sayan/Project_Velocity
1
1
Fork 0
forked from sagnik/Project_Velocity
Code Issues Pull Requests Activity
Files
075ab280ada38123add6ae0fcee9161d05c3a380
Project_Velocity/remote_bootstrap_20260401.sh
Sagnik 075ab280ad Built the Sentinel Tab
2026-04-12 02:02:58 +05:30

115 lines
4.5 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
set -euo pipefail
DB_PASSWORD=$(openssl rand -base64 24 | tr -dc A-Za-z0-9 | head -c 24)
JWT_SECRET=$(openssl rand -hex 32)
sudo mkdir -p /opt/dlami/nvme/pgdata/14/velocity /opt/dlami/nvme/velocity/shared/logs /opt/dlami/nvme/velocity/tls
sudo chown -R postgres:postgres /opt/dlami/nvme/pgdata
if ! pg_lsclusters | awk 'NR>1 {print $1, $2}' | grep -q '^14 velocity$'; then
sudo pg_createcluster 14 velocity --datadir=/opt/dlami/nvme/pgdata/14/velocity -- --auth-local=peer --auth-host=scram-sha-256
fi
sudo sed -i "s/^#\?listen_addresses.*/listen_addresses = '127.0.0.1'/" /etc/postgresql/14/velocity/postgresql.conf
sudo pg_ctlcluster 14 velocity start
if ! sudo -u postgres psql -p 5432 -tAc "SELECT 1 FROM pg_roles WHERE rolname = 'velocity_app'" | grep -q 1; then
sudo -u postgres psql -p 5432 -c "CREATE ROLE velocity_app LOGIN PASSWORD '$DB_PASSWORD';"
else
sudo -u postgres psql -p 5432 -c "ALTER ROLE velocity_app WITH PASSWORD '$DB_PASSWORD';"
fi
if ! sudo -u postgres psql -p 5432 -tAc "SELECT 1 FROM pg_database WHERE datname = 'velocity'" | grep -q 1; then
sudo -u postgres psql -p 5432 -c "CREATE DATABASE velocity OWNER velocity_app;"
fi
psql "postgresql://velocity_app:${DB_PASSWORD}@127.0.0.1:5432/velocity" -f /opt/dlami/nvme/velocity/current/backend/db/schema.sql
psql "postgresql://velocity_app:${DB_PASSWORD}@127.0.0.1:5432/velocity" -f /opt/dlami/nvme/velocity/current/backend/db/schema_addendum.sql
cat > /tmp/velocity.env <<EOF
VELOCITY_DB_HOST=127.0.0.1
VELOCITY_DB_PORT=5432
VELOCITY_DB_NAME=velocity
VELOCITY_DB_USER=velocity_app
VELOCITY_DB_PASSWORD=${DB_PASSWORD}
VELOCITY_JWT_SECRET=${JWT_SECRET}
CORS_ORIGINS=http://localhost:5173,https://18.212.122.77
VELOCITY_ASSET_DIR=/opt/dlami/nvme/assets
OLLAMA_BASE_URL=http://127.0.0.1:11434
NEMOCLAW_BASE_URL=http://127.0.0.1:8080
NEMOCLAW_MODEL=qwen3.5:27b
NEMOCLAW_TIMEOUT_S=45.0
NEMOCLAW_TEMPERATURE=0.2
NEMOCLAW_PROMPT_DIR=/opt/dlami/nvme/nemoclaw/prompts
ALLOW_NVIDIA_FALLBACK=false
EOF
sudo mv /tmp/velocity.env /opt/dlami/nvme/velocity/env
sudo chown root:ubuntu /opt/dlami/nvme/velocity/env
sudo chmod 640 /opt/dlami/nvme/velocity/env
cat > /tmp/velocity-backend.service <<'EOF'
[Unit]
Description=Project Velocity NVMe FastAPI Backend
After=network.target postgresql@14-velocity.service ollama.service docker.service
Wants=postgresql@14-velocity.service ollama.service docker.service
[Service]
Type=simple
User=ubuntu
Group=ubuntu
WorkingDirectory=/opt/dlami/nvme/velocity/current
Environment=PYTHONPATH=/opt/dlami/nvme/velocity/current
EnvironmentFile=/opt/dlami/nvme/velocity/env
ExecStart=/opt/dlami/nvme/velocity/venv/bin/python -m uvicorn backend.main:app --host 127.0.0.1 --port 8001
Restart=always
RestartSec=5
StandardOutput=append:/opt/dlami/nvme/velocity/shared/logs/backend.log
StandardError=append:/opt/dlami/nvme/velocity/shared/logs/backend.log
[Install]
WantedBy=multi-user.target
EOF
sudo mv /tmp/velocity-backend.service /etc/systemd/system/velocity-backend.service
sudo openssl req -x509 -nodes -newkey rsa:2048 -days 365 -subj '/CN=18.212.122.77' -keyout /opt/dlami/nvme/velocity/tls/velocity.key -out /opt/dlami/nvme/velocity/tls/velocity.crt >/dev/null 2>&1
sudo chown root:root /opt/dlami/nvme/velocity/tls/velocity.key /opt/dlami/nvme/velocity/tls/velocity.crt
sudo chmod 600 /opt/dlami/nvme/velocity/tls/velocity.key
cat > /tmp/velocity-nginx.conf <<'EOF'
server {
listen 443 ssl;
server_name 18.212.122.77;
ssl_certificate /opt/dlami/nvme/velocity/tls/velocity.crt;
ssl_certificate_key /opt/dlami/nvme/velocity/tls/velocity.key;
ssl_protocols TLSv1.2 TLSv1.3;
location / {
proxy_pass http://127.0.0.1:8001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
location /ws/ {
proxy_pass http://127.0.0.1:8001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
EOF
sudo mv /tmp/velocity-nginx.conf /etc/nginx/sites-available/velocity
sudo rm -f /etc/nginx/sites-enabled/default
sudo ln -sfn /etc/nginx/sites-available/velocity /etc/nginx/sites-enabled/velocity
sudo systemctl daemon-reload
sudo systemctl enable velocity-backend.service
sudo systemctl restart velocity-backend.service
sudo nginx -t
sudo systemctl restart nginx
Reference in New Issue View Git Blame Copy Permalink