# Codex Work Context (New Pipeline Experiment) ## Goal Create a simplified, stable pipeline that provisions a dynamic Integration/Atest environment via Terraform and deploys the platform using Docker Compose on a single-node VM. This is a PoC to validate the flow end-to-end. ## Guiding Principles - Keep everything basic and transparent. No hidden logic or magic variables. - Prefer explicit, readable configuration over abstraction. - Security hardening is not a priority at this stage. - The goal is: it works, and it is easy to see why it works or fails. ## Current Plan (High-Level) 1. Terraform provisions a VM from Proxmox template `debian12-tf-template`. 2. Docker Compose is used to deploy the platform on that VM. 3. HAProxy handles routing for API and frontends (TLS enabled). 4. Healthcheck confirms readiness via: `https://.wolkabout.com/api/infos/server` 5. Tear down the VM after the run (if/when automated). ## Compose Package Location Prepared in: - `/home/nikola/codex-cli/terraform-vm-docker` Contains: - `docker-compose.yml` - `.env` - `bring-up.md` - `healthcheck.sh` - `config/` (wolk config YAMLs + firebase JSON) - `haproxy_config/` (haproxy.cfg + options.http) - `ssl/2026-SSL-WA-full.pem` - `custom-assets/federation.manifest.json` - `whiteLabeling/` (generated by backend on first successful start) ## Runtime Assumptions (from existing Swarm setup) Images in use: - `629307322585.dkr.ecr.eu-west-1.amazonaws.com/mono-web:150` - `629307322585.dkr.ecr.eu-west-1.amazonaws.com/wolkabout:cloudconfig-22.8.2` - `629307322585.dkr.ecr.eu-west-1.amazonaws.com/wolkabout:wafels-112.federation-poc-1` - `629307322585.dkr.ecr.eu-west-1.amazonaws.com/wolkabout:frontend-federated` - `629307322585.dkr.ecr.eu-west-1.amazonaws.com/utils-http2amqp:151` - `629307322585.dkr.ecr.eu-west-1.amazonaws.com/utils-mqtt2amqp:151` - `629307322585.dkr.ecr.eu-west-1.amazonaws.com/wolkabout:mqtt_ws` - `rabbitmq:4.1-management-alpine` - `grafana/loki:3.4.1` - `haproxy:2.6` Known dependencies: - MySQL: `10.0.50.157:3306` (schema `swarm`, user `wolk`, pass `Test1234`) - Cassandra: `10.0.50.163` (keyspace `swarm`) ## Healthcheck Use `healthcheck.sh` to verify readiness: - `https://.wolkabout.com/api/infos/server` - Expects HTTP 200 and JSON with `organization` key. ## Networking - Compose network name: `core-net` - Single-node bridge network (no overlay) - Ports exposed: `80`, `443`, `2883`, `8883`, `3100` ## Notes - MQTT/HTTP2AMQP config mounts are present but commented in Compose. - All secrets are kept inline for now to reduce moving parts. - Debugging should be obvious from config + logs without additional tooling.