bytelyst/bytelyst-devops-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
145 Commits 2 Branches 0 Tags 1.8 MiB
8da66497cc
Commit Graph

51 Commits

Author SHA1 Message Date
Saravana Kumar
8da66497cc Tighten Hermes local fallback chain 2026-05-27 19:58:09 +00:00
Saravana Kumar
3e26f0da31 Close Hermes browser and web backend items 2026-05-27 19:23:55 +00:00
root
d1f234fc01 Mark Firecrawl as locally configured 2026-05-27 18:57:50 +00:00
Hermes VM
70d96d7684 feat: add gitea backup timer assets 2026-05-27 18:53:20 +00:00
Hermes VM
147db72330 docs: add hostinger maintenance operations entry 2026-05-27 18:53:20 +00:00
Hermes VM
0a2d303f93 add HostingerVM health-check and cleanup scripts 
- vm-health-check.sh: read-only checks for disk, load, RAM, swap,
  Docker containers (crash-loops + healthchecks), build cache, journal.
  Flags: --quiet, --json, --notify (Telegram). Exit 0/1/2 = OK/WARN/CRIT.

- vm-cleanup.sh: safe periodic cleanup.
  Default (weekly): build cache, journal, apt, npm, .next/cache.
  --full (monthly): adds docker system prune, pnpm store, old logs, HOLD cleanup.
  --dry-run, --install-cron, --uninstall-cron.
  Logs to /var/log/vm-cleanup.log.

Related: docs/hostinger-vm-maintenance.md, scripts/VMs/HostingerVM/CRON_SETUP.md

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 18:53:20 +00:00
root
4249b17afc Document Firecrawl backend selection 2026-05-27 18:52:39 +00:00
root
08f32a79e8 Clarify remaining Hermes fallback verification 2026-05-27 18:46:32 +00:00
root
8fbb535d90 Add shared local Hermes fallback chain 2026-05-27 18:43:30 +00:00
saravanakumardb1
babe2e6c13 docs(roadmap): v14 \xe2\x80\x94 ALL 20 ITEMS COMPLETE (C5 closed end-to-end) 
C5 fully closed by:
1. Created learning_ai_user/learning_ai_clock + learning_ai_user/learning_ai_peakpulse
   on local Gitea (PAT minted via learning_ai_user credentials)
2. Pushed main branch \xe2\x86\x92 act_runner (Homebrew service) picked it up
3. First clock run 272 failed with real defect: host runner env doesn't
   inherit switch-network.sh exports. Fix landed in both pilots' ci.yml
   docker-lint job: explicit env: block + read token from
   ~/.gitea_npm_token at step time.
4. Verified green:
   - clock run 273 job 675 docker-lint \xe2\x86\x92 success
   - peakpulse runs 274 + 275 docker-lint \xe2\x86\x92 success

Roadmap final state: 20/20 items DONE.
 2026-05-27 05:20:48 -07:00
root
3cc9a1456e Add Google Drive single file uploader 2026-05-27 12:19:45 +00:00
root
79ca56ffce Add Google Drive emergency bundle upload 2026-05-27 12:08:41 +00:00
saravanakumardb1
484c82c4b1 docs(roadmap): repair v13 \xc2\xa710 corruption + finalize C5 partial-validation note 
A prior rebase merged the v13/v13.1 edits into \xc2\xa710 with mangled text
(steps 11\xe2\x80\x9320 out of order; step 10 garbled). Rebuilt the section
cleanly from v12 base + appended the new v13/v13.1 steps:

  11. Phase E1/E2/E5
  12. Phase B
  13. Phase B4 + E3/E4/E6
  14. Phase C (8/9; C5 partial)
  15. Phase D.1
  16. Phase D.2
  17. B7-4 AGENTS.md warnings
  18. Phase D extension (MindLyst, LysnrAI, talk2obsidian)
  19. Phase D.3 advisory cleanup
  20. C5 partial validation (this session)

Restored the lost "ported back to clock" trailing line for step 9.
No content changes beyond what was already documented in v13/v13.1.
 2026-05-27 04:34:53 -07:00
saravanakumardb1
2d13ae4c54 docs(roadmap): v13.1 \xe2\x80\x94 C5 partial validation (Gitea hosting gap documented) 
Findings from dummy check-in attempt:
- Pilot workflow YAML parses cleanly (6 jobs on clock incl. docker-lint)
- Local simulation of docker-lint job (gitea-doctor + docker-doctor)
  exits 0 on both pilots
- Pilot repos are NOT hosted on Gitea (`git push gitea` returns 404).
  Only `learning_ai_uxui_web` exists at localhost:3300
- Until pilot repos are mirrored to Gitea, the .gitea/workflows/ci.yml
  file ships but the runner never fires
- C5 marked as partial; gap recorded explicitly in \xc2\xa7Phase C and \xc2\xa710
 2026-05-27 04:32:33 -07:00
root
bb15a225cd Add encrypted Hermes emergency bundle scripts 2026-05-27 11:31:58 +00:00
saravanakumardb1
e96b555f07 docs(roadmap): v13 \xe2\x80\x94 12/12 consumer repos PASS docker-doctor (Phase D extension + D.3) 
Final-state summary:
- All 12 consumer repos now PASS docker-doctor with zero errors
- MindLyst + LysnrAI + talk2obsidian onboarded (was previously out of scope)
- docker-doctor learned Python Dockerfile detection
- 10 repos received advisory-warning cleanup commits (compose build.args
  + healthcheck.start_period)
- C5 (CI green confirmation) is the only remaining follow-up

The roadmap is now in a fully landed state for in-scope repos.
 2026-05-27 04:27:15 -07:00
root
19fdba752c Add Hermes disaster recovery runbook 2026-05-27 11:23:07 +00:00
saravanakumardb1
ccd6ee4f7f docs(roadmap): v12 \xe2\x80\x94 all phases (A, B, C, D, E) complete for 9 consumer repos 
- B7-4 AGENTS.md warnings landed in all 9 repos
- C9 web smoke test (Playwright) landed on clock to guard F11 regression
- D.2 per-repo Dockerfile/compose fixes applied to all 7 consumer repos
  via idempotent fixer; docker-doctor PASS on every consumer repo
- 3 non-consumer repos (MindLyst KMP, LysnrAI multi-target, talk2obsidian)
  remain out of scope; documented as follow-up
- C5 confirmation pending next Gitea CI run

Final status: 18 of 18 in-scope items complete.
 2026-05-27 04:17:52 -07:00
root
547a9d00fa Clarify root GitHub credential ownership 2026-05-27 11:10:48 +00:00
saravanakumardb1
6a4e289edc docs(roadmap): v11 \xe2\x80\x94 Phases B4/E3/E4/E6 + C (7/9 gates) + D.1 (artifacts rolled out) 
- B4: pre-commit guard + husky wiring landed
- E3/E4/E6: CI job + pre-commit warn-only + make doctor target
- C1\xe2\x80\x93C4, C6\xe2\x80\x93C8: verified on pilots; C5 pending CI, C9 deferred
- D.1: artifacts deployed to 7/9 consumer repos with per-repo findings table
- D.2: per-repo Dockerfile fixes captured as a fix matrix (follow-up work)
- All commit refs documented in \xc2\xa710 execution order
 2026-05-27 04:07:27 -07:00
root
416f25794c Document Hermes Gitea token flow 2026-05-27 11:06:15 +00:00
saravanakumardb1
11c185e772 docs(roadmap): v10 — Phase B complete (canonical docker-prep + sync tooling) 
- All B-tasks complete except B4 (husky hook) and B7-4 (AGENTS.md updates)
- Canonical home landed at common-plat@a418a23e
- Both pilots synced; end-to-end verified on clock + peakpulse
- 3 bonus capabilities documented (--check, portable sed, .gitkeep preservation)
- \xc2\xa710 execution step 12 marked done with commit refs
 2026-05-27 03:49:52 -07:00
root
8de72351de Complete Hermes dashboard and watchdog roadmap audit 2026-05-27 10:45:29 +00:00
saravanakumardb1
15ac960faf docs(roadmap): v9 — Phase E1/E2/E5 done, docker-doctor.sh landed 
- Marked E1, E2, E5 complete in Phase E checklist
- Added step 11 to \xc2\xa710 execution order with commit refs
- Renumbered remaining steps; deferred E3/E4/E6 to after Phase B
 2026-05-27 03:33:35 -07:00
root
a6e509247f Record Tailscale login for Hermes 2026-05-27 10:31:23 +00:00
saravanakumardb1
ac364be6c3 docs(roadmap): mark A3 done, link ADR-0001 (lockfile policy accepted) 2026-05-27 03:28:19 -07:00
root
651df6aad8 Audit Hermes roadmap root and Uma progress 2026-05-27 10:28:10 +00:00
root
a10c0c318a Update Hermes roadmap late-pass progress 2026-05-27 10:24:56 +00:00
root
e57038a6a2 docs: advance Hermes setup roadmap
Some checks are pending
pre-commit / pre-commit (push) Waiting to run
Details
2026-05-27 10:12:27 +00:00
saravanakumardb1
b00af09942 docs(docker): roadmap v8 — peakpulse Phase A done + A3 ADR-0001 accepted 
Per § 10 steps 9 + 10.

Step 9: Peakpulse backend Phase A complete.
  cold 72.2 s, warm 2.7 s (96.3% reduction). Pattern from clock applied
  verbatim plus .docker-deps/.gitkeep discoverability fix back-ported
  to clock. Commits:
    peakpulse@11a6bc5  feat(docker): Phase A on peakpulse backend
    peakpulse@6523a1a  fix(docker): track .docker-deps/.gitkeep
    clock@1465e06b1    fix(docker): track .docker-deps/.gitkeep
    clock@d69003c1f    chore: dedupe .docker-deps in .gitignore

Step 10: A3 ADR accepted.
  New file: docs/adr/0001-docker-build-lockfile-policy.md
  Decision: short-term Option A (--lockfile=false) — already shipped in
  Phase A; long-term Option C (vendored pnpm-lock.docker.yaml). Migration
  triggered by production deployment, audit requirement, supply-chain
  incident, or loss of BuildKit cache. Implementation sketch in ADR § 4.

Roadmap doc updates:
  - § A7 metrics table: peakpulse row populated (72.2 s / 2.7 s).
  - § A3: collapsed bullet list into decision-record summary linking ADR.
  - § 10: steps 9 + 10 marked ; status banner v7 → v8.

Next per § 10: step 11 (Phase B docker-prep hardening) or step 12
(Phase E docker-doctor.sh linter). Phase E is higher-value as durable
insurance against F11/F13/F16/F17/F18 regressions across the ecosystem.
 2026-05-27 02:54:08 -07:00
saravanakumardb1
062155b81e docs(docker): roadmap v7 — Phase A complete on clock, warm 2.9s/5.4s 
Per execution \u00a7 10 step 10 (metrics in lockstep with implementation commits).

Updates:
  - \u00a7 A7 metrics table populated with cold + warm numbers post-A2:
    clock backend  59.2 s  \u2192  64.7 s cold  \u2192   2.9 s warm  (95.1% \u2193)
    clock web      193 s   \u2192  291 s* cold  \u2192   5.4 s warm  (97.2% \u2193)
    * web cold variance: 174-291 s across runs, dominated by tarball
      egress through corp proxy. Cold is not the optimization target.

  - \u00a7 A7 measurement commands now include the 'deps-changed' case
    (touch package.json) where A2's pnpm-store cache mount is the
    relevant speedup, since plain warm rebuild benefits from
    BuildKit layer cache regardless of A2.

  - \u00a7 10 execution order:
    steps 7 + 8 marked \u2705 with commit refs
    step  9 marked \u23f8 with explicit STOP-for-approval (peakpulse is
      a different repo)
    step  10 collapsed into this commit (was placeholder for A7 fill)

  - Status line: v6 \u2192 v7

Cross-repo commit chain (Phase A complete on clock):
  clock@0be887288       feat(docker): A0 \u2014 wire Gitea-registry path
  devops_tools@ba8b4d1  docs(docker): roadmap v5 \u2014 add F16
  common-plat@cfcfc7bb  fix(gitea): rewrite workspace:* (F16)
  common-plat@dd90f709  fix(gitea): ROOT_URL host.docker.internal (F17)
  clock@8b5c767a3       fix(docker): rewrite file: refs to * (F18)
  devops_tools@7627d55  docs(docker): roadmap v6 \u2014 A0-V PASSED
  clock@f6a806ff3       feat(docker): A8 + A9 + A1
  clock@55e8d22d3       feat(docker): A2 + A5 + A6
  devops_tools@HEAD     docs(docker): roadmap v7 (this commit)

Next: \u00a7 10 step 9 \u2014 peakpulse replication. Pause point for approval.
 2026-05-27 02:16:07 -07:00
saravanakumardb1
7627d5526d docs(docker): roadmap v6 — F17 + F18 fixed, A0-V PASSED on clock 
Resolves the A-pre phase entirely. Gitea-registry path now works
end-to-end on learning_ai_clock for both backend + web.

Findings added to § 0:
  F17: Gitea baked localhost:3300 in tarball URLs (Critical, FIXED)
  F18: clock/web/package.json had file: refs to sibling repo (High, FIXED)

Status updates:
  - A0-V on clock:  PASSED (3rd attempt, after F16/F17/F18 cleared)
    backend cold build: 59.2 s
    web cold build:     193 s (3:13)
  - A-pre fully complete (all 6 sub-items checked)
  - § 3.A7 metrics table populated with baseline numbers
  - § 10 execution order: steps 1-6 marked done; step 7 (A8+A9+A1) is next

New § A-pre-6: documents Gitea config requirements (ROOT_URL, /etc/hosts,
NO_PROXY) as one-time setup per dev machine. Required because the F17 fix
spans Gitea server config + host /etc/hosts + repo-side switch-network.sh.

Risk register: 4 new rows (F17 regression, F18 regression,
corp-proxy NO_PROXY drift, BASE_IMAGE override drift kept from v5).

Cross-repo commit chain (this run):
  clock@0be887288       feat(docker): A0 — wire Gitea-registry path
  devops_tools@ba8b4d1  docs(docker): roadmap v5 — add F16
  common-plat@cfcfc7bb  fix(gitea): rewrite workspace:* in tarballs (F16)
  common-plat@dd90f709  fix(gitea): ROOT_URL host.docker.internal (F17)
  clock@8b5c767a3       fix(docker): rewrite file: refs to * (F18)
  devops_tools@HEAD     docs(docker): roadmap v6 (this commit)

Next: § 10 step 7 — A8 (config-file COPY audit) + A9 (healthcheck IPv4)
+ A1 (corepack) on clock.
 2026-05-27 01:54:14 -07:00
saravanakumardb1
ba8b4d1ace docs(docker): roadmap v5 — add F16 (registry workspace:* leaks) 
Discovered during A0-V execution on learning_ai_clock (2026-05-27).

F16: At least 10 of ~50 published @bytelyst/* packages in the Gitea
registry have unrewritten 'workspace:*' refs in their package.json
dependencies. pnpm install inside Docker fails with
ERR_PNPM_WORKSPACE_PKG_NOT_FOUND because there is no workspace context
inside the container.

Confirmed broken (latest version each):
  @bytelyst/auth@0.1.5             → errors=workspace:*
  @bytelyst/diagnostics-client@0.1.6 → api-client=workspace:*
  @bytelyst/events@0.1.5           → queue=workspace:*
  @bytelyst/extraction@0.1.5       → api-client=workspace:*
  @bytelyst/fastify-auth@0.1.5     → errors=workspace:*
  @bytelyst/fastify-core@0.1.5     → errors=workspace:*   ← clock dep
  @bytelyst/feedback-client@0.1.6  → api-client=workspace:*
  @bytelyst/field-encrypt@0.1.6    → errors=workspace:*   ← clock dep
  @bytelyst/react-auth@0.1.6       → api-client=workspace:*
  @bytelyst/sync@0.1.5             → api-client, telemetry-client=workspace:*

Changes:
- § 0: bump count to 16; add F16 row (Critical severity)
- § 0 Implications: F16 blocks every A0-V; updated rationale
- § 3: insert new Phase A-pre (republish + publish-time guard) before A0
- § 3 A0-V: append blocked-status note linking to clock@0be887288
- § 10 Execution order: renumber; insert A-pre as step 3
- § 11 Risk register: add F16 row

Implementation status:
   Step 2 (A0 on clock) — committed in learning_ai_clock@0be887288;
     Dockerfile + compose changes correct, end-to-end build blocked on F16
  ⏸  Step 3 (A-pre) — next; touches common-plat publish flow
  ⏸  Step 4+ (A0-V retry on clock, then onward) — blocked on A-pre
 2026-05-27 01:18:25 -07:00
saravanakumardb1
8025cd5d82 docs(docker): roadmap v4 — integrate Gitea hardening (F14, F15) 
Adds 2 new findings to the docker build optimization roadmap and updates
templates to consume the new GITEA_NPM_OWNER env var shipped in common-plat
commit 610a59fd.

- F14: hardcoded Gitea owner literal across 14 repos (now resolved upstream
  via ${GITEA_NPM_OWNER:-learning_ai_user})
- F15: stale shell-env tokens (caught by scripts/gitea/doctor.sh)
- A0-1, A0-3, 7.1, 7.2, 7.5: snippets updated to thread GITEA_NPM_OWNER
  through .npmrc.docker, Dockerfile ARG/ENV, and docker-compose build args
- A0-D: new step — run gitea-doctor.sh as pre-build gate (replaces
  'wait 4 minutes for ERR_PNPM_AUTHENTICATION' with 'fail fast in 2 sec')
- Phase E: now distinguishes gitea-doctor (shipped) from docker-doctor (to
  build). Adds two new docker-doctor checks for F14
- Risk register: F14/F15 mitigations called out explicitly
 2026-05-27 00:53:33 -07:00
saravanakumardb1
1a638a84e1 docs: roadmap v3 — incorporate review feedback (F11-F13, Phase E) 
Review-driven additions:

- F11 added (silent UI breakage from missing/un-COPY'd postcss.config.mjs;
  4 repos hit this tonight: notes dff459e, jarvis_jr 36f6bc1,
  clock a308c6444, local_memory_gpt 07cdf6b)
- F12 added (healthcheck localhost → IPv6 false-fail; jarvis_jr incident)
- F13 added (enumerated COPY drift from filesystem; root cause of F11b)

Structural changes:
- New A8 (config-file COPY audit + glob pattern decision)
- New A9 (healthcheck IPv4 canonicalization)
- New A0-V verification gate (build Gitea path before optimizing)
- New § 2.5 canonical decisions (Alpine + ARG BASE_IMAGE override,
  127.0.0.1, --lockfile=false pending ADR)
- New § 7.5 canonical web Dockerfile (was missing, where F11 lives)
- New § 7.6 docker-doctor.sh skeleton
- New Phase E (docker-doctor.sh CI lint as durable insurance)
- B7 promoted from Phase D to Phase B proper (drift compounds)
- B4 husky hook extended to also block .tgz and .bak
- A0-1 env-var expansion chain explicitly documented
- A2-3 verification command corrected (docker buildx du, not docker history)
- Pilot order inverted: clock first (web + backend), then peakpulse
- C9 smoke test added (CSS bundle > 50 KB, F11 guard)
- 4 new risk-register rows for F11/F12/F13/BASE_IMAGE drift
 2026-05-27 00:34:07 -07:00
saravanakumardb1
529d4f37f5 docs: add Docker build optimization roadmap (post-audit v2) 
Captures audit findings on Dockerfile patterns across pilot repos
(peakpulse, clock):

- 10 concrete bugs documented (F1-F10): .dockerignore blocks
  pnpm-lock.yaml, sibling-workspace lockfile problem, .npmrc.docker
  inconsistencies, missing BuildKit cache mounts, etc.
- Phase A0 added: fix Gitea-registry path before optimizing
  (without it, the 'default' path doesn't actually work)
- Phase A1-A7: corepack, cache mounts, layer reordering, measurement
- Phase B: docker-prep.sh hardening (dry-run, idempotency,
  auto-restore, pre-commit guard)
- Phase C: 7 verification gates
- Phase D: deferred 11-repo rollout checklist
- ADR-pending lockfile policy decision (A3)
- Risk register + 6 open questions
 2026-05-27 00:28:10 -07:00
root
5a928b1925 docs: add Hermes setup upgrade roadmap 2026-05-26 22:12:05 +00:00
root
dea1546d9f feat: add Hermes mission control dashboard 2026-05-26 08:27:59 +00:00
root
62cf0c8c29 docs: correct Hermes dashboard roadmap repo path 2026-05-26 04:59:47 +00:00
root
1ee9c54a54 docs: clarify Hermes dashboard roadmap 2026-05-26 02:52:27 +00:00
sarvana7
62089a11cc
Create hermes_dashboard_roadmap.md 2026-05-25 03:32:35 -07:00
root
b35de88b08 feat(devops-web): fix responsive layout and add comprehensive dashboard pages 
- Fix sidebar layout: use flexbox instead of margin-left approach
- Update sidebar to use responsive display (hidden on mobile, static on desktop)
- Fix mobile overlay z-index and positioning issues
- Add proper flex container structure to all pages
- Add new dashboard pages: health, metrics, system, env, code-quality, settings/cosmos
- Add comprehensive API client and type definitions
- Add error boundary and log viewer components
- Add test infrastructure with Vitest and Playwright
- Add Docker configuration and deployment scripts

Generated with [Devin](https://cli.devin.ai/docs)

Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
 2026-05-11 03:10:31 +00:00
Saravana Achu Mac
7ec8741ba8 Add alias installer 2026-05-05 10:48:53 -07:00
Saravana Achu Mac
7b90188a37 Make aliases portable 2026-05-05 10:44:25 -07:00
root
e2810b99f8 setup: handle managed python pre-commit installs 2026-05-05 03:26:55 +00:00
root
ff08f1f387 docs: align repo navigation and operations notes 2026-05-05 03:11:46 +00:00
root
f59fcc58b1 Move scanner outputs out of repo root 2026-05-05 01:18:10 +00:00
root
14d1b566d6 Add safe templates and tooling adoption docs 2026-05-05 01:16:27 +00:00
root
013a27069b Harden Ubuntu VM security update script 2026-05-05 01:07:30 +00:00
root
3a664b5a79 Improve repo onboarding and agent guidance 2026-05-05 01:05:56 +00:00