bytelyst/bytelyst-devops-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
166 Commits 2 Branches 0 Tags 1.8 MiB
44fd6a462a
Commit Graph

70 Commits

Author SHA1 Message Date
Hermes VM
44fd6a462a fix: bind DevOps dashboard ports to loopback
Some checks failed
pre-commit / pre-commit (push) Failing after 27s
Details
2026-05-27 21:55:46 +00:00
Hermes VM
f936c2231c docs: record product port hardening
Some checks failed
pre-commit / pre-commit (push) Failing after 25s
Details
2026-05-27 21:53:08 +00:00
Hermes VM
b15c570587 docs: record common-platform port hardening
Some checks failed
pre-commit / pre-commit (push) Failing after 37s
Details
2026-05-27 21:32:31 +00:00
Hermes VM
d60c81ebda docs: record internal port loopback hardening
Some checks failed
pre-commit / pre-commit (push) Failing after 38s
Details
2026-05-27 21:25:38 +00:00
Hermes VM
2fc23d6baa feat(vm): fix devops-backend VM module — Phase 0.1 complete 
- Switch backend runner from node:20-alpine to node:20-slim so GNU df
  flags (--output=pcent/avail) work inside the container
- Add volume mounts to docker-compose.yml: scripts (ro), VM logs (rw),
  docker.sock; set VM_SCRIPTS_PATH + VM_LOG_DIR env vars
- Rebuild repository.ts: env-configurable paths, cron history parser,
  unhealthy-container inspector, Ollama model endpoints
- Add routes: GET /api/vm/cron-status, unhealthy containers, Ollama
  models, container restart, model unload
- vm-cleanup.sh: add step_cosmos_pglog, step_docker_aged_images; fix
  (( count++ )) → count=$(( count + 1 )) for set -e compatibility
- Add docs/VM_OBSERVABILITY_ROADMAP.md

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 21:13:45 +00:00
Hermes VM
5a2d92f519 docs: record VM container health fix
Some checks failed
pre-commit / pre-commit (push) Failing after 33s
Details
2026-05-27 21:12:45 +00:00
Saravana Kumar
e2db92f3b1 Add Hermes snapshot diff view 2026-05-27 21:05:57 +00:00
Saravana Kumar
8f522e3505 Add Hermes dashboard improvement backlog 2026-05-27 21:02:23 +00:00
Hermes VM
9210a8890f feat: detect stale VM automation
Some checks failed
pre-commit / pre-commit (push) Failing after 32s
Details
2026-05-27 21:00:43 +00:00
Hermes VM
3d5f369f3d docs: record Gitea runner recovery
Some checks failed
pre-commit / pre-commit (push) Failing after 40s
Details
2026-05-27 20:58:16 +00:00
Hermes VM
1f2eea8268 docs: record VM backup and cron fixes
Some checks failed
pre-commit / pre-commit (push) Has been cancelled
Details
2026-05-27 20:56:11 +00:00
Saravana Kumar
90f6db2014 Complete Hermes ops dashboard and roadmap 2026-05-27 20:53:58 +00:00
Hermes VM
e3d1dddf51 docs: add VM exposure inventory
Some checks are pending
pre-commit / pre-commit (push) Waiting to run
Details
2026-05-27 20:51:27 +00:00
Saravana Kumar
98a7915a38 Reconcile Hermes roadmap and dashboard status 2026-05-27 20:46:16 +00:00
Saravana Kumar
ac79591903 Mark web search tooling complete 2026-05-27 20:46:16 +00:00
Hermes VM
313a775fa0 docs: strengthen VM security roadmap gates
Some checks are pending
pre-commit / pre-commit (push) Waiting to run
Details
2026-05-27 20:34:37 +00:00
Hermes VM
2c125adb05 docs: add VM security blind spots roadmap
Some checks are pending
pre-commit / pre-commit (push) Waiting to run
Details
2026-05-27 20:21:52 +00:00
Saravana Kumar
c89018ae47 Tighten Telegram fallback wording 2026-05-27 20:18:46 +00:00
Saravana Kumar
8145484136 Verify Telegram fallback platform context 2026-05-27 20:16:30 +00:00
Saravana Kumar
8da66497cc Tighten Hermes local fallback chain 2026-05-27 19:58:09 +00:00
Saravana Kumar
3e26f0da31 Close Hermes browser and web backend items 2026-05-27 19:23:55 +00:00
root
d1f234fc01 Mark Firecrawl as locally configured 2026-05-27 18:57:50 +00:00
Hermes VM
70d96d7684 feat: add gitea backup timer assets 2026-05-27 18:53:20 +00:00
Hermes VM
147db72330 docs: add hostinger maintenance operations entry 2026-05-27 18:53:20 +00:00
Hermes VM
0a2d303f93 add HostingerVM health-check and cleanup scripts 
- vm-health-check.sh: read-only checks for disk, load, RAM, swap,
  Docker containers (crash-loops + healthchecks), build cache, journal.
  Flags: --quiet, --json, --notify (Telegram). Exit 0/1/2 = OK/WARN/CRIT.

- vm-cleanup.sh: safe periodic cleanup.
  Default (weekly): build cache, journal, apt, npm, .next/cache.
  --full (monthly): adds docker system prune, pnpm store, old logs, HOLD cleanup.
  --dry-run, --install-cron, --uninstall-cron.
  Logs to /var/log/vm-cleanup.log.

Related: docs/hostinger-vm-maintenance.md, scripts/VMs/HostingerVM/CRON_SETUP.md

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 18:53:20 +00:00
root
4249b17afc Document Firecrawl backend selection 2026-05-27 18:52:39 +00:00
root
08f32a79e8 Clarify remaining Hermes fallback verification 2026-05-27 18:46:32 +00:00
root
8fbb535d90 Add shared local Hermes fallback chain 2026-05-27 18:43:30 +00:00
saravanakumardb1
babe2e6c13 docs(roadmap): v14 \xe2\x80\x94 ALL 20 ITEMS COMPLETE (C5 closed end-to-end) 
C5 fully closed by:
1. Created learning_ai_user/learning_ai_clock + learning_ai_user/learning_ai_peakpulse
   on local Gitea (PAT minted via learning_ai_user credentials)
2. Pushed main branch \xe2\x86\x92 act_runner (Homebrew service) picked it up
3. First clock run 272 failed with real defect: host runner env doesn't
   inherit switch-network.sh exports. Fix landed in both pilots' ci.yml
   docker-lint job: explicit env: block + read token from
   ~/.gitea_npm_token at step time.
4. Verified green:
   - clock run 273 job 675 docker-lint \xe2\x86\x92 success
   - peakpulse runs 274 + 275 docker-lint \xe2\x86\x92 success

Roadmap final state: 20/20 items DONE.
 2026-05-27 05:20:48 -07:00
root
3cc9a1456e Add Google Drive single file uploader 2026-05-27 12:19:45 +00:00
root
79ca56ffce Add Google Drive emergency bundle upload 2026-05-27 12:08:41 +00:00
saravanakumardb1
484c82c4b1 docs(roadmap): repair v13 \xc2\xa710 corruption + finalize C5 partial-validation note 
A prior rebase merged the v13/v13.1 edits into \xc2\xa710 with mangled text
(steps 11\xe2\x80\x9320 out of order; step 10 garbled). Rebuilt the section
cleanly from v12 base + appended the new v13/v13.1 steps:

  11. Phase E1/E2/E5
  12. Phase B
  13. Phase B4 + E3/E4/E6
  14. Phase C (8/9; C5 partial)
  15. Phase D.1
  16. Phase D.2
  17. B7-4 AGENTS.md warnings
  18. Phase D extension (MindLyst, LysnrAI, talk2obsidian)
  19. Phase D.3 advisory cleanup
  20. C5 partial validation (this session)

Restored the lost "ported back to clock" trailing line for step 9.
No content changes beyond what was already documented in v13/v13.1.
 2026-05-27 04:34:53 -07:00
saravanakumardb1
2d13ae4c54 docs(roadmap): v13.1 \xe2\x80\x94 C5 partial validation (Gitea hosting gap documented) 
Findings from dummy check-in attempt:
- Pilot workflow YAML parses cleanly (6 jobs on clock incl. docker-lint)
- Local simulation of docker-lint job (gitea-doctor + docker-doctor)
  exits 0 on both pilots
- Pilot repos are NOT hosted on Gitea (`git push gitea` returns 404).
  Only `learning_ai_uxui_web` exists at localhost:3300
- Until pilot repos are mirrored to Gitea, the .gitea/workflows/ci.yml
  file ships but the runner never fires
- C5 marked as partial; gap recorded explicitly in \xc2\xa7Phase C and \xc2\xa710
 2026-05-27 04:32:33 -07:00
root
bb15a225cd Add encrypted Hermes emergency bundle scripts 2026-05-27 11:31:58 +00:00
saravanakumardb1
e96b555f07 docs(roadmap): v13 \xe2\x80\x94 12/12 consumer repos PASS docker-doctor (Phase D extension + D.3) 
Final-state summary:
- All 12 consumer repos now PASS docker-doctor with zero errors
- MindLyst + LysnrAI + talk2obsidian onboarded (was previously out of scope)
- docker-doctor learned Python Dockerfile detection
- 10 repos received advisory-warning cleanup commits (compose build.args
  + healthcheck.start_period)
- C5 (CI green confirmation) is the only remaining follow-up

The roadmap is now in a fully landed state for in-scope repos.
 2026-05-27 04:27:15 -07:00
root
19fdba752c Add Hermes disaster recovery runbook 2026-05-27 11:23:07 +00:00
saravanakumardb1
ccd6ee4f7f docs(roadmap): v12 \xe2\x80\x94 all phases (A, B, C, D, E) complete for 9 consumer repos 
- B7-4 AGENTS.md warnings landed in all 9 repos
- C9 web smoke test (Playwright) landed on clock to guard F11 regression
- D.2 per-repo Dockerfile/compose fixes applied to all 7 consumer repos
  via idempotent fixer; docker-doctor PASS on every consumer repo
- 3 non-consumer repos (MindLyst KMP, LysnrAI multi-target, talk2obsidian)
  remain out of scope; documented as follow-up
- C5 confirmation pending next Gitea CI run

Final status: 18 of 18 in-scope items complete.
 2026-05-27 04:17:52 -07:00
root
547a9d00fa Clarify root GitHub credential ownership 2026-05-27 11:10:48 +00:00
saravanakumardb1
6a4e289edc docs(roadmap): v11 \xe2\x80\x94 Phases B4/E3/E4/E6 + C (7/9 gates) + D.1 (artifacts rolled out) 
- B4: pre-commit guard + husky wiring landed
- E3/E4/E6: CI job + pre-commit warn-only + make doctor target
- C1\xe2\x80\x93C4, C6\xe2\x80\x93C8: verified on pilots; C5 pending CI, C9 deferred
- D.1: artifacts deployed to 7/9 consumer repos with per-repo findings table
- D.2: per-repo Dockerfile fixes captured as a fix matrix (follow-up work)
- All commit refs documented in \xc2\xa710 execution order
 2026-05-27 04:07:27 -07:00
root
416f25794c Document Hermes Gitea token flow 2026-05-27 11:06:15 +00:00
saravanakumardb1
11c185e772 docs(roadmap): v10 — Phase B complete (canonical docker-prep + sync tooling) 
- All B-tasks complete except B4 (husky hook) and B7-4 (AGENTS.md updates)
- Canonical home landed at common-plat@a418a23e
- Both pilots synced; end-to-end verified on clock + peakpulse
- 3 bonus capabilities documented (--check, portable sed, .gitkeep preservation)
- \xc2\xa710 execution step 12 marked done with commit refs
 2026-05-27 03:49:52 -07:00
root
8de72351de Complete Hermes dashboard and watchdog roadmap audit 2026-05-27 10:45:29 +00:00
saravanakumardb1
15ac960faf docs(roadmap): v9 — Phase E1/E2/E5 done, docker-doctor.sh landed 
- Marked E1, E2, E5 complete in Phase E checklist
- Added step 11 to \xc2\xa710 execution order with commit refs
- Renumbered remaining steps; deferred E3/E4/E6 to after Phase B
 2026-05-27 03:33:35 -07:00
root
a6e509247f Record Tailscale login for Hermes 2026-05-27 10:31:23 +00:00
saravanakumardb1
ac364be6c3 docs(roadmap): mark A3 done, link ADR-0001 (lockfile policy accepted) 2026-05-27 03:28:19 -07:00
root
651df6aad8 Audit Hermes roadmap root and Uma progress 2026-05-27 10:28:10 +00:00
root
a10c0c318a Update Hermes roadmap late-pass progress 2026-05-27 10:24:56 +00:00
root
e57038a6a2 docs: advance Hermes setup roadmap
Some checks are pending
pre-commit / pre-commit (push) Waiting to run
Details
2026-05-27 10:12:27 +00:00
saravanakumardb1
b00af09942 docs(docker): roadmap v8 — peakpulse Phase A done + A3 ADR-0001 accepted 
Per § 10 steps 9 + 10.

Step 9: Peakpulse backend Phase A complete.
  cold 72.2 s, warm 2.7 s (96.3% reduction). Pattern from clock applied
  verbatim plus .docker-deps/.gitkeep discoverability fix back-ported
  to clock. Commits:
    peakpulse@11a6bc5  feat(docker): Phase A on peakpulse backend
    peakpulse@6523a1a  fix(docker): track .docker-deps/.gitkeep
    clock@1465e06b1    fix(docker): track .docker-deps/.gitkeep
    clock@d69003c1f    chore: dedupe .docker-deps in .gitignore

Step 10: A3 ADR accepted.
  New file: docs/adr/0001-docker-build-lockfile-policy.md
  Decision: short-term Option A (--lockfile=false) — already shipped in
  Phase A; long-term Option C (vendored pnpm-lock.docker.yaml). Migration
  triggered by production deployment, audit requirement, supply-chain
  incident, or loss of BuildKit cache. Implementation sketch in ADR § 4.

Roadmap doc updates:
  - § A7 metrics table: peakpulse row populated (72.2 s / 2.7 s).
  - § A3: collapsed bullet list into decision-record summary linking ADR.
  - § 10: steps 9 + 10 marked ; status banner v7 → v8.

Next per § 10: step 11 (Phase B docker-prep hardening) or step 12
(Phase E docker-doctor.sh linter). Phase E is higher-value as durable
insurance against F11/F13/F16/F17/F18 regressions across the ecosystem.
 2026-05-27 02:54:08 -07:00
saravanakumardb1
062155b81e docs(docker): roadmap v7 — Phase A complete on clock, warm 2.9s/5.4s 
Per execution \u00a7 10 step 10 (metrics in lockstep with implementation commits).

Updates:
  - \u00a7 A7 metrics table populated with cold + warm numbers post-A2:
    clock backend  59.2 s  \u2192  64.7 s cold  \u2192   2.9 s warm  (95.1% \u2193)
    clock web      193 s   \u2192  291 s* cold  \u2192   5.4 s warm  (97.2% \u2193)
    * web cold variance: 174-291 s across runs, dominated by tarball
      egress through corp proxy. Cold is not the optimization target.

  - \u00a7 A7 measurement commands now include the 'deps-changed' case
    (touch package.json) where A2's pnpm-store cache mount is the
    relevant speedup, since plain warm rebuild benefits from
    BuildKit layer cache regardless of A2.

  - \u00a7 10 execution order:
    steps 7 + 8 marked \u2705 with commit refs
    step  9 marked \u23f8 with explicit STOP-for-approval (peakpulse is
      a different repo)
    step  10 collapsed into this commit (was placeholder for A7 fill)

  - Status line: v6 \u2192 v7

Cross-repo commit chain (Phase A complete on clock):
  clock@0be887288       feat(docker): A0 \u2014 wire Gitea-registry path
  devops_tools@ba8b4d1  docs(docker): roadmap v5 \u2014 add F16
  common-plat@cfcfc7bb  fix(gitea): rewrite workspace:* (F16)
  common-plat@dd90f709  fix(gitea): ROOT_URL host.docker.internal (F17)
  clock@8b5c767a3       fix(docker): rewrite file: refs to * (F18)
  devops_tools@7627d55  docs(docker): roadmap v6 \u2014 A0-V PASSED
  clock@f6a806ff3       feat(docker): A8 + A9 + A1
  clock@55e8d22d3       feat(docker): A2 + A5 + A6
  devops_tools@HEAD     docs(docker): roadmap v7 (this commit)

Next: \u00a7 10 step 9 \u2014 peakpulse replication. Pause point for approval.
 2026-05-27 02:16:07 -07:00