bea1903ac9
Co-authored-by: Cursor <cursoragent@cursor.com>
7.0 KiB
DApp LXC Deployment (VMID 5801)
Last Updated: 2026-02-20
Status: Active
Note: VMID 5800 is reserved for Mifos/Fineract (192.168.11.85, mifos.d-bis.org). The DApp uses 5801 at 192.168.11.58.
Overview
One Proxmox LXC container (VMID 5801, hostname dapp-smom) runs the Bridge DApp (frontend build from smom-dbis-138/frontend-dapp) and is reachable via the existing network and NPMplus.
- VMID: 5801 (from range 5701–5999; 5800 is Mifos)
- Hostname: dapp-smom
- IP: 192.168.11.58 (static; override with
IP_DAPP_LXC) - Node: Default r630-02 (same as 5800); override with
NODEif needed.
Prerequisites
- Run the deploy script from a machine that can SSH to the Proxmox host, or run it on the Proxmox host (with
pct). - Ubuntu 22.04 LTS template on the host:
local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.zst. - For build: set REPO_URL to the Git URL of the repo (e.g. your fork or the main smom-dbis-138 repo).
Running the Script
From the proxmox repo root (or from smom-dbis-138):
# Optional: load IP/config
source config/ip-addresses.conf 2>/dev/null || true
# Create and provision (from Proxmox host)
cd smom-dbis-138
REPO_URL=https://github.com/your-org/smom-dbis-138.git ./scripts/deployment/deploy-dapp-lxc.sh
# Or from another machine via SSH
PROXMOX_HOST=192.168.11.12 REPO_URL=https://github.com/your-org/smom-dbis-138.git \
./scripts/deployment/deploy-dapp-lxc.sh
- --dry-run: Print what would be done; do not create or change anything.
- --skip-create: Assume container 5801 already exists; only install Node/nginx, clone, build, and configure nginx.
Env Overrides
| Variable | Default | Description |
|---|---|---|
| VMID | 5801 | Container ID (5800 = Mifos) |
| HOSTNAME | dapp-smom | Container hostname |
| IP_DAPP_LXC | 192.168.11.58 | Static IP (IP_DAPP_LXC in config) |
| PROXMOX_HOST | (none) | If set, script SSHs here to run pct |
| NODE | (none) | Proxmox node name for pct --node |
| REPO_URL | (required for build) | Git URL to clone |
| ENV_FILE | (none) | Path to .env (VITE_* for build) |
| MEMORY_MB | 6144 | RAM |
| CORES | 4 | CPU cores |
| DISK_GB | 40 | Root disk size |
| TEMPLATE | ubuntu-22.04-standard | LXC template |
| IP_CONFIG_PATH | (auto) | Override path to ip-addresses.conf; script also tries SMOM_ROOT/../../config and SCRIPT_DIR/../../../config |
What Runs Inside the LXC
- Node.js 20 (from NodeSource) for building.
- Clone of the repo to
/srv/smom-dbis-138(from REPO_URL). - Build:
npm ci && npm run buildinfrontend-dapp, using env from/srv/smom-dbis-138/.envif present (e.g. VITE_* for contract addresses and RPC). - Nginx serving
/srv/smom-dbis-138/frontend-dapp/diston port 80.
Production build: VITE_* and .env
VITE_* variables are baked in at build time. For a production build with custom contract addresses or RPC URLs you must have a .env (or .env.production) in the container before running npm run build.
- Set ENV_FILE when running the deploy script: the script copies that file into the container (when running on the Proxmox host, or via scp + pct push when using PROXMOX_HOST) before the build step.
- Or after clone and before build: copy
.envinto the container manually, e.g. from the Proxmox host:then run the build (e.g. withpct push 5801 /path/to/your/.env /srv/smom-dbis-138/.env--skip-createand REPO_URL set, or run the build step by hand inside the container). - Or in CI: build with env injected (e.g.
env VITE_RPC_URL_138=... npm run build), then rsync thedist/folder into the container and reload nginx; no need for a full clone inside the container.
Relevant VITE_* (see smom-dbis-138/.env.example and frontend-dapp/src/config/bridge.ts, networks.ts):
- RPC:
VITE_RPC_URL_138,VITE_BSC_RPC_URL,VITE_AVALANCHE_RPC_URL,VITE_CRONOS_RPC_URL,VITE_GNOSIS_RPC_URL - Trustless:
VITE_LOCKBOX_138,VITE_INBOX_ETH_MAINNET,VITE_LIQUIDITY_POOL_ETH_MAINNET,VITE_BRIDGE_SWAP_COORDINATOR_MAINNET,VITE_DUAL_ROUTER_BRIDGE_SWAP_COORDINATOR,VITE_CHALLENGE_MANAGER_MAINNET,VITE_CUSDT_ADDRESS_138,VITE_CUSDC_ADDRESS_138 - WalletConnect / thirdweb:
VITE_WALLETCONNECT_PROJECT_ID,VITE_THIRDWEB_CLIENT_ID
Updating the DApp
- SSH or
pct execinto the container:pct exec 5801 -- bash - Pull and rebuild:
cd /srv/smom-dbis-138 && git pull && cd frontend-dapp && npm ci && npm run build - Reload nginx:
systemctl reload nginx
Or from the host (one-liner):
pct exec 5801 -- bash -c 'cd /srv/smom-dbis-138 && git pull && cd frontend-dapp && npm ci && npm run build && systemctl reload nginx'
NPMplus / Reverse Proxy
Add a proxy host in NPMplus pointing to the LXC:
- Upstream:
http://192.168.11.58:80(or the IP you set withIP_DAPP_LXC). - Domain: e.g.
dapp.d-bis.orgorapp.d-bis.org(your choice).
Document the chosen hostname in your VMID/IP reference (e.g. ALL_VMIDS_ENDPOINTS.md).
VMID / IP Reference
See ALL_VMIDS_ENDPOINTS.md for the 5801 entry (DApp LXC).
Full E2E: Cloudflare Tunnel + DNS + NPMplus SSL
To expose the DApp at https://dapp.d-bis.org with an existing Cloudflare Tunnel and full SSL:
- Tunnel (existing): In Cloudflare Zero Trust → Networks → Tunnels → tunnel that uses
https://192.168.11.167:443(same as RPC Option B). Add Public Hostname:dapp.d-bis.org→ URLhttps://192.168.11.167:443(No TLS Verify). - DNS: In Cloudflare DNS (zone d-bis.org), add CNAME
dapp→<CLOUDFLARE_TUNNEL_ID>.cfargotunnel.com(Proxied). - NPMplus (10233 @ 192.168.11.167): Add Proxy Host: Domain
dapp.d-bis.org, Forward192.168.11.58:80, Scheme HTTP. Request Let's Encrypt (or Cloudflare Origin cert); Force SSL. - DApp LXC: Deploy with VMID=5801, IP_DAPP_LXC=192.168.11.58 (see Running the Script above).
Traffic flow: Internet → Cloudflare → Tunnel → NPMplus 10233 → http://192.168.11.58:80 (LXC 5801). See CHECK_ALL_UPDATES_AND_CLOUDFLARE_TUNNELS.md and OPTION_B_RPC_VIA_TUNNEL_RUNBOOK.md.
Optional: Token-Aggregation in Same Container
To run token-aggregation in the same LXC, install and run it (e.g. via systemd) and optionally proxy it through nginx. Configuration is out of scope here; see token-aggregation docs.