Iron-Legion/documentation
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PRD: Switch SSH to LAN IP only, add N8N HTTPS endpoint details (Traefik TLS)

Browse Source
This commit is contained in:
F.R.I.D.A.Y.
2026-06-05 22:12:08 -04:00
parent c7df48b9a0
commit 850802b21e
1 changed files with 12 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
PRD Drafts/n8n-terraform-ansible-orchestrator.md
View File

@@ -10,7 +10,7 @@
``` ```
[Telegram: Bobby] → Artemis (parse intent) → POST to N8N (MK7) [Telegram: Bobby] → Artemis (parse intent) → POST to N8N (MK7)
↓ SSH (jarvis@artemis.ai.home) ↓ SSH (jarvis@192.168.15.182)
Artemis (this machine) Artemis (this machine)
[A] ~/docker/terraform-pve/run.sh apply [A] ~/docker/terraform-pve/run.sh apply
@@ -55,10 +55,10 @@ Artemis parses → vmid_base=62128 (explicit override), count=5
|------|------|---------| |------|------|---------|
| 1 | Webhook trigger | Receive JSON payload | | 1 | Webhook trigger | Receive JSON payload |
| 2 | Set SSH env vars | Export `TF_VAR_lxc_count=5 TF_VAR_vmid_base=62128` | | 2 | Set SSH env vars | Export `TF_VAR_lxc_count=5 TF_VAR_vmid_base=62128` |
| 3 | Execute SSH | `ssh jarvis@artemis.ai.home "cd ~/docker/terraform-pve && ./run.sh apply -auto-approve"` | || 3 | Execute SSH | `ssh jarvis@192.168.15.182 "cd ~/docker/terraform-pve && ./run.sh apply -auto-approve"` |
| 4 | Wait | Poll until `run.sh` exits (blocks until completion) | | 4 | Wait | Poll until `run.sh` exits (blocks until completion) |
| 5 | Verify inventory | Check `~/docker/ansible-push/terraform-prefill/inventory-lxc.yml` exists | | 5 | Verify inventory | Check `~/docker/ansible-push/terraform-prefill/inventory-lxc.yml` exists |
| 6 | Execute SSH | `ssh jarvis@artemis.ai.home "cd ~/docker/ansible-push && ./lxc-common.sh"` | || 6 | Execute SSH | `ssh jarvis@192.168.15.182 "cd ~/docker/ansible-push && ./lxc-common.sh"` |
| 7 | Notify | POST result back to Telegram/Discord | | 7 | Notify | POST result back to Telegram/Discord |
### 2.4 Constraints ### 2.4 Constraints
@@ -90,7 +90,7 @@ Artemis parses → action=fleet_update
| Step | Node | Command | | Step | Node | Command |
|------|------|---------| |------|------|---------|
| 1 | Webhook trigger | Receive JSON payload | | 1 | Webhook trigger | Receive JSON payload |
| 2 | Execute SSH | `ssh jarvis@artemis.ai.home "cd ~/docker/ansible-push && docker compose up -d && docker exec ansible ansible-playbook playbooks/main.yml -i inventory.yml --tags fleet_update"` | || 2 | Execute SSH | `ssh jarvis@192.168.15.182 "cd ~/docker/ansible-push && docker compose up -d && docker exec ansible ansible-playbook playbooks/main.yml -i inventory.yml --tags fleet_update"` |
| 3 | Wait | Poll until ansible exits | | 3 | Wait | Poll until ansible exits |
| 4 | Notify | POST result back to Telegram/Discord | | 4 | Notify | POST result back to Telegram/Discord |
@@ -110,11 +110,16 @@ Artemis parses → action=fleet_update
### 4.1 Container Mounts ### 4.1 Container Mounts
- **SSH client:** `openssh-client` package installed in N8N image - **SSH client:** `openssh-client` package installed in N8N image
- **Private key:** Mount `~/.ssh/artemis_key``/root/.ssh/id_ed25519` inside N8N container - **Private key:** Mount `~/.ssh/artemis_key``/root/.ssh/id_ed25519` inside N8N container
- **Known hosts:** Pre-populated `~/.ssh/known_hosts` for `artemis.ai.home` - **Known hosts:** Pre-populated `~/.ssh/known_hosts` for `192.168.15.182`
### 4.2 N8N Credentials ### 4.2 N8N Endpoint
- **Webhook URL:** `https://n8n.ai.home` (Traefik-routed, TLS-terminated)
- **DNS:** CNAME `n8n.ai.home``traefik.ai.home` (Technitium DNS)
- **Network:** LAN-only (`192.168.x.x`), no external access
### 4.3 N8N Credentials
- **SSH Private Key:** Store `artemis_key` in N8N "Credentials" → SSH type - **SSH Private Key:** Store `artemis_key` in N8N "Credentials" → SSH type
- **SSH Host:** `artemis.ai.home` (or LAN IP `192.168.15.182`) - **SSH Host:** `192.168.15.182` (LAN IP, no DNS resolution dependency)
- **SSH User:** `jarvis` - **SSH User:** `jarvis`
- **SSH Port:** `22` - **SSH Port:** `22`