PRD: Switch SSH to LAN IP only, add N8N HTTPS endpoint details (Traefik TLS)
This commit is contained in:
F.R.I.D.A.Y.
@@ -10,7 +10,7 @@
|
||||
|
||||
```
|
||||
[Telegram: Bobby] → Artemis (parse intent) → POST to N8N (MK7)
|
||||
↓ SSH (jarvis@artemis.ai.home)
|
||||
↓ SSH (jarvis@192.168.15.182)
|
||||
Artemis (this machine)
|
||||
↓
|
||||
[A] ~/docker/terraform-pve/run.sh apply
|
||||
@@ -55,10 +55,10 @@ Artemis parses → vmid_base=62128 (explicit override), count=5
|
||||
|------|------|---------|
|
||||
| 1 | Webhook trigger | Receive JSON payload |
|
||||
| 2 | Set SSH env vars | Export `TF_VAR_lxc_count=5 TF_VAR_vmid_base=62128` |
|
||||
| 3 | Execute SSH | `ssh jarvis@artemis.ai.home "cd ~/docker/terraform-pve && ./run.sh apply -auto-approve"` |
|
||||
|| 3 | Execute SSH | `ssh jarvis@192.168.15.182 "cd ~/docker/terraform-pve && ./run.sh apply -auto-approve"` |
|
||||
| 4 | Wait | Poll until `run.sh` exits (blocks until completion) |
|
||||
| 5 | Verify inventory | Check `~/docker/ansible-push/terraform-prefill/inventory-lxc.yml` exists |
|
||||
| 6 | Execute SSH | `ssh jarvis@artemis.ai.home "cd ~/docker/ansible-push && ./lxc-common.sh"` |
|
||||
|| 6 | Execute SSH | `ssh jarvis@192.168.15.182 "cd ~/docker/ansible-push && ./lxc-common.sh"` |
|
||||
| 7 | Notify | POST result back to Telegram/Discord |
|
||||
|
||||
### 2.4 Constraints
|
||||
@@ -90,7 +90,7 @@ Artemis parses → action=fleet_update
|
||||
| Step | Node | Command |
|
||||
|------|------|---------|
|
||||
| 1 | Webhook trigger | Receive JSON payload |
|
||||
| 2 | Execute SSH | `ssh jarvis@artemis.ai.home "cd ~/docker/ansible-push && docker compose up -d && docker exec ansible ansible-playbook playbooks/main.yml -i inventory.yml --tags fleet_update"` |
|
||||
|| 2 | Execute SSH | `ssh jarvis@192.168.15.182 "cd ~/docker/ansible-push && docker compose up -d && docker exec ansible ansible-playbook playbooks/main.yml -i inventory.yml --tags fleet_update"` |
|
||||
| 3 | Wait | Poll until ansible exits |
|
||||
| 4 | Notify | POST result back to Telegram/Discord |
|
||||
|
||||
@@ -110,11 +110,16 @@ Artemis parses → action=fleet_update
|
||||
### 4.1 Container Mounts
|
||||
- **SSH client:** `openssh-client` package installed in N8N image
|
||||
- **Private key:** Mount `~/.ssh/artemis_key` → `/root/.ssh/id_ed25519` inside N8N container
|
||||
- **Known hosts:** Pre-populated `~/.ssh/known_hosts` for `artemis.ai.home`
|
||||
- **Known hosts:** Pre-populated `~/.ssh/known_hosts` for `192.168.15.182`
|
||||
|
||||
### 4.2 N8N Credentials
|
||||
### 4.2 N8N Endpoint
|
||||
- **Webhook URL:** `https://n8n.ai.home` (Traefik-routed, TLS-terminated)
|
||||
- **DNS:** CNAME `n8n.ai.home` → `traefik.ai.home` (Technitium DNS)
|
||||
- **Network:** LAN-only (`192.168.x.x`), no external access
|
||||
|
||||
### 4.3 N8N Credentials
|
||||
- **SSH Private Key:** Store `artemis_key` in N8N "Credentials" → SSH type
|
||||
- **SSH Host:** `artemis.ai.home` (or LAN IP `192.168.15.182`)
|
||||
- **SSH Host:** `192.168.15.182` (LAN IP, no DNS resolution dependency)
|
||||
- **SSH User:** `jarvis`
|
||||
- **SSH Port:** `22`
|
||||
|
||||
|
||||
Reference in New Issue
Block a user