RogueWave
571e5d04d2
- scripts/phase0-provision.sh: idempotent root setup (nginx, PostgreSQL, Redis, certbot/TLS, UFW). Opens 22/2222/80/443 before enabling UFW so SSH and Gitea git-SSH can't be locked out. Redis/Postgres stay localhost-only. - infra/nginx/feedthepyre.com.conf: vhost serving the status page; commented web(:3000)/api(:4000) reverse-proxy blocks ready for app deploy. - infra/status/: data-driven dev status dashboard (status.json + gen-status.mjs + prebuilt index.html), served at feedthepyre.com. - ecosystem.config.cjs (PM2), infra/systemd/pm2-pyre.service, infra/logrotate/pyre, scripts/backup.sh — process mgmt + ops (inert until apps are built). Built by 4 parallel agents, reviewed by 2 audit agents; audit fixes applied (logs dir creation, port-citation accuracy, status truthfulness). pm2 installed user-level. Privileged steps gated on `sudo bash scripts/phase0-provision.sh`. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
35 lines
957 B
Plaintext
35 lines
957 B
Plaintext
# PYRE / Prometheus Protocol — logrotate config.
|
|
#
|
|
# INERT until logs are actually being produced (PM2 apps running / nginx
|
|
# serving). The paths below will simply be skipped (missingok) until then.
|
|
#
|
|
# Install (run as a privileged user):
|
|
# sudo cp /home/pyre/pyre/infra/logrotate/pyre /etc/logrotate.d/pyre
|
|
# sudo logrotate --debug /etc/logrotate.d/pyre # dry-run to validate
|
|
#
|
|
# copytruncate is used so PM2 and nginx keep writing to the same file handle
|
|
# (no restart/reopen needed after rotation).
|
|
|
|
# ---- PYRE app logs (written by PM2) ----------------------------------------
|
|
/home/pyre/pyre/logs/*.log {
|
|
su pyre pyre
|
|
daily
|
|
rotate 14
|
|
compress
|
|
delaycompress
|
|
missingok
|
|
notifempty
|
|
copytruncate
|
|
}
|
|
|
|
# ---- nginx logs for feedthepyre ---------------------------------------------
|
|
/var/log/nginx/feedthepyre.*.log {
|
|
daily
|
|
rotate 14
|
|
compress
|
|
delaycompress
|
|
missingok
|
|
notifempty
|
|
copytruncate
|
|
}
|