From 20d26d473ee7fd30856122a261bba81bf77b2a47 Mon Sep 17 00:00:00 2001 From: fullsizemalt <106900403+fullsizemalt@users.noreply.github.com> Date: Sat, 27 Dec 2025 17:23:31 -0800 Subject: [PATCH] feat: initial commit for backup --- nexus-vector/probe.sh | 31 +++++++++++++++++++ push-deploy.sh | 46 ++++++++++++++++++++++++++++ seed-changelog.py | 70 +++++++++++++++++++++++++++++++++++++++++++ update-ssh-keys.sh | 30 +++++++++++++++++++ 4 files changed, 177 insertions(+) create mode 100644 nexus-vector/probe.sh create mode 100755 push-deploy.sh create mode 100644 seed-changelog.py create mode 100755 update-ssh-keys.sh diff --git a/nexus-vector/probe.sh b/nexus-vector/probe.sh new file mode 100644 index 0000000..734ebeb --- /dev/null +++ b/nexus-vector/probe.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env bash +set -euo pipefail + +echo "== MTAD Nexus-Vector Probe ==" + +if [ -d /opt/onboarding ]; then + echo "-- /opt/onboarding file list --" + ls -la /opt/onboarding || true + echo + for f in /opt/onboarding/*; do + [ -f "$f" ] || continue + echo "-- CONTENT: $f --" + # Show first and last 100 lines to avoid dumping secrets verbatim; adjust if safe + echo "(head)"; head -n 100 "$f" || true + echo "(tail)"; tail -n 100 "$f" || true + echo + done +else + echo "No /opt/onboarding directory found." >&2 +fi + +echo "-- System summary --" +command -v kubectl >/dev/null 2>&1 && kubectl version --short || echo "kubectl not found" +command -v helm >/dev/null 2>&1 && helm version --short || echo "helm not found" +command -v docker >/dev/null 2>&1 && docker --version || echo "docker not found" + +echo "-- Env hints (redacted) --" +env | grep -E "(POSTGRES|PG_|REDIS|S3|MINIO|AWS_|OIDC|OKTA|AUTH|KAFKA|NATS|VAULT|OTEL)" || true + +echo "== End Probe ==" + diff --git a/push-deploy.sh b/push-deploy.sh new file mode 100755 index 0000000..9f0a7e3 --- /dev/null +++ b/push-deploy.sh @@ -0,0 +1,46 @@ +#!/usr/bin/env bash +# Push local changes to the remote and deploy on the nexus-vector host. +# Usage: +# ./scripts/push-deploy.sh # push current branch and deploy +# DRY_RUN=1 ./scripts/push-deploy.sh # show commands without executing +# +# Environment overrides: +# REMOTE=origin +# BRANCH= +# DEPLOY_HOST=nexus-vector +# DEPLOY_USER=root +# DEPLOY_PATH=/root/ANTIGRAVITY/honkingversion + +set -euo pipefail + +REMOTE="${REMOTE:-origin}" +BRANCH="${BRANCH:-$(git rev-parse --abbrev-ref HEAD)}" +DEPLOY_HOST="${DEPLOY_HOST:-nexus-vector}" +DEPLOY_USER="${DEPLOY_USER:-root}" +DEPLOY_PATH="${DEPLOY_PATH:-/root/ANTIGRAVITY/honkingversion}" +SSH_TARGET="${DEPLOY_USER}@${DEPLOY_HOST}" +DRY_RUN="${DRY_RUN:-0}" + +info() { echo "[$(date +%H:%M:%S)] $*"; } +run() { + if [ "$DRY_RUN" != "0" ]; then + echo "DRY RUN: $*" + else + eval "$@" + fi +} + +# Require clean working tree when actually deploying to avoid pushing unintended files. +if [ "$DRY_RUN" = "0" ] && [ -n "$(git status --porcelain)" ]; then + git status --short + echo "❌ Working tree is dirty. Commit or stash changes before deploying." + exit 1 +fi + +info "Pushing branch '$BRANCH' to '$REMOTE'..." +run "git push ${REMOTE} ${BRANCH}" + +info "Deploying on ${SSH_TARGET}:${DEPLOY_PATH}..." +run "ssh ${SSH_TARGET} 'set -euo pipefail; cd ${DEPLOY_PATH} && git fetch ${REMOTE} ${BRANCH} && git checkout ${BRANCH} && git pull --ff-only ${REMOTE} ${BRANCH} && docker compose down && docker compose pull && docker compose up -d --build && docker compose ps'" + +info "✅ Deploy complete." diff --git a/seed-changelog.py b/seed-changelog.py new file mode 100644 index 0000000..e454ddc --- /dev/null +++ b/seed-changelog.py @@ -0,0 +1,70 @@ +#!/usr/bin/env python3 +""" +Seed the changelog with a few recent updates for local/dev databases. +Skips seeding if rows already exist. +""" +import sqlite3 +from pathlib import Path + + +ROOT = Path(__file__).resolve().parent.parent +DB_PATH = ROOT / "database.db" + +ENTRIES = [ + { + "title": "Settings Phase 3 shipped", + "description": "Added security, OAuth connections, and data export/delete flows to settings.", + "type": "feature", + "date": "2025-01-10T12:00:00Z", + }, + { + "title": "2FA input fixes", + "description": "Relaxed type validation on two-factor code entry to prevent blocked sign-ins.", + "type": "fix", + "date": "2025-01-08T18:00:00Z", + }, + { + "title": "Settings utilities refactor", + "description": "Extracted shared settings helpers to reduce duplication across panels.", + "type": "improvement", + "date": "2025-01-05T15:30:00Z", + }, +] + + +def main() -> None: + if not DB_PATH.exists(): + raise SystemExit(f"database not found at {DB_PATH}") + + conn = sqlite3.connect(DB_PATH) + conn.row_factory = sqlite3.Row + + with conn: + count = conn.execute("SELECT COUNT(*) FROM changelogentry").fetchone()[0] + if count: + print(f"changelogentry already has {count} row(s); skipping seed.") + return + + rows = [ + ( + entry["title"], + entry["description"], + entry["date"], + entry["type"], + None, # credited_user_id + ) + for entry in ENTRIES + ] + + conn.executemany( + """ + INSERT INTO changelogentry (title, description, date, type, credited_user_id) + VALUES (?, ?, ?, ?, ?) + """, + rows, + ) + print(f"Seeded {len(rows)} changelog entries into {DB_PATH}") + + +if __name__ == "__main__": + main() diff --git a/update-ssh-keys.sh b/update-ssh-keys.sh new file mode 100755 index 0000000..131634d --- /dev/null +++ b/update-ssh-keys.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +# This script updates the authorized_keys file with the keys from the ssh-keys repository. +# It assumes that the ssh-keys repository is available on the local machine at the path defined in SSH_KEYS_DIR. + +# The directory where the ssh-keys repository is located. +# TODO: Update this path to the actual location of the ssh-keys repository on the server. +SSH_KEYS_DIR="/Users/ten/ssh-keys" + +# The authorized_keys file to update. +AUTHORIZED_KEYS_FILE="$HOME/.ssh/authorized_keys" + +# The directory containing the public keys. +KEYS_DIR="$SSH_KEYS_DIR/keys" + +# Ensure the .ssh directory exists. +mkdir -p "$(dirname "$AUTHORIZED_KEYS_FILE")" + +# Start with a clean authorized_keys file. +> "$AUTHORIZED_KEYS_FILE" + +# Concatenate all public keys into the authorized_keys file. +for key_file in "$KEYS_DIR"/*.pub; do + if [ -f "$key_file" ]; then + cat "$key_file" >> "$AUTHORIZED_KEYS_FILE" + echo "" >> "$AUTHORIZED_KEYS_FILE" # Add a newline after each key + fi +done + +echo "SSH keys updated successfully."