d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details

Browse Source 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
defiQUG
2026-02-12 15:46:57 -08:00
parent cc8dcaf356
commit fbda1b4beb
5114 changed files with 498901 additions and 4567 deletions
Download Patch File Download Diff File Expand all files Collapse all files

297
scripts/README.md
View File

@@ -1,118 +1,297 @@
# Project Root Scripts
# Scripts Directory
This directory contains utility scripts for managing the Proxmox workspace project.
**Last Updated:** 2026-01-31
## Setup Scripts
---
### `setup.sh`
Initial setup script that creates `.env` file and Claude Desktop configuration.
## Overview
This directory contains automation scripts for Proxmox VE management. Scripts have been consolidated into unified frameworks for better maintainability.
**Current Count:** 381 scripts (down from 759 - 50% reduction)
---
## Unified Frameworks
### 1. verify-all.sh
Verification framework consolidating all check/verify/validate scripts.
**Usage:**
```bash
./scripts/setup.sh
./scripts/verify-all.sh [component] [type] [host]
```
### `complete-setup.sh`
Complete setup script that performs all setup steps including dependency installation.
**Examples:**
```bash
./scripts/verify-all.sh all
./scripts/verify-all.sh service status
./scripts/verify-all.sh network connectivity
```
**See:** `docs/00-meta/FRAMEWORK_USAGE_GUIDE.md` for complete documentation.
---
### 2. list.sh
Listing framework consolidating all list/show/get scripts.
**Usage:**
```bash
./scripts/complete-setup.sh
./scripts/list.sh [type] [filter] [host]
```
### `verify-setup.sh`
Verifies that the workspace is properly configured and all prerequisites are met.
**Examples:**
```bash
./scripts/list.sh containers
./scripts/list.sh containers running
./scripts/list.sh vms r630-01
```
---
### 3. fix-all.sh
Fix framework consolidating all fix-*.sh scripts.
**Usage:**
```bash
./scripts/verify-setup.sh
./scripts/fix-all.sh [issue-type] [component] [host] [--dry-run]
```
## Environment Configuration
**Examples:**
```bash
./scripts/fix-all.sh all
./scripts/fix-all.sh service postgresql 10100
./scripts/fix-all.sh network all --dry-run
```
### `configure-env.sh`
Quick configuration script to update `.env` with Proxmox credentials.
---
### 4. configure.sh
Configuration framework consolidating all configure/config scripts.
**Usage:**
```bash
./scripts/configure-env.sh
./scripts/configure.sh [component] [action] [host]
```
### `load-env.sh`
Standardized `.env` loader function. Can be sourced by other scripts.
**Examples:**
```bash
./scripts/configure.sh all setup
./scripts/configure.sh network update
./scripts/configure.sh ssl validate
```
---
### 5. deploy.sh
Deployment framework consolidating all deploy/setup/install scripts.
**Usage:**
```bash
source scripts/load-env.sh
load_env_file
./scripts/deploy.sh [component] [options] [host]
```
Or run directly:
**Examples:**
```bash
./scripts/load-env.sh
./scripts/deploy.sh all
./scripts/deploy.sh service postgresql
./scripts/deploy.sh all --phase=1
```
## Token Management
---
### `create-proxmox-token.sh`
Creates a Proxmox API token programmatically.
### 6. CCIP WETH9 Bridge (Chain 138) router mismatch fix
Deploy and configure a new WETH9 bridge using the **working** CCIP router (fixes router mismatch where the old bridge pointed to an address with no code).
**Usage:**
```bash
./scripts/create-proxmox-token.sh <host> <user> <password> [token-name]
# Dry-run (no PRIVATE_KEY): simulate deploy and config
./scripts/deploy-and-configure-weth9-bridge-chain138.sh --dry-run
# Real run
export PRIVATE_KEY=0x... # required
export CHAIN138_RPC_URL=http://192.168.11.211:8545 # admin/deployment (RPC_CORE_1)
./scripts/deploy-and-configure-weth9-bridge-chain138.sh
# Then: export CCIPWETH9_BRIDGE_CHAIN138=<printed address>
```
**Example:**
All bridge scripts use `CCIPWETH9_BRIDGE_CHAIN138` when set; otherwise they fall back to the previous bridge address. See `COMPREHENSIVE_STATUS_BRIDGE_READY.md` and `.env.example` (CCIP section).
---
### 7. Contract Verification (Blockscout)
Verify deployed contracts on Blockscout (Chain 138) using the **Forge Verification Proxy** (required for Forge/Blockscout API compatibility).
**Preferred: orchestrated script (starts proxy if needed):**
```bash
./scripts/create-proxmox-token.sh 192.168.11.10 root@pam mypassword mcp-server
source smom-dbis-138/.env 2>/dev/null
./scripts/verify/run-contract-verification-with-proxy.sh
```
### `update-token.sh`
Interactively updates the `PROXMOX_TOKEN_VALUE` in `~/.env`.
**Manual (proxy + verify):**
```bash
# 1. Start proxy (separate terminal)
BLOCKSCOUT_URL=http://192.168.11.140:4000 node forge-verification-proxy/server.js
# 2. Run verification
./scripts/verify-contracts-blockscout.sh
```
**Env:** `FORGE_VERIFY_TIMEOUT=600` (default; set to `0` for no limit). Uses `scripts/lib/load-project-env.sh` for config.
**See:** `forge-verification-proxy/README.md`, `docs/03-deployment/BLOCKSCOUT_FIX_RUNBOOK.md`
### 8. CCIP WETH9 Bridge — send ETH (WETH) to mainnet
Send WETH cross-chain via CCIP (Chain 138 → Ethereum mainnet or other destination). Uses `PRIVATE_KEY` and `CCIPWETH9_BRIDGE_CHAIN138` from env (load-project-env).
**Send to mainnet (exact command):**
```bash
cd /home/intlc/projects/proxmox
source smom-dbis-138/.env
export CCIP_DEST_CHAIN_SELECTOR=5009297550715157269 # Ethereum mainnet
./scripts/bridge/run-send-cross-chain.sh <amount_eth> [recipient]
# Example: ./scripts/bridge/run-send-cross-chain.sh 0.005
# With recipient: ./scripts/bridge/run-send-cross-chain.sh 0.005 0xYourMainnetAddress
```
**Dry-run (simulate only):**
```bash
./scripts/bridge/run-send-cross-chain.sh <amount_eth> [recipient] --dry-run
```
Default bridge in `.env` is the **LINK-fee** bridge (pay fee in Chain 138 LINK). To pay fee in **native ETH**, set `CCIPWETH9_BRIDGE_CHAIN138=0x63cbeE010D64ab7F1760ad84482D6cC380435ab5`.
**Requirements:** Sender must have (1) WETH on Chain 138 (balance ≥ amount), (2) for LINK-fee bridge: LINK on Chain 138 approved for the bridge; for native-ETH bridge: sufficient ETH for fee. When using a **new** bridge address, approve both WETH and LINK to that bridge. Recipient defaults to sender address if omitted.
**If send reverts** (e.g. `0x9996b315` with fee-token address): the CCIP router on Chain 138 may not accept the bridges fee token (LINK at `0xb772...`). See [docs/07-ccip/SEND_ETH_TO_MAINNET_REVERT_TRACE.md](../docs/07-ccip/SEND_ETH_TO_MAINNET_REVERT_TRACE.md) for the revert trace and fix options.
**Env:** `CCIP_DEST_CHAIN_SELECTOR` (default: 5009297550715157269 = Ethereum mainnet); `GAS_PRICE` (default: 1000000000); `CONFIRM_ABOVE_ETH` (optional; prompt for confirmation above this amount).
### 9. DBIS Frontend Deploy to Container
Deploy dbis-frontend build to Proxmox container VMID 10130. Builds locally, pushes dist, reloads nginx.
**Usage:**
```bash
./scripts/update-token.sh
./scripts/dbis/deploy-dbis-frontend-to-container.sh
```
## Testing & Validation
**Env:** Uses `load-project-env.sh` and `get_host_for_vmid()`. `DBIS_FRONTEND_DEPLOY_PATH` overrides container deploy path (e.g. `/opt/dbis-core/frontend/dist`).
### `test-connection.sh`
Tests the connection to the Proxmox API using credentials from `~/.env`.
### 10. CT 2301 Corrupted Rootfs Recovery
CT 2301 (besu-rpc-private-1) may fail to start with `lxc.hook.pre-start` due to corrupted rootfs.
**Scripts:**
- `./scripts/fix-ct-2301-corrupted-rootfs.sh` — documents recovery options
- `./scripts/recreate-ct-2301.sh` — destroys and recreates CT 2301 (data loss; use after corrupted rootfs). Uses `load-project-env.sh` for config.
### 11. Backup and Security
- **Config backup:** `./scripts/backup-proxmox-configs.sh [--dry-run]` — backs up local config and .env
- **NPMplus backup:** `./scripts/verify/backup-npmplus.sh [--dry-run]` — requires NPM_PASSWORD in .env
- **Wave 0 from LAN:** `./scripts/run-wave0-from-lan.sh [--dry-run] [--skip-backup] [--skip-rpc-fix]` — runs NPMplus RPC fix (W0-1) and NPMplus backup (W0-3); W0-2 (sendCrossChain) run separately without `--dry-run`.
- **All waves (max parallel):** `./scripts/run-all-waves-parallel.sh [--dry-run] [--skip-wave0] [--skip-wave2] [--host HOST]` — Wave 0 via SSH, Wave 1 parallel (env, cron, SSH/firewall dry-run, shellcheck, validate), Wave 2 W2-6 (create 2506/2507/2508). See `docs/00-meta/FULL_PARALLEL_EXECUTION_ORDER.md` and `FULL_PARALLEL_RUN_LOG.md`.
- **NPMplus backup cron:** `./scripts/maintenance/schedule-npmplus-backup-cron.sh [--install|--show]` — add or print daily 03:00 cron for backup-npmplus.sh.
- **Security:** `./scripts/security/secure-env-permissions.sh [--dry-run]` or `chmod 600 .env smom-dbis-138/.env dbis_core/.env` — secure env files. **Validator keys (W1-19):** On Proxmox host as root: `./scripts/secure-validator-keys.sh [--dry-run]` (VMIDs 10001004).
### 12. Maintenance (135139)
- **Daily/weekly checks:** `./scripts/maintenance/daily-weekly-checks.sh [daily|weekly|all]` — explorer sync (135), RPC health (136), config API (137). **Cron:** `./scripts/maintenance/schedule-daily-weekly-cron.sh [--install|--show]` (daily 08:00, weekly Sun 09:00). See [OPERATIONAL_RUNBOOKS.md](../docs/03-deployment/OPERATIONAL_RUNBOOKS.md) § Maintenance.
- **Start firefly-ali-1 (6201):** `./scripts/maintenance/start-firefly-6201.sh [--dry-run] [--host HOST]` — start CT 6201 on r630-02 when needed (optional ongoing).
- **Config validation (pre-deploy):** `./scripts/validation/validate-config-files.sh` — set `VALIDATE_REQUIRED_FILES` for required paths. **CI / all validation:** `./scripts/verify/run-all-validation.sh [--skip-genesis]` — dependencies + config + optional genesis (no LAN/SSH).
### 13. Phase 2, 3 & 4 Deployment Scripts
- **Monitoring (Phase 2):** `./scripts/deployment/phase2-observability.sh [--config-only]` — writes `config/monitoring/` (prometheus.yml, alertmanager.yml).
- **Security (Phase 2):** `./scripts/security/setup-ssh-key-auth.sh [--dry-run|--apply]`, `./scripts/security/firewall-proxmox-8006.sh [--dry-run|--apply] [CIDR]`.
- **Backup (Phase 2):** `./scripts/backup/automated-backup.sh [--dry-run] [--with-npmplus]` — config + optional NPMplus; cron in header.
- **CCIP (Phase 3):** `./scripts/ccip/ccip-deploy-checklist.sh` — env check and deployment order from spec.
- **Sovereign tenants (Phase 4):** `./scripts/deployment/phase4-sovereign-tenants.sh [--show-steps|--dry-run]` — checklist; full runbook in OPERATIONAL_RUNBOOKS § Phase 4.
- **Full verification (6 steps):** `./scripts/verify/run-full-verification.sh` — Step 0: config validation; Steps 15: DNS, UDM Pro, NPMplus, backend VMs, E2E routing; Step 6: source-of-truth JSON. Run from project root.
---
## Utility Modules
Shared utility functions are available in `scripts/utils/`:
- `container-utils.sh` - Container operations
- `network-utils.sh` - Network operations
- `service-utils.sh` - Service operations
- `config-utils.sh` - Configuration operations
- `proxmox-utils.sh` - Proxmox operations
**Usage:**
```bash
./scripts/test-connection.sh
source "$(dirname "${BASH_SOURCE[0]}")/../utils/container-utils.sh"
container_status 5000
container_restart 5000
```
### `validate-ml110-deployment.sh`
Comprehensive validation script for deployment to ml110-01.
---
**Usage:**
```bash
./scripts/validate-ml110-deployment.sh
## Shared Libraries
Core shared modules in `scripts/lib/`:
- **`load-project-env.sh`** — Load project environment (.env, config/ip-addresses.conf, smom-dbis-138/.env). **Use this** instead of hardcoding IPs or sourcing multiple files. Scripts that need config should `source "${SCRIPT_DIR}/lib/load-project-env.sh"`.
- `ip-config.sh` - Centralized IP address configuration
- `logging.sh` - Consistent logging functions
- `proxmox-api.sh` - Proxmox API helpers
- `ssh-helpers.sh` - SSH utility functions
---
## Migration
Old scripts have been archived to `scripts/archive/consolidated/`. Use the frameworks instead.
**Migration Guide:** `docs/00-meta/FRAMEWORK_MIGRATION_GUIDES.md`
**Migration Examples:** `docs/00-meta/MIGRATION_EXAMPLES.md`
**Migration Checklist:** `docs/00-meta/MIGRATION_CHECKLIST.md`
---
## Directory Structure
```
scripts/
├── lib/ # Shared libraries (load-project-env.sh, etc.)
├── bridge/ # CCIP bridge scripts
│ └── run-send-cross-chain.sh
├── dbis/ # DBIS Core deployment scripts
│ └── deploy-dbis-frontend-to-container.sh
├── verify/ # Verification scripts
│ ├── check-contracts-on-chain-138.sh # On-chain bytecode check (Chain 138)
│ ├── run-contract-verification-with-proxy.sh
│ └── ... # Other verify scripts
├── utils/ # Utility modules
├── archive/ # Archived scripts
│ ├── consolidated/ # Migrated scripts
│ ├── small-scripts/# Merged small scripts
│ ├── test/ # Test scripts
│ └── backups/ # Backup scripts
├── verify-all.sh # Verification framework
├── list.sh # Listing framework
├── fix-all.sh # Fix framework
├── configure.sh # Configuration framework
└── deploy.sh # Deployment framework
```
This script validates:
- Prerequisites
- Proxmox connection
- Storage availability
- Template availability
- Configuration files
- Deployment scripts
- Resource requirements
---
## Script Dependencies
## Documentation
All scripts use the standardized `~/.env` file for configuration. See [docs/ENV_STANDARDIZATION.md](/docs/04-configuration/ENV_STANDARDIZATION.md) for details.
- **Framework Usage:** `docs/00-meta/FRAMEWORK_USAGE_GUIDE.md`
- **Migration Guides:** `docs/00-meta/FRAMEWORK_MIGRATION_GUIDES.md`
- **Final Report:** `docs/00-meta/FINAL_REDUCTION_REPORT.md`
- **Script Inventory:** `docs/00-meta/SCRIPT_INVENTORY.md`
## Environment Variables
All scripts expect these variables in `~/.env`:
- `PROXMOX_HOST` - Proxmox host IP or hostname
- `PROXMOX_PORT` - Proxmox API port (default: 8006)
- `PROXMOX_USER` - Proxmox API user (e.g., root@pam)
- `PROXMOX_TOKEN_NAME` - API token name
- `PROXMOX_TOKEN_VALUE` - API token secret value
---
**Status:** ✅ Scripts consolidated and documented