126 lines
2.9 KiB
Markdown
126 lines
2.9 KiB
Markdown
# near-intents-monitor platform repo
|
|
|
|
This repository now serves two roles:
|
|
|
|
1. **shared platform/infrastructure** for the Hetzner + k3s cluster
|
|
2. the embedded **`unrip` project**, isolated under `projects/unrip/` so it can later become its own repository
|
|
|
|
## Repo layout
|
|
|
|
```text
|
|
infra/
|
|
terraform/
|
|
hetzner/
|
|
scripts/
|
|
hetzner/
|
|
deploy/
|
|
hetzner/
|
|
k8s/
|
|
platform/
|
|
overlays/
|
|
hetzner-single-node/
|
|
projects/
|
|
unrip/
|
|
src/
|
|
package.json
|
|
Dockerfile
|
|
compose.yml
|
|
deploy/
|
|
k8s/
|
|
base/
|
|
docs/
|
|
```
|
|
|
|
## Shared platform at repo root
|
|
|
|
Shared/root-owned parts include:
|
|
- Hetzner Terraform
|
|
- cloud-init + bootstrap scripts
|
|
- cluster/platform Kubernetes manifests
|
|
- Forgejo
|
|
- Forgejo runner
|
|
- registry
|
|
- cert-manager
|
|
- Traefik integration
|
|
- Grafana
|
|
- Loki
|
|
- Promtail
|
|
- Headlamp
|
|
- shared operator docs and runbooks
|
|
|
|
## Embedded project: `unrip`
|
|
|
|
The trading-system code and project-specific deployment assets now live in:
|
|
|
|
- `projects/unrip/`
|
|
|
|
That directory contains:
|
|
- app source
|
|
- Node package files
|
|
- Docker build files
|
|
- local Compose setup
|
|
- project-specific Kubernetes manifests
|
|
- project-specific docs
|
|
|
|
Start there for project work:
|
|
- `projects/unrip/README.md`
|
|
- `projects/unrip/docs/contracts.md`
|
|
- `projects/unrip/docs/spec.md`
|
|
|
|
## Canonical production path
|
|
|
|
The canonical production path is the repo-driven Hetzner + k3s bootstrap flow.
|
|
|
|
```bash
|
|
cp scripts/hetzner/bootstrap-secrets.env.example scripts/hetzner/bootstrap-secrets.env
|
|
source scripts/hetzner/bootstrap-secrets.env
|
|
bash scripts/hetzner/bootstrap.sh
|
|
```
|
|
|
|
Bootstrap now:
|
|
1. provisions/updates Hetzner infra with Terraform
|
|
2. optionally manages DNS through Cloudflare or Porkbun
|
|
3. fetches kubeconfig from the node into `.state/hetzner/kubeconfig.yaml`
|
|
4. renders `.state/hetzner/generated-overlay/`
|
|
5. applies shared platform manifests plus the selected project manifests
|
|
6. bootstraps Forgejo admin, runner, repo, and Actions config
|
|
7. seeds this repo into Forgejo
|
|
8. lets Forgejo Actions perform the default image build + deploy path
|
|
|
|
## Runtime surfaces
|
|
|
|
- Forgejo: `https://git.doran.133011.xyz/`
|
|
- Registry: `https://registry.doran.133011.xyz/`
|
|
- Grafana: `https://grafana.doran.133011.xyz/`
|
|
- Headlamp: `https://headlamp.doran.133011.xyz/`
|
|
|
|
## Local project development
|
|
|
|
For the trading system itself:
|
|
|
|
```bash
|
|
cd projects/unrip
|
|
npm install
|
|
cp .env.example .env
|
|
# edit .env
|
|
|
|
docker compose up -d --build
|
|
```
|
|
|
|
## Operator docs
|
|
|
|
Current operator/platform docs:
|
|
- `docs/hetzner-k3s-bootstrap.md`
|
|
- `docs/hetzner-self-hosted-ci-runbook.md`
|
|
- `docs/k8s-observability.md`
|
|
- `docs/hetzner-rebuild-pipeline.md`
|
|
- `deploy/hetzner/README.md`
|
|
- `deploy/k8s/README.md`
|
|
- `deploy/k8s/overlays/hetzner-single-node/README.md`
|
|
|
|
## Notes
|
|
|
|
- Ingress is Traefik-based. The old ingress-nginx path is obsolete.
|
|
- Grafana is for historical log search.
|
|
- Headlamp is for cluster/pod browsing and pod logs.
|
|
- Use `pass`-backed `*_PASS` values for secrets whenever possible.
|