` + - **Forward port:** `8000` +2. **SSL:** Request certificate (Let's Encrypt or Cloudflare Origin), enable **Force SSL**. + +--- + +## Step 3: Cloudflare DNS and tunnel + +**Automated (from repo root, requires CLOUDFLARE_API_TOKEN and CLOUDFLARE_ZONE_ID_SANKOFA_NEXUS in .env):** + +```bash +cd /home/intlc/projects/proxmox +bash scripts/cloudflare/add-studio-sankofa-dns.sh +``` + +This creates/updates **A** `studio.sankofa.nexus` → `76.53.10.36` (or `PUBLIC_IP` from .env). + +**Manual DNS (zone `sankofa.nexus`):** + +- **CNAME** `studio` → `.cfargotunnel.com` (Proxied), **or** +- **A** `studio` → `76.53.10.36` (if using direct port forward to NPMplus). + +**Tunnel (if using Cloudflare Tunnel):** + +- In Zero Trust → Networks → Tunnels → your tunnel → Public Hostname: + - **Subdomain:** `studio` (or full hostname `studio.sankofa.nexus`) + - **URL:** `https://192.168.11.167:443` (NPMplus); **No TLS Verify** if backend is HTTP. + +--- + +## Step 4: Verify E2E + +**Health (from LAN or Proxmox):** + +```bash +curl -s http://192.168.11.72:8000/health +curl -s http://192.168.11.72:8000/studio/ -o /dev/null -w "%{http_code}\n" +``` + +**Full E2E routing (includes studio.sankofa.nexus):** + +```bash +cd /home/intlc/projects/proxmox +bash scripts/verify/verify-end-to-end-routing.sh +``` + +- Report: `docs/04-configuration/verification-evidence/e2e-verification-/verification_report.md` +- Optional: `ACCEPT_ANY_DNS=1` if DNS points to Fastly or other edge. + +**Browser:** + +- Studio UI: https://studio.sankofa.nexus/studio/ +- Marketplace landing: https://studio.sankofa.nexus/marketplace/landing.html + +--- + +## One-liner (deploy + next steps) + +```bash +cd /home/intlc/projects/proxmox && \ + source config/ip-addresses.conf 2>/dev/null || true && \ + REPO_URL="${REPO_URL:-https://gitea.d-bis.org/d-bis/FusionAI-Creator.git}" \ + ./scripts/deployment/run-sankofa-studio-e2e.sh +``` + +If `REPO_URL` is set, the script runs the deploy then prints Step 2–4. If not set, it prints all steps. + +--- + +## Reference + +- Full runbook: [SANKOFA_STUDIO_DEPLOYMENT.md](SANKOFA_STUDIO_DEPLOYMENT.md) +- VMID 7805, IP 192.168.11.72: [ALL_VMIDS_ENDPOINTS.md](../04-configuration/ALL_VMIDS_ENDPOINTS.md) +- E2E runbook: [E2E_CLOUDFLARE_DOMAINS_RUNBOOK.md](../05-network/E2E_CLOUDFLARE_DOMAINS_RUNBOOK.md) diff --git a/docs/04-configuration/pr-ready/trust-wallet-registry-chain138.json b/docs/04-configuration/pr-ready/trust-wallet-registry-chain138.json new file mode 100644 index 0000000..b12fd57 --- /dev/null +++ b/docs/04-configuration/pr-ready/trust-wallet-registry-chain138.json @@ -0,0 +1,28 @@ +{ + "id": "dfiometa", + "name": "Defi Oracle Meta Mainnet", + "coinId": 10000138, + "symbol": "ETH", + "decimals": 18, + "blockchain": "Ethereum", + "derivation": [ + { "path": "m/44'/60'/0'/0/0" } + ], + "curve": "secp256k1", + "publicKeyType": "secp256k1Extended", + "chainId": "138", + "addressHasher": "keccak256", + "explorer": { + "url": "https://explorer.d-bis.org", + "txPath": "/tx/", + "accountPath": "/address/", + "sampleTx": "0xbc36c6050ea6b6f484009a1fcd8f8c6c2c2bd629661bc75fa5e84829c662a604", + "sampleAccount": "0x4A666F96fC8764181194447A7dFdb7d471b301C8" + }, + "info": { + "url": "https://d-bis.org", + "source": "https://gitea.d-bis.org/d-bis", + "rpc": "https://rpc-http-pub.d-bis.org", + "documentation": "https://d-bis.org" + } +} diff --git a/docs/11-references/TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md b/docs/11-references/TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md new file mode 100644 index 0000000..0c3f31b --- /dev/null +++ b/docs/11-references/TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md @@ -0,0 +1,126 @@ +# Token Contract Deployments — Remaining + +**Last Updated:** 2026-02-28 +**Purpose:** Single list of all **remaining** token-related contract deployments (by category and chain). +**Related:** [TOKEN_CATEGORIES_CANONICAL](TOKEN_CATEGORIES_CANONICAL.md), [DEPLOYED_COINS_TOKENS_AND_NETWORKS](DEPLOYED_COINS_TOKENS_AND_NETWORKS.md), [CONTRACT_DEPLOYMENT_RUNBOOK](../03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md). + +--- + +## Summary + +| Category | Chain(s) | Status | Script / notes | +|----------|----------|--------|----------------| +| **1. Canonical 138 Compliant (extra)** | 138 | Not deployed | DeployCompliantFiatTokens.s.sol | +| **2. ALL Mainnet (Alltra)** | 651940 | ACADT not deployed | No script in repo; TBD | +| **3. Compliant Wrapped (cW\*)** | 1, 56, 137, 10, 42161, etc. | Not deployed | Bridge + pool-matrix per chain | +| **4. D-WIN W on 138 / 651940** | 138, 651940 | Optional | DeployISO4217WSystem or extend | +| **5. Vault ac\* / vdc\* / sdc\*** | 138 | After base tokens | DeployAcVdcSdcVaults (extend for new base) | +| **6. cAUSDT** | 138 | Not deployed | Env / bridge when Alltra compliant token defined | + +--- + +## 1. Canonical 138 Compliant — Remaining + +Tokens in **Category 1** that do not yet have deployed addresses on Chain 138 (WETH, WETH10, LINK, cUSDT, cUSDC are already deployed). + +### 1.1 DeployCompliantFiatTokens (CREATE2) + +**Script:** `smom-dbis-138/script/deploy/DeployCompliantFiatTokens.s.sol` + +**Tokens deployed by script:** cEURC, cEURT, cGBPC, cGBPT, cAUDC, cJPYC, cCHFC, cCADC, cXAUC, cXAUT. + +**Prerequisite:** `CREATE2_FACTORY_ADDRESS` (e.g. from DeployDeterministicCore). + +**Command (example):** +```bash +cd smom-dbis-138 +source .env +forge script script/deploy/DeployCompliantFiatTokens.s.sol:DeployCompliantFiatTokens \ + --rpc-url $RPC_URL_138 --broadcast --private-key $PRIVATE_KEY --with-gas-price 1000000000 +``` + +**After deploy:** Update [CHAIN138_TOKEN_ADDRESSES](CHAIN138_TOKEN_ADDRESSES.md) and env (e.g. `cEURC_ADDRESS_138`, `cEURT_ADDRESS_138`, …). Update token-aggregation `canonical-tokens.ts` FALLBACK_ADDRESSES or env if used. + +### 1.2 Optional: cCADT (Tether-style CAD) + +**Naming:** Category 1 uses **cCADT** (Tether CAD) and **cCADC** (Coin CAD). The current script deploys only **cCADC**. To deploy **cCADT** as well, add a line to `DeployCompliantFiatTokens.s.sol` (e.g. `_deploy(..., "cCADT", "Tether CAD (Compliant)", "CAD");`) and run the script again. + +### 1.3 cAUSDT (Compliant Alltra/USD T) + +**Status:** No deployment script in repo. Referenced in [TOKEN_CATEGORIES_CANONICAL](TOKEN_CATEGORIES_CANONICAL.md) and ISO4217/tests. Deploy or configure via env when the Alltra/bridge compliant USD token is defined. + +--- + +## 2. ALL Mainnet (Alltra) — Remaining + +**Chain:** 651940 (ALL Mainnet). + +| Token | Description | Status | +|-------|-------------|--------| +| **ACADT** | Alltra CAD (Tether-style) | Not deployed; no script in repo. Address TBD when Alltra ecosystem adds CAD token. | +| **ACADC** | Alltra CAD (Coin-style) | Optional; same as above. | + +AUSDT, USDT, USDC, WETH, WALL are already deployed on 651940. See [DEPLOYED_COINS_TOKENS_AND_NETWORKS](DEPLOYED_COINS_TOKENS_AND_NETWORKS.md) § Chain 651940. + +--- + +## 3. Compliant Wrapped (cW*) — Remaining + +**Chains:** Ethereum (1), BSC (56), Polygon (137), Optimism (10), Arbitrum (42161), Base (8453), Avalanche (43114), etc. + +**Tokens:** cWUSDT, cWUSDC, cWEURT, cWEURC, cWGBPT, cWGBPC, cWAUDT, cWAUDC, cWJPYT, cWJPYC, cWCHFT, cWCHFC, **cWCADT**, **cWCADC**, cWUSDW, cWEURW, cWGBPW, cWAUDW, cWJPYW, cWCHFW, **cWCADW**. + +**Status:** No addresses in deployment-status; deployment from this repo not yet done. When a deployment path exists (bridge + factory or DODO): + +1. Deploy or bridge cW* tokens per chain. +2. Create and fund PMM edge pools per [cross-chain-pmm-lps](https://gitea.d-bis.org/d-bis/cross-chain-pmm-lps) pool-matrix and [LIQUIDITY_POOLS_MASTER_MAP](LIQUIDITY_POOLS_MASTER_MAP.md). + +**References:** [UNDEPLOYED_CONTRACTS_PRE_DEPLOYMENT_TASKS](../03-deployment/UNDEPLOYED_CONTRACTS_PRE_DEPLOYMENT_TASKS.md) § 4.5, [DEPLOYMENT_ORDER_OF_OPERATIONS](../03-deployment/DEPLOYMENT_ORDER_OF_OPERATIONS.md) § 5.2. + +--- + +## 4. D-WIN W Tokens — Remaining (optional) + +**Already deployed:** USDW, EURW, GBPW, AUDW, JPYW, CHFW, CADW on **Cronos (25)**. See [DEPLOYED_COINS_TOKENS_AND_NETWORKS](DEPLOYED_COINS_TOKENS_AND_NETWORKS.md) § Chain 25. + +**Remaining (optional):** + +| Chain | Tokens | Script / notes | +|-------|--------|----------------| +| **138** | USDW, EURW, GBPW, AUDW, JPYW, CHFW, CADW | DeployISO4217WSystem or extend; optional for Chain 138. | +| **651940** | Same | Optional; same script or Alltra-specific deployment. | + +**Script:** `smom-dbis-138/script/deploy/iso4217w/DeployISO4217WSystem.s.sol` (Cronos deployment done; 138/651940 are optional). + +--- + +## 5. Vault ac* / vdc* / sdc* — Remaining + +**Chain:** 138 (and optionally 651940). + +**Script:** `smom-dbis-138/script/deploy/vault/DeployAcVdcSdcVaults.s.sol` + +**Current scope:** Creates vaults for **acUSDC**, **acUSDT** (and corresponding vdc/sdc). Run after DeployVaultSystem and when cUSDC/cUSDT addresses are set. + +**Remaining:** After deploying **DeployCompliantFiatTokens** (cEURC, cEURT, cGBPC, cGBPT, cAUDC, cJPYC, cCHFC, cCADC, cXAUC, cXAUT), extend DeployAcVdcSdcVaults (or add a new script) to create ac*/vdc*/sdc* for each new base token. See [CONTRACT_DEPLOYMENT_RUNBOOK](../03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md) § Vault ac* / vdc* / sdc*. + +--- + +## 6. Naming reference (CAD and Alltra) + +| Symbol | Meaning | D-WIN | Wrapped (cW*) | Alltra | +|--------|---------|-------|---------------|--------| +| **cCADT** | Compliant Tether CAD | — | cWCADT | — | +| **cCADC** | Compliant Canadian Dollar (Coin) | — | cWCADC | — | +| **CADW** | D-WIN CAD W Token | ✅ Cronos | cWCADW | — | +| **ACADT** | Alltra CAD (Tether-style) | — | — | ✅ To deploy | + +--- + +## References + +- [TOKEN_CATEGORIES_CANONICAL](TOKEN_CATEGORIES_CANONICAL.md) — Category definitions and symbols +- [CHAIN138_TOKEN_ADDRESSES](CHAIN138_TOKEN_ADDRESSES.md) — Deployed tokens on 138 +- [CONTRACT_DEPLOYMENT_RUNBOOK](../03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md) — Env, gas price, order +- [CRONOS_FULL_DEPLOYMENT_TODO](../../smom-dbis-138/docs/deployment/CRONOS_FULL_DEPLOYMENT_TODO.md) — Token factories and scripts +- [MULTI_CHAIN_EXECUTION_DETERMINISTIC_DEPLOYMENT](../runbooks/MULTI_CHAIN_EXECUTION_DETERMINISTIC_DEPLOYMENT.md) — CREATE2 and DeployCompliantFiatTokens diff --git a/scripts/deployment/deploy-sankofa-studio-lxc.sh b/scripts/deployment/deploy-sankofa-studio-lxc.sh new file mode 100755 index 0000000..fb96e73 --- /dev/null +++ b/scripts/deployment/deploy-sankofa-studio-lxc.sh @@ -0,0 +1,156 @@ +#!/usr/bin/env bash +# Create LXC 7805 (sankofa-studio): FusionAI Creator stack (API + worker + services) for Sankofa Studio at https://studio.sankofa.nexus +# Usage: ./scripts/deployment/deploy-sankofa-studio-lxc.sh [--dry-run] [--skip-create] +# --dry-run Print commands only. +# --skip-create Use existing container 7805 (only install Docker / compose / deploy app). +# Env: PROXMOX_HOST, NODE, VMID, HOSTNAME, IP_SANKOFA_STUDIO, REPO_URL or REPO_PATH, ENV_FILE. +# See: docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md + +set -euo pipefail + +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +PROXMOX_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" +IP_CONFIG_PATH="${IP_CONFIG_PATH:-}" +if [[ -n "$IP_CONFIG_PATH" && -f "$IP_CONFIG_PATH" ]]; then + source "$IP_CONFIG_PATH" 2>/dev/null || true +elif [[ -f "$PROXMOX_ROOT/config/ip-addresses.conf" ]]; then + source "$PROXMOX_ROOT/config/ip-addresses.conf" 2>/dev/null || true +elif [[ -f "$SCRIPT_DIR/../../config/ip-addresses.conf" ]]; then + source "$SCRIPT_DIR/../../config/ip-addresses.conf" 2>/dev/null || true +fi + +VMID="${VMID:-${SANKOFA_STUDIO_VMID:-7805}}" +HOSTNAME="${HOSTNAME:-sankofa-studio}" +IP="${IP_SANKOFA_STUDIO:-192.168.11.72}" +GATEWAY="${NETWORK_GATEWAY:-192.168.11.1}" +NETWORK="${NETWORK:-vmbr0}" +STORAGE="${STORAGE:-local-lvm}" +TEMPLATE="${TEMPLATE:-local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.zst}" +MEMORY_MB="${MEMORY_MB:-8192}" +CORES="${CORES:-4}" +DISK_GB="${DISK_GB:-60}" +REPO_URL="${REPO_URL:-}" +REPO_PATH="${REPO_PATH:-}" +ENV_FILE="${ENV_FILE:-}" +APP_DIR="${APP_DIR:-/srv/fusionai-creator}" + +PROXMOX_HOST="${PROXMOX_HOST:-}" +NODE="${NODE:-}" +SSH_OPTS="-o ConnectTimeout=15 -o StrictHostKeyChecking=accept-new" + +DRY_RUN=false +SKIP_CREATE=false +for a in "$@"; do + [[ "$a" == "--dry-run" ]] && DRY_RUN=true + [[ "$a" == "--skip-create" ]] && SKIP_CREATE=true +done + +run_cmd() { + if [[ -n "$PROXMOX_HOST" ]]; then + ssh $SSH_OPTS root@"$PROXMOX_HOST" "$@" + else + bash -c "$*" + fi +} + +run_pct() { + local node_opt="" + [[ -n "$NODE" && -z "$PROXMOX_HOST" ]] && node_opt="--node $NODE" + if [[ -n "$PROXMOX_HOST" ]]; then + ssh $SSH_OPTS root@"$PROXMOX_HOST" "pct $node_opt $*" + else + pct $node_opt "$@" + fi +} + +pct_exec() { + run_pct "exec $VMID -- $*" +} + +echo "=== Sankofa Studio LXC ($VMID) — $HOSTNAME ===" +echo "URL: https://studio.sankofa.nexus → http://${IP}:8000" +echo "IP: $IP | Memory: ${MEMORY_MB}MB | Cores: $CORES | Disk: ${DISK_GB}G" +echo "" + +# pct runs only on Proxmox hosts; from another machine set PROXMOX_HOST to SSH there +if ! $DRY_RUN && [[ -z "${PROXMOX_HOST:-}" ]] && ! command -v pct &>/dev/null; then + echo "ERROR: 'pct' not found. This script must run on a Proxmox host or with PROXMOX_HOST set." + echo "" + echo "From your current machine, run:" + echo " PROXMOX_HOST=192.168.11.11 REPO_URL='https://gitea.d-bis.org/d-bis/FusionAI-Creator.git' $0" + echo "" + echo "Or SSH to the Proxmox host and run the script there (with REPO_URL set)." + exit 1 +fi + +if ! $SKIP_CREATE; then + if $DRY_RUN; then + echo "[DRY-RUN] Would create LXC $VMID with hostname=$HOSTNAME, ip=$IP/24 (Docker + FusionAI Creator)" + exit 0 + fi + + if run_pct list 2>/dev/null | grep -q " $VMID "; then + echo "Container $VMID already exists. Use --skip-create to only install/deploy app." + exit 0 + fi + + echo "Creating CT $VMID ($HOSTNAME)..." + node_opt="" + [[ -n "$NODE" && -z "$PROXMOX_HOST" ]] && node_opt="--node $NODE" + run_cmd "pct create $VMID $TEMPLATE \ + --hostname $HOSTNAME \ + --memory $MEMORY_MB \ + --cores $CORES \ + --rootfs $STORAGE:${DISK_GB} \ + --net0 name=eth0,bridge=$NETWORK,ip=$IP/24,gw=$GATEWAY \ + --nameserver ${DNS_PRIMARY:-1.1.1.1} \ + --description 'Sankofa Studio (FusionAI Creator) - studio.sankofa.nexus. See docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md' \ + --start 1 \ + --onboot 1 \ + --unprivileged 0 \ + --features nesting=1 \ + $node_opt" + + echo "Waiting for container to boot..." + sleep 25 +fi + +if $DRY_RUN; then + echo "[DRY-RUN] Would install Docker, clone/copy app, set .env, docker-compose up -d" + exit 0 +fi + +echo "Installing Docker and Docker Compose..." +pct_exec "bash -c 'export DEBIAN_FRONTEND=noninteractive && apt-get update -qq && apt-get install -y -qq ca-certificates curl gnupg'" +# Docker repo: source os-release in same shell so \$ID and \$VERSION_CODENAME are set +pct_exec "bash -c 'source /etc/os-release; install -m 0755 -d /etc/apt/keyrings; curl -fsSL \"https://download.docker.com/linux/\$ID/gpg\" | gpg --batch --dearmor -o /etc/apt/keyrings/docker.gpg; chmod a+r /etc/apt/keyrings/docker.gpg'" +pct_exec "bash -c 'source /etc/os-release; echo \"deb [arch=\$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/\$ID \$VERSION_CODENAME stable\" | tee /etc/apt/sources.list.d/docker.list > /dev/null'" +pct_exec "bash -c 'apt-get update -qq && apt-get install -y -qq docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin git'" +pct_exec "systemctl enable docker && systemctl start docker" + +if [[ -z "$REPO_URL" && -z "$REPO_PATH" ]]; then + echo "REPO_URL or REPO_PATH not set. Skipping clone/copy. Create $APP_DIR and add docker-compose + .env manually, then run: docker compose -f $APP_DIR/docker-compose.yml up -d" + exit 0 +fi + +pct_exec "mkdir -p $(dirname "$APP_DIR")" +if [[ -n "$REPO_PATH" && -d "$REPO_PATH" ]]; then + echo "Copying repo from $REPO_PATH into container..." + run_pct "push $VMID $REPO_PATH $APP_DIR" +elif [[ -n "$REPO_URL" ]]; then + echo "Cloning $REPO_URL into container..." + pct_exec "bash -c 'git clone --depth 1 \"$REPO_URL\" \"$APP_DIR\"'" +fi + +if [[ -n "$ENV_FILE" && -f "$ENV_FILE" ]]; then + echo "Pushing .env from $ENV_FILE..." + run_pct "push $VMID $ENV_FILE $APP_DIR/.env" +fi + +echo "Starting FusionAI Creator stack (docker compose up -d)..." +pct_exec "bash -c 'cd \"$APP_DIR\" && docker compose up -d'" + +echo "" +echo "Done. Verify: curl -s http://${IP}:8000/health" +echo "Studio UI: http://${IP}:8000/studio/" +echo "Configure NPMplus: studio.sankofa.nexus -> http://${IP}:8000 (see SANKOFA_STUDIO_DEPLOYMENT.md)" diff --git a/scripts/deployment/run-sankofa-studio-e2e.sh b/scripts/deployment/run-sankofa-studio-e2e.sh new file mode 100755 index 0000000..528c607 --- /dev/null +++ b/scripts/deployment/run-sankofa-studio-e2e.sh @@ -0,0 +1,60 @@ +#!/usr/bin/env bash +# Run Sankofa Studio E2E: deploy (when REPO_URL set) then print NPMplus, Cloudflare, and verify steps. +# Usage: ./scripts/deployment/run-sankofa-studio-e2e.sh [--dry-run] +# Env: REPO_URL (optional), ENV_FILE (optional), PROXMOX_HOST (optional). +# See: docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md + +set -euo pipefail + +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +PROXMOX_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" +cd "$PROXMOX_ROOT" + +source config/ip-addresses.conf 2>/dev/null || true + +IP="${IP_SANKOFA_STUDIO:-192.168.11.72}" +VMID="${SANKOFA_STUDIO_VMID:-7805}" +DRY_RUN=false +[[ "${1:-}" == "--dry-run" ]] && DRY_RUN=true + +echo "" +echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" +echo " Sankofa Studio E2E — studio.sankofa.nexus → ${IP}:8000" +echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" +echo "" + +if [[ -n "${REPO_URL:-}" ]]; then + echo "[Step 1] Deploying LXC ${VMID} and FusionAI Creator..." + if $DRY_RUN; then + ./scripts/deployment/deploy-sankofa-studio-lxc.sh --dry-run + else + ./scripts/deployment/deploy-sankofa-studio-lxc.sh + fi + echo "" +else + echo "[Step 1] Skipped (REPO_URL not set). To deploy:" + echo " export REPO_URL='https://gitea.d-bis.org/d-bis/FusionAI-Creator.git'" + echo " ./scripts/deployment/deploy-sankofa-studio-lxc.sh" + echo "" +fi + +echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" +echo " Next: NPMplus + Cloudflare + Verify" +echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" +echo "" +echo "2. NPMplus (https://192.168.11.167):" +echo " Add Proxy Host: studio.sankofa.nexus → http://${IP}:8000" +echo " Request SSL, enable Force SSL." +echo "" +echo "3. Cloudflare (zone sankofa.nexus):" +echo " Add CNAME studio → .cfargotunnel.com (Proxied)" +echo " OR A record studio → 76.53.10.36" +echo " If using tunnel: add Public Hostname studio.sankofa.nexus → https://192.168.11.167:443" +echo "" +echo "4. Verify:" +echo " curl -s http://${IP}:8000/health" +echo " bash scripts/verify/verify-end-to-end-routing.sh" +echo " https://studio.sankofa.nexus/studio/" +echo "" +echo "Full flow: docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md" +echo ""