# DevMatrix Infrastructure Scripts

Production-grade infrastructure automation for DevMatrix services.

## Repository Structure

```
infrastructure/
├── deploy-production.sh      # Zero-downtime deployment
├── health-monitor.sh         # Health checks & auto-restart
├── backup-manager.sh         # Database & config backups
└── ecosystem.config.js       # PM2 process configuration

proxmox/
├── create-production-vm.sh   # Create production VM
└── setup-production-vm.sh    # Configure production VM
```

## Quick Start

### 1. Create Production VM (on Proxmox host)
```bash
# SSH into Proxmox host, then:
curl -fsSL https://git.lemonlink.eu/devmatrix/devmatrix-scripts/raw/branch/main/proxmox/create-production-vm.sh | sudo bash
```

### 2. Setup Production VM (on new VM)
```bash
# SSH into new production VM (192.168.5.211)
ssh devmatrix@192.168.5.211

# Run setup
curl -fsSL https://git.lemonlink.eu/devmatrix/devmatrix-scripts/raw/branch/main/proxmox/setup-production-vm.sh | sudo bash
```

### 3. Deploy Mission Control
```bash
# Clone Mission Control
git clone https://git.lemonlink.eu/devmatrix/mission-control.git ~/mission-control

# Deploy
cd ~/mission-control
mc-deploy
```

## Scripts

### deploy-production.sh
Zero-downtime deployment with:
- Database backup before deploy
- Health checks
- Automatic rollback on failure
- Telegram notifications

```bash
./deploy-production.sh [staging|production]
```

### health-monitor.sh
Runs every minute via cron:
- Health check endpoint
- Auto-restart on failure
- Telegram alerts
- 5-minute alert cooldown

```bash
# Add to crontab
echo "* * * * * /home/devmatrix/devmatrix-scripts/infrastructure/health-monitor.sh" | crontab
```

### backup-manager.sh
Daily backup with 30-day retention:
- Database backups (SQLite)
- Configuration backups
- Automatic cleanup
- Restore capability

```bash
./backup-manager.sh backup    # Create backup
./backup-manager.sh list      # List backups
./backup-manager.sh restore <file>  # Restore from backup
./backup-manager.sh cleanup   # Remove old backups
```

## Helper Commands

After setup, these commands are available:

```bash
mc-status      # Check service status
mc-start       # Start Mission Control
mc-stop        # Stop Mission Control
mc-restart     # Restart Mission Control
mc-logs        # View live logs
mc-deploy      # Deploy new version
```

## Production Architecture

```
Internet
    ↓
Router (192.168.5.1)
    ↓
├─ VM-100: DevMatrix-Dev (192.168.5.210)
│   └─ Development & Testing
│
└─ VM-101: DevMatrix-Prod (192.168.5.211)
    ├─ Mission Control (Port 3000)
    ├─ PM2 Process Manager
    ├─ Health Monitor (cron)
    └─ Backup Manager (cron)
```

## Security

- Firewall (UFW) - Only ports 80, 443, 22
- Fail2ban for intrusion prevention
- SSH key only (no passwords)
- Root login disabled
- Automatic security updates
- Resource limits (2GB RAM max)

## Monitoring

- Health checks every 30 seconds
- Auto-restart on crash
- Telegram notifications
- Systemd watchdog
- PM2 monitoring dashboard

## Backup Strategy

- **Frequency:** Daily at 2:00 AM
- **Location:** /mnt/nas/backups/mission-control
- **Retention:** 30 days
- **Includes:** Database + Config files
- **Compression:** gzip

## License

MIT - DevMatrix