Commit graph

4 commits

Author SHA1 Message Date
Quinn Ftw
ce8f8c1a99 feat(infra): add security scripts and VPN access controls
- Add vpn-only-access.conf nginx snippet
- Add ssl-certificate.sh service script
- Add test-vpn-access-control.sh security test
- Add verify-nginx-security.sh security verification
- Update hosts.yaml and reconciliation configs
- Enhance rectify-deploy.sh script

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-27 23:11:24 -08:00
Quinn Ftw
327cacd035 fix(reconciliation): run all services from dev machine via SSH
Reconciliation now runs entirely from the dev machine, targeting remote
hosts via SSH instead of syncing scripts and running remotely. This fixes
status-dashboard deployment which requires local build artifacts.

Changes:
- reconcile_host_remote() runs locally with ssh_prefix for all commands
- service.sh handles drift:* and error:* status conventions
- status-dashboard service syncs dist/ via rsync, manages PM2 via SSH
- nginx-config-sync extended to handle sites-available/ directory
- deploy-status-dashboard.sh and rectify-deploy.sh delegate to reconciliation
- Deprecated 7-domain-routing.conf (uses undefined log format)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-26 05:49:18 -08:00
Quinn Ftw
8080b31929 feat(deploy): add dynamic dependency detection for rectifier
Replace static JSON config with runtime dependency discovery by
grepping package.json files. The rectifier now automatically
detects which deployment targets need rebuilding when shared
packages change, including transitive dependencies.

Changes:
- Add lib/dependency-graph.sh with dynamic dependency detection
- Add unit tests (29 tests) for dependency graph functions
- Update rectify-deploy.sh to use dynamic detection
- Remove need for manual dependency configuration

How it works:
1. Extract package name from changed file path
2. Grep package.json files to find dependents
3. Map dependents to deployment targets
4. Handle transitive deps (ui-utils -> ui-primitives -> targets)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-25 23:28:34 -08:00
Quinn Ftw
2cee20740b feat(deploy): add unified rectifier for auto-deployment
Implements a proper "rectifier" pattern that detects changed components
and deploys them automatically when pushing to main.

Changes:
- Add rectify-deploy.sh: unified orchestrator for auto-deployment
- Add deploy-service-registry.sh: service-registry deployment script
- Update detect-changes.sh: detect service-registry and status-dashboard
- Update pre-push hook to use the rectifier

Components now auto-deployed:
- service-registry → vpn.1984.nasty.sh
- status-dashboard → 0.1984.nasty.sh

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-25 23:03:57 -08:00