scripts/deployment/DEPLOY_FROM_PROXY.md

# Deploy Phase 2 from Nginx Proxy Host

## Quick Start

**You need to SSH to the proxy host first. The proxy may use a different SSH key.**

### Step 1: SSH to Nginx Proxy

```bash
# Try with different keys if available:
ssh besuadmin@20.160.58.99

# Or with a specific key:
ssh -i /path/to/proxy/key besuadmin@20.160.58.99
```

### Step 2: Copy Project Files to Proxy (if needed)

**From your local machine**, after SSH access is working:

```bash
cd /home/intlc/projects/smom-dbis-138

# Copy project to proxy (adjust key path as needed)
rsync -avz -e "ssh -i /path/to/proxy/key" \
  --exclude '.git' \
  --exclude '.terraform' \
  --exclude '*.tfstate*' \
  --exclude '.terraform.lock.hcl' \
  --exclude 'terraform.tfvars' \
  --exclude 'node_modules' \
  --exclude '__pycache__' \
  --exclude '*.pyc' \
  --progress \
  ./ \
  besuadmin@20.160.58.99:~/smom-dbis-138/
```

### Step 3: Deploy from Proxy Host

**On the proxy host (20.160.58.99):**

```bash
# Navigate to project
cd ~/smom-dbis-138

# Load environment variables
source .env

# Verify SSH key path is correct for accessing VMs
ls -la keys/besuadmin-us-nodes_key.pem

# Ensure key has correct permissions
chmod 600 keys/besuadmin-us-nodes_key.pem

# Generate Phase 2 configuration (reads Phase 1 outputs)
cd terraform/phases/phase1
terraform output -json phase1_us_regions > /tmp/phase1_outputs.json

cd ../phase2

# Generate terraform.tfvars
../../scripts/deployment/generate-phase2-tfvars.sh

# Review configuration
cat terraform.tfvars

# Initialize Terraform
terraform init -upgrade

# Plan deployment
terraform plan

# Deploy to all 5 regions (parallel)
terraform apply -auto-approve
```

### Step 4: Start Services

**On the proxy host:**

```bash
cd ~/smom-dbis-138

# Start all services in parallel across all regions
./terraform/phases/phase2/scripts/start-services.sh all
```

### Step 5: Verify Deployment

**On the proxy host:**

```bash
cd ~/smom-dbis-138

# Check status of all regions in parallel
./terraform/phases/phase2/scripts/status.sh all
```

## Alternative: Use Convenience Script

**On the proxy host:**

```bash
cd ~/smom-dbis-138
source .env
./scripts/deployment/deploy-phase2-from-proxy.sh
```

## Troubleshooting

### SSH Key Issues

If the proxy uses a different SSH key:

1. Check if you have the proxy key:
   ```bash
   ls -la ~/.ssh/ | grep -E "(proxy|bastion|nginx)"
   ```

2. Try connecting with different keys:
   ```bash
   ssh -i ~/.ssh/id_rsa besuadmin@20.160.58.99
   ssh -i ~/.ssh/id_ed25519 besuadmin@20.160.58.99
   ```

3. Check SSH config:
   ```bash
   cat ~/.ssh/config | grep -A 10 "20.160.58.99"
   ```

### Verify VM Connectivity from Proxy

**On the proxy host**, test SSH to VMs:

```bash
# Test each VM
for ip in 10.1.1.4 10.2.1.4 10.3.1.4 10.4.1.4 10.5.1.4; do
  echo "Testing $ip..."
  ssh -i ~/smom-dbis-138/keys/besuadmin-us-nodes_key.pem \
      -o StrictHostKeyChecking=no \
      besuadmin@$ip "echo '✅ $ip: OK'"
done
```

### Terraform Issues

If Terraform can't connect to VMs:

1. Check SSH key path in `.env`:
   ```bash
   grep SSH_PRIVATE_KEY_PATH .env
   ```

2. Verify key permissions:
   ```bash
   chmod 600 keys/besuadmin-us-nodes_key.pem
   ```

3. Test SSH manually:
   ```bash
   ssh -i keys/besuadmin-us-nodes_key.pem besuadmin@10.3.1.4
   ```

## Complete Deployment Command Sequence

**Copy and run on proxy host:**

```bash
cd ~/smom-dbis-138
source .env
chmod 600 keys/besuadmin-us-nodes_key.pem
cd terraform/phases/phase2
terraform init -upgrade
terraform apply -auto-approve
cd ~/smom-dbis-138
./terraform/phases/phase2/scripts/start-services.sh all
./terraform/phases/phase2/scripts/status.sh all
```
Add Oracle Aggregator and CCIP Integration - Introduced Aggregator.sol for Chainlink-compatible oracle functionality, including round-based updates and access control. - Added OracleWithCCIP.sol to extend Aggregator with CCIP cross-chain messaging capabilities. - Created .gitmodules to include OpenZeppelin contracts as a submodule. - Developed a comprehensive deployment guide in NEXT_STEPS_COMPLETE_GUIDE.md for Phase 2 and smart contract deployment. - Implemented Vite configuration for the orchestration portal, supporting both Vue and React frameworks. - Added server-side logic for the Multi-Cloud Orchestration Portal, including API endpoints for environment management and monitoring. - Created scripts for resource import and usage validation across non-US regions. - Added tests for CCIP error handling and integration to ensure robust functionality. - Included various new files and directories for the orchestration portal and deployment scripts. 2025-12-12 14:57:48 -08:00			`# Deploy Phase 2 from Nginx Proxy Host`

			`## Quick Start`

			`You need to SSH to the proxy host first. The proxy may use a different SSH key.`

			`### Step 1: SSH to Nginx Proxy`

			```bash
			`# Try with different keys if available:`
			`ssh besuadmin@20.160.58.99`

			`# Or with a specific key:`
			`ssh -i /path/to/proxy/key besuadmin@20.160.58.99`
			```

			`### Step 2: Copy Project Files to Proxy (if needed)`

			`From your local machine, after SSH access is working:`

			```bash
			`cd /home/intlc/projects/smom-dbis-138`

			`# Copy project to proxy (adjust key path as needed)`
			`rsync -avz -e "ssh -i /path/to/proxy/key" \`
			`--exclude '.git' \`
			`--exclude '.terraform' \`
			`--exclude '.tfstate' \`
			`--exclude '.terraform.lock.hcl' \`
			`--exclude 'terraform.tfvars' \`
			`--exclude 'node_modules' \`
			`--exclude '__pycache__' \`
			`--exclude '*.pyc' \`
			`--progress \`
			`./ \`
			`besuadmin@20.160.58.99:~/smom-dbis-138/`
			```

			`### Step 3: Deploy from Proxy Host`

			`On the proxy host (20.160.58.99):`

			```bash
			`# Navigate to project`
			`cd ~/smom-dbis-138`

			`# Load environment variables`
			`source .env`

			`# Verify SSH key path is correct for accessing VMs`
			`ls -la keys/besuadmin-us-nodes_key.pem`

			`# Ensure key has correct permissions`
			`chmod 600 keys/besuadmin-us-nodes_key.pem`

			`# Generate Phase 2 configuration (reads Phase 1 outputs)`
			`cd terraform/phases/phase1`
			`terraform output -json phase1_us_regions > /tmp/phase1_outputs.json`

			`cd ../phase2`

			`# Generate terraform.tfvars`
			`../../scripts/deployment/generate-phase2-tfvars.sh`

			`# Review configuration`
			`cat terraform.tfvars`

			`# Initialize Terraform`
			`terraform init -upgrade`

			`# Plan deployment`
			`terraform plan`

			`# Deploy to all 5 regions (parallel)`
			`terraform apply -auto-approve`
			```

			`### Step 4: Start Services`

			`On the proxy host:`

			```bash
			`cd ~/smom-dbis-138`

			`# Start all services in parallel across all regions`
			`./terraform/phases/phase2/scripts/start-services.sh all`
			```

			`### Step 5: Verify Deployment`

			`On the proxy host:`

			```bash
			`cd ~/smom-dbis-138`

			`# Check status of all regions in parallel`
			`./terraform/phases/phase2/scripts/status.sh all`
			```

			`## Alternative: Use Convenience Script`

			`On the proxy host:`

			```bash
			`cd ~/smom-dbis-138`
			`source .env`
			`./scripts/deployment/deploy-phase2-from-proxy.sh`
			```

			`## Troubleshooting`

			`### SSH Key Issues`

			`If the proxy uses a different SSH key:`

			`1. Check if you have the proxy key:`
			```bash
			`ls -la ~/.ssh/ \| grep -E "(proxy\|bastion\|nginx)"`
			```

			`2. Try connecting with different keys:`
			```bash
			`ssh -i ~/.ssh/id_rsa besuadmin@20.160.58.99`
			`ssh -i ~/.ssh/id_ed25519 besuadmin@20.160.58.99`
			```

			`3. Check SSH config:`
			```bash
			`cat ~/.ssh/config \| grep -A 10 "20.160.58.99"`
			```

			`### Verify VM Connectivity from Proxy`

			`On the proxy host, test SSH to VMs:`

			```bash
			`# Test each VM`
			`for ip in 10.1.1.4 10.2.1.4 10.3.1.4 10.4.1.4 10.5.1.4; do`
			`echo "Testing $ip..."`
			`ssh -i ~/smom-dbis-138/keys/besuadmin-us-nodes_key.pem \`
			`-o StrictHostKeyChecking=no \`
			`besuadmin@$ip "echo '✅ $ip: OK'"`
			`done`
			```

			`### Terraform Issues`

			`If Terraform can't connect to VMs:`

			1. Check SSH key path in `.env`:
			```bash
			`grep SSH_PRIVATE_KEY_PATH .env`
			```

			`2. Verify key permissions:`
			```bash
			`chmod 600 keys/besuadmin-us-nodes_key.pem`
			```

			`3. Test SSH manually:`
			```bash
			`ssh -i keys/besuadmin-us-nodes_key.pem besuadmin@10.3.1.4`
			```

			`## Complete Deployment Command Sequence`

			`Copy and run on proxy host:`

			```bash
			`cd ~/smom-dbis-138`
			`source .env`
			`chmod 600 keys/besuadmin-us-nodes_key.pem`
			`cd terraform/phases/phase2`
			`terraform init -upgrade`
			`terraform apply -auto-approve`
			`cd ~/smom-dbis-138`
			`./terraform/phases/phase2/scripts/start-services.sh all`
			`./terraform/phases/phase2/scripts/status.sh all`
			```