Files

Deploy to Phoenix / deploy (push) Has been cancelled

Details

docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates

- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>

2026-02-12 15:46:57 -08:00

9.5 KiB

Raw Blame History

Dev / Codespaces (76.53.10.40) — Complete Next Steps Checklist

Purpose: Ordered list of every step to complete the dev VM, fourth NPMplus, Cloudflare tunnel, and access via 76.53.10.40.
References: DEV_CODESPACES_76_53_10_40.md | DEV_VM_GITOPS_PLAN.md | NPMPLUS_FOUR_INSTANCES_MASTER.md

Phase 1 — Fourth NPMplus (192.168.11.170)

1.1 Reserve IP 192.168.11.170 on your LAN (no other device uses it). Gateway 192.168.11.1.
1.2 Create LXC for fourth NPMplus (VMID 10236) on a Proxmox host (e.g. r630-01). From repo root:
```
bash scripts/npmplus/create-npmplus-fourth-container.sh
```
Optional overrides: NPMPLUS_FOURTH_VMID=10236, PROXMOX_HOST_R630_01=192.168.11.11, STORAGE=thin1. Or run the pct create command manually on the host (see script source for exact options).
1.3 Install NPMplus (Nginx Proxy Manager + Docker) inside the container. Use the same method as the third NPMplus (e.g. scripts/npmplus/install-npmplus-alltra-hybx.sh as reference; adapt for VMID 10236 and IP 192.168.11.170). Ensure NPM listens on 80, 81 (admin), 443.
1.4 Log in to NPMplus admin: https://192.168.11.170:81 — set admin email/password; save the password (e.g. in .env as NPM_PASSWORD_FOURTH or NPM_PASSWORD when targeting this instance).
1.5 Install cloudflared (Cloudflare Tunnel connector) on the same container or on a host that can reach 192.168.11.170. You will need the tunnel token in the next phase.

Phase 2 — Dev VM (192.168.11.60, VMID 5700)

2.1 From repo root, create the dev VM LXC:
```
cd /path/to/proxmox
bash scripts/create-dev-vm-5700.sh
```
Optional overrides: PROXMOX_HOST=192.168.11.11, STORAGE=thin1, DEV_VM_DISK_GB=500.
2.2 Run the setup script (users + Gitea) inside the container:
```
ssh root@192.168.11.11 "pct exec 5700 -- bash -s" < scripts/setup-dev-vm-users-and-gitea.sh
```
Or copy the script in and run:
pct push 5700 scripts/setup-dev-vm-users-and-gitea.sh /tmp/setup.sh then pct exec 5700 -- bash /tmp/setup.sh.

2.3 Add SSH public keys for dev1–dev4 (so Cursor Remote SSH works):

# Example for dev1 (repeat for dev2, dev3, dev4)
pct exec 5700 -- bash -c 'echo "PASTE_PUBLIC_KEY_HERE" >> /home/dev1/.ssh/authorized_keys'
pct exec 5700 -- chown dev1:dev1 /home/dev1/.ssh/authorized_keys

2.4 Open Gitea first-run in browser: http://192.168.11.60:3000 — complete installer, create admin user, then create repositories as needed (or do this after tunnel is up at https://gitea.d-bis.org).

Phase 3 — UDM Pro Port Forward (76.53.10.40)

3.1 In UniFi Network → Settings → Firewall & Security (Port Forwarding), add:

Rule Name	Destination IP	Dest Port	Forward to IP	Forward to Port	Protocol
NPMplus Fourth HTTP	76.53.10.40	80	192.168.11.170	80	TCP
NPMplus Fourth HTTPS	76.53.10.40	443	192.168.11.170	443	TCP
NPMplus Fourth Admin	76.53.10.40	81	192.168.11.170	81	TCP
Dev VM SSH (optional)	76.53.10.40	22	192.168.11.60	22	TCP

3.2 Ensure 76.53.10.40 is assigned/available on the UDM Pro (or the interface that receives this traffic). Restrict port 81 (admin) to VPN or IP allowlist if possible.

Reference: UDM_PRO_DEV_CODESPACES_PORT_FORWARD.md.

Phase 4 — Cloudflare Tunnel (Dev/Codespaces)

4.1 In Cloudflare Zero Trust dashboard: Networks → Tunnels → Create a tunnel. Name it e.g. dev-codespaces or npmplus-fourth.
4.2 Install the connector on the machine that will run cloudflared (e.g. the fourth NPMplus container). Copy the install command (with token) from the Cloudflare UI and run it there. Ensure the connector stays running (systemd service or supervisor).
4.3 Copy the Tunnel ID (UUID) from the tunnel details in Cloudflare. Add to your project .env:
```
CLOUDFLARE_TUNNEL_ID_DEV_CODESPACES=<paste-tunnel-uuid-here>
```
Also ensure .env has: CLOUDFLARE_ACCOUNT_ID, CLOUDFLARE_ZONE_ID (or CLOUDFLARE_ZONE_ID_D_BIS_ORG), and either CLOUDFLARE_API_TOKEN or CLOUDFLARE_EMAIL + CLOUDFLARE_API_KEY.
4.4 Run the tunnel + DNS script (sets tunnel ingress and CNAMEs for dev, gitea, codespaces, pve.ml110, pve.r630-01, pve.r630-02):
```
cd /path/to/proxmox
bash scripts/cloudflare/configure-dev-codespaces-tunnel-and-dns.sh
```
4.5 In Cloudflare Tunnel config (or via the script), ensure the tunnel’s ingress points to https://192.168.11.170:443 (or https://127.0.0.1:443 if cloudflared runs on the same host as NPMplus). The script above sets this via API.

Phase 5 — Fourth NPMplus Proxy Hosts

5.1 Add proxy hosts on fourth NPMplus (192.168.11.170:81). From repo root:
```
export NPM_URL=https://192.168.11.170:81
export NPM_PASSWORD='<your-fourth-npmplus-admin-password>'
# Optional: NPM_EMAIL_FOURTH=admin@example.org
bash scripts/nginx-proxy-manager/update-npmplus-fourth-proxy-hosts.sh
```
This adds: dev.d-bis.org, gitea.d-bis.org, codespaces.d-bis.org → 192.168.11.60:3000; pve.ml110.d-bis.org → 192.168.11.10:8006; pve.r630-01.d-bis.org → 192.168.11.11:8006; pve.r630-02.d-bis.org → 192.168.11.12:8006.
5.2 In NPMplus admin UI (https://192.168.11.170:81 or https://76.53.10.40:81): for each proxy host, request Let’s Encrypt certificate for:
- dev.d-bis.org
- gitea.d-bis.org
- codespaces.d-bis.org
- pve.ml110.d-bis.org
- pve.r630-01.d-bis.org
- pve.r630-02.d-bis.org
Enable SSL / Force HTTPS for each.

Phase 6 — Projects and Dotenv on Dev VM

6.1 Rsync projects from your workstation to the dev VM:

rsync -avz --exclude='.git' --exclude='node_modules' \
  /home/intlc/projects/ dev1@192.168.11.60:/srv/projects/

(If using 76.53.10.40 with port 22 forwarded: dev1@76.53.10.40.)

6.2 Ensure all required dotenv files are present under /srv/projects on the dev VM (or in a secure store and symlinked). Key paths (relative to repo root):
- .env, .env.example
- scripts/.env.r630-01
- dbis_core/.env, dbis_core/.env.example
- explorer-monorepo/.env, frontend/.env.production, .env.example
- smom-dbis-138/.env, frontend-dapp/.env, services/*/.env
- alltra-lifi-settlement/.env
- OMNIS/backend/.env, .env.example
- unifi-api/.env, .env.example
- rpc-translator-138/.env
- miracles_in_motion/.env.*
- omada-api/.env
- Others listed in DEV_CODESPACES_76_53_10_40.md § 6.
Do not commit real secrets to Git; use .env.example as templates. See REQUIRED_SECRETS_SUMMARY.md for required vars.
6.3 On the dev VM, for each project under /srv/projects that will use Gitea: add Gitea as a remote and push (or create repos in Gitea and clone into /srv/projects). Then all four users can clone from Gitea (private) and use Cursor Remote SSH.

Phase 7 — Verification

7.1 HTTPS via hostnames: Open in browser (through tunnel):
Proxmox panels may show a certificate warning (use NPMplus LE cert for these hostnames to avoid it).
7.2 Direct via 76.53.10.40: From the internet (or as appropriate):
- https://76.53.10.40 — should hit NPMplus (default host or first proxy).
- https://76.53.10.40:81 — NPMplus admin (restrict access).
7.3 SSH (Cursor):
- From LAN: ssh dev1@192.168.11.60 (with your key).
- If port 22 is forwarded: ssh dev1@76.53.10.40.
  In Cursor: Remote-SSH → connect to dev1@192.168.11.60 (or 76.53.10.40); open folder /srv/projects/proxmox (or any project).
7.4 Proxmox admin: Confirm you can open each host’s UI and that the noVNC/console (websocket) works:

Summary Table

Phase	What
1	Fourth NPMplus LXC at 192.168.11.170 (VMID 10236), install NPMplus + cloudflared
2	Dev VM 5700 at 192.168.11.60, users + Gitea, SSH keys
3	UDM Pro: 76.53.10.40 → 192.168.11.170 (80/81/443), optional 22 → 192.168.11.60
4	Cloudflare tunnel (dev-codespaces), connector on fourth NPMplus, tunnel ID in .env, run configure-dev-codespaces-tunnel-and-dns.sh
5	NPMplus fourth: add proxy hosts (script), request Let’s Encrypt for all six hostnames
6	Rsync projects to dev VM, dotenv files in place, Gitea repos created/pushed
7	Verify hostnames, 76.53.10.40, SSH/Cursor, Proxmox admin panels

Once all steps are done, the dev/Codespaces setup is complete: access via 76.53.10.40, tunnel and fourth NPMplus in place, Proxmox admin panels and Gitea available, and dotenv/projects ready for Cursor.

9.5 KiB Raw Blame History Unescape Escape