bastian/deploy_home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
260 Commits 1 Branch 0 Tags
16053e1cbbe37896ed46247112e5179f0695aaa9
Commit Graph

19 Commits

Author SHA1 Message Date
Bastian de Byl 16053e1cbb fulfillr: drop Snipcart key, add outreach/recovery schedule config, bump image 
- remove snipcart_api_key from dev/production config (Snipcart decommissioned
  post-migration)
- add review-outreach and cart-recovery schedule_name/schedule_group blocks
  (dev + prod) for the EventBridge-driven outreach and cart-recovery jobs
- bump fulfillr image 20260607.0217 -> 20260613.0117

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-06-14 10:19:56 -04:00
Bastian de Byl 2335b4980d fulfillr(prod): wire prod Turso store + live Stripe (fulfillr_prod_* vars) + image 20260606.1735 2026-06-06 17:28:00 -04:00
Bastian de Byl da98a2c5dc fulfillr(prod): add download_base_url=https://api.debyltech.com to production.json.j2 (cutover prep) 2026-06-06 16:55:55 -04:00
Bastian de Byl 935de1fcfe fulfillr-dev: download_base_url for resend-download links 2026-06-06 11:32:42 -04:00
Bastian de Byl 35213d81c3 fulfillr-dev: point aws.bucket at debyltech.digital.dev (digital file uploads) 2026-06-06 08:42:33 -04:00
Bastian de Byl e82ace6de3 fulfillr-dev: staging back-office container + Turso store prep 
Add a second go-fulfillr container (fulfillr-dev) wired to the staging
Turso store + EasyPost/Stripe test keys via dev.json, served at
fulfillr-dev.debyltech.com (Caddy -> :9055), LAN-restricted like prod.

- fulfillr-dev.yml + dev.json.j2: the staging container, volumes, config
- defaults: fulfillr_dev_* vars; prod store URL stubbed off until cutover
- Caddyfile + caddy.yml: fulfillr-dev site block and static mount
- awsddns.yml: Route53 DDNS for the fulfillr-dev hostname
- production.json.j2: add store_database_url/store_auth, rename stripe key
  var to fulfillr_stripe_api_key
- vault.yml: dev + store/stripe secrets

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-06-06 00:23:07 -04:00
Bastian de Byl 2df5b7fc03 Deploy fulfillr 20260603.0222 and wire tickets_table 
Bump fulfillr image to the build with the tickets feature, and add the
tickets_table to the fulfillr production.json config (new debyltech-tickets-prod
DynamoDB table) so the /api/v1/tickets routes register.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-06-02 22:32:52 -04:00
Bastian de Byl 5e189289e7 fulfillr: deploy Stripe payment requests (key + image 20260530.2348) 
- add stripe_api_key to fulfillr production.json template
- add restricted Stripe key to ansible vault (encrypted)
- bump fulfillr image to the CI build containing the Stripe endpoints

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 20:58:40 -04:00
Bastian de Byl 4cc65f2a99 feat: deploy go-fulfillr cases dashboard to home.debyl.io 
- Bump fulfillr container image from 20260124.0411 to 20260509.1940
  (built from go-fulfillr commit 48b9f60 which adds /api/v1/cases
  endpoints for the contact-form CRM dashboard).
- Add fulfillr_cases_table default ("debyltech-cases-prod") so the
  HasCasesConfig() guard flips on at startup and the cases routes
  register.
- Add cases_table to production.json.j2 so it lands in /config inside
  the container.

Verified after deploy: GET /api/v1/cases returns the existing test
cases, PATCH succeeds, GSI1PK rewrite works.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-09 16:04:52 -04:00
Bastian de Byl 9d562c7188 feat: smart zomboid traffic filtering with packet-size detection 
Replace per-IP hashlimit with smarter filtering that distinguishes
legitimate players from scanner bots based on packet behavior:
- Players send varied packet sizes (53, 37, 1472 bytes)
- Scanners only send 53-byte query packets

New firewall rule chain:
- Priority 2: Mark + ACCEPT non-query packets (verifies player)
- Priority 3: ACCEPT queries from verified IPs (1 hour TTL)
- Priority 4: LOG rate-limited queries from unverified IPs
- Priority 5: DROP rate-limited queries (2 burst, then 1/hour)

Also includes:
- Fail2ban zomboid jail with tighter thresholds (5 retries/4h, 1w ban)
- Graylog streams for zomboid-connections, zomboid-ratelimit, fail2ban
- GeoIP pipeline enrichment for zomboid traffic
- Fluent-bit inputs for ratelimit logs and fail2ban events
- Remove Legendary Katana mod (Workshop 3418366499) - removed from Steam
- Bump Immich to v2.5.0
- Fix fulfillr config (nil → null)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 15:09:26 -05:00
Bastian de Byl bc26fcd1f9 chore: fluent-bit zomboid, zomboid stats, home assistant, gregbot 2026-01-24 17:08:05 -05:00
Bastian de Byl 2b4844b211 feat: add fulfillr outreach email configuration 
- Update street2 address to Unit 95
- Add outreach config with DynamoDB tables and SES settings

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-22 23:11:58 -05:00
Bastian de Byl 364047558c fix: add backinstock_table for fulfillr config 2026-01-09 15:16:47 -05:00
Bastian de Byl 19afacf190 noticket - updates for fulfillr 2024-10-13 20:19:21 -04:00
Bastian de Byl 7e7780656a noticket - updates fore firewall, fulfillr, etc. 2024-10-09 21:23:31 -04:00
Bastian de Byl 9dd7cfec99 noticket - nginx fixes for skudak, fulfillr config 2023-10-05 21:01:04 -04:00
Bastian de Byl 0e40b29329 noticket - fix fulfillr exporter identification on tax 2023-10-05 10:19:47 -04:00
Bastian de Byl 433bbae701 added reviewr to fulfillr 2023-08-11 15:23:02 -04:00
Bastian de Byl ac1d80840e added factorio, removed satisfactory, firewall, fulfillr, ipv4 fixes 2023-05-03 12:03:17 -04:00