# 🚀 DevOps Infrastructure Deployment Status ## ✅ Deployed Services (Phase 1) | Service | Container ID | IP | Ports | Status | URL | Notes | |---------|-------------|-----|-------|--------|-----|-------| | **Traefik** | Auto | 10.10.30.18 | 8080 | ✅ Running | http://10.10.30.18:8080 | Gateway/Reverse Proxy | | **Gitea** | 101 | 10.10.30.120 | 3000 | ✅ Running | http://10.10.30.120:3000 | Git + CI/CD + Packages (SQLite) | | **Docker Registry** | b1e155e920e6 | 10.10.30.121 | 5000 | ✅ Running | http://10.10.30.121:5000 | Private Docker images | | **Registry UI** | Auto | 10.10.30.121 | 8080 | ✅ Running | http://10.10.30.121:8080 | Registry web interface | | **Portainer** | 065fd8cfa26b | 10.10.30.121 | 9000 | ✅ Running | http://10.10.30.121:9000 | Docker management | | **Portainer Agent** | 3a2831b9a481 | 10.10.30.121 | 9001 | ✅ Running | - | Docker agent | | **Vault** | Auto | 10.10.30.121 | 8200 | ✅ Running | http://10.10.30.121:8200 | Secrets management (token: myroot) | ## 🔧 Working Docker Commands ### Registry with CORS fix: ```bash docker run -d \ --name registry \ --restart=always \ -p 5000:5000 \ -v /opt/registry-data:/var/lib/registry \ -e REGISTRY_HTTP_HEADERS_ACCESS-CONTROL-ALLOW-ORIGIN='[http://10.10.30.121:8080]' \ -e REGISTRY_HTTP_HEADERS_ACCESS-CONTROL-ALLOW-METHODS='[HEAD,GET,OPTIONS,DELETE]' \ -e REGISTRY_HTTP_HEADERS_ACCESS-CONTROL-ALLOW-CREDENTIALS='[true]' \ -e REGISTRY_HTTP_HEADERS_ACCESS-CONTROL-ALLOW-HEADERS='[Authorization,Accept,Cache-Control]' \ registry:2.8 ``` ### Registry UI: ```bash docker run -d \ --name registry-ui \ --restart=always \ -p 8080:80 \ -e REGISTRY_TITLE="DevOps Docker Registry" \ -e REGISTRY_URL="http://10.10.30.121:5000" \ -e REGISTRY_SINGLE="true" \ joxit/docker-registry-ui:latest ``` ### Vault (dev mode): ```bash docker run -d \ --name vault \ --restart=always \ -p 8200:8200 \ -e VAULT_DEV=1 \ -e VAULT_DEV_ROOT_TOKEN_ID=myroot \ hashicorp/vault:latest \ vault server -dev -dev-listen-address="0.0.0.0:8200" ``` ## ⏳ Next Phase Services (To Deploy) | Service | Planned IP | Ports | Purpose | |---------|-----------|-------|---------| | **Nexus** | 10.10.30.40 | 8081 | Artifacts, PyPI/npm proxy | | **Prometheus** | 10.10.30.70 | 9090 | Metrics collection | | **Grafana** | 10.10.30.80 | 3000 | Monitoring dashboards | ## 🎯 Target Project: MikroTik Telegram Bot **Source:** `mikrotik_home/telegram_bot/` **Goal:** Full CI/CD pipeline for auto-deployment ## 📊 Infrastructure Resources **Proxmox Host:** - RAM: 62GB (plenty available) - CPU: 16 cores - Network: 10.10.30.0/24 (ProxmoxLAN) - Gateway: 10.10.30.1 **Current Usage:** ~7GB RAM, ~12 CPU cores ## 🔑 Key Learnings 1. **SQLite better than MySQL** for Gitea in LXC 2. **CORS headers required** for Registry UI 3. **Community-scripts work well** for base deployments 4. **Portainer Agent vs Server** distinction important 5. **Registry UI better than Portainer registries** (free) 6. **SonarQube requires PostgreSQL** - complex for MVP 7. **Vault dev mode perfect** for testing 8. **Gitea packages eliminate need** for separate Nexus