docs: reorganize and simplify

- Add docs/README.md as index - Consolidate ops in docs/operations.md; mark legacy runbooks as archive - Create docs/desktop/ and docs/admin/ structure and move relevant docs - Update root README to link docs index - Keep historical and planning notes under docs/archive/
2025-10-20 16:24:16 -03:00 · 2025-10-20 16:24:16 -03:00 · f5b3abd277
commit f5b3abd277
parent 0dd0e67458
15 changed files with 190 additions and 11 deletions
--- a/docs/archive/convex-self-hosted-env.md
+++ b/docs/archive/convex-self-hosted-env.md
@ -0,0 +1,56 @@
+Convex Self‑Hosted — Configurar env e testar provisionamento (Arquivo)
+
+Nota: este documento foi arquivado. O fluxo atual de deploy/ops está em `docs/operations.md`.
+
+Pré‑requisitos
+- Rodar na VPS com Docker.
+- Projeto em `/srv/apps/sistema`.
+- Admin Key do Convex (já obtida):
+  `convex-self-hosted|011c148069bd37e4a3f1c10b41b19459427a20e6d7ba81f53b659861f7658cd4985c8936e9`
+
+1) Exportar variáveis da sessão (URL + Admin Key)
+export CONVEX_SELF_HOSTED_URL="https://convex.esdrasrenan.com.br"
+export CONVEX_SELF_HOSTED_ADMIN_KEY='convex-self-hosted|011c148069bd37e4a3f1c10b41b19459427a20e6d7ba81f53b659861f7658cd4985c8936e9'
+
+2) Definir MACHINE_PROVISIONING_SECRET no Convex (obrigatório)
+docker run --rm -it \
+  -v /srv/apps/sistema:/app -w /app \
+  -e CONVEX_SELF_HOSTED_URL -e CONVEX_SELF_HOSTED_ADMIN_KEY \
+  node:20-bullseye bash -lc "set -euo pipefail; \
+    corepack enable && corepack prepare pnpm@9 --activate && pnpm i --frozen-lockfile --prod=false; \
+    unset CONVEX_DEPLOYMENT; \
+    pnpm exec convex env set MACHINE_PROVISIONING_SECRET '71daa9ef54cb224547e378f8121ca898b614446c142a132f73c2221b4d53d7d6' -y; \
+    pnpm exec convex env list"
+
+3) (Opcional) Definir MACHINE_TOKEN_TTL_MS (padrão 30 dias)
+docker run --rm -it \
+  -v /srv/apps/sistema:/app -w /app \
+  -e CONVEX_SELF_HOSTED_URL -e CONVEX_SELF_HOSTED_ADMIN_KEY \
+  node:20-bullseye bash -lc "set -euo pipefail; \
+    corepack enable && corepack prepare pnpm@9 --activate && pnpm i --frozen-lockfile --prod=false; \
+    unset CONVEX_DEPLOYMENT; \
+    pnpm exec convex env set MACHINE_TOKEN_TTL_MS '2592000000' -y; \
+    pnpm exec convex env list"
+
+4) (Opcional) Definir FLEET_SYNC_SECRET
+docker run --rm -it \
+  -v /srv/apps/sistema:/app -w /app \
+  -e CONVEX_SELF_HOSTED_URL -e CONVEX_SELF_HOSTED_ADMIN_KEY \
+  node:20-bullseye bash -lc "set -euo pipefail; \
+    corepack enable && corepack prepare pnpm@9 --activate && pnpm i --frozen-lockfile --prod=false; \
+    unset CONVEX_DEPLOYMENT; \
+    pnpm exec convex env set FLEET_SYNC_SECRET '' -y; \
+    pnpm exec convex env list"
+
+5) Testar registro (gera machineToken) — substitua o hostname se quiser
+HOST="vm-teste-$(date +%s)"; \
+curl -sS -o resp.json -w "%{http_code}\n" -X POST 'https://tickets.esdrasrenan.com.br/api/machines/register' \
+  -H 'Content-Type: application/json' \
+  -d '{"provisioningSecret":"71daa9ef54cb224547e378f8121ca898b614446c142a132f73c2221b4d53d7d6","tenantId":"tenant-atlas","hostname":"'"$HOST"'","os":{"name":"Linux","version":"6.1.0","architecture":"x86_64"},"macAddresses":["AA:BB:CC:DD:EE:FF"],"serialNumbers":[],"metadata":{"inventario":{"cpu":"i7","ramGb":16}},"registeredBy":"manual-test"}'; \
+echo; tail -c 400 resp.json || true
+
+6) (Opcional) Enviar heartbeat com o token retornado
+TOKEN=$(node -e 'try{const j=require("fs").readFileSync("resp.json","utf8");process.stdout.write(JSON.parse(j).machineToken||"");}catch(e){process.stdout.write("")}' ); \
+[ -n "$TOKEN" ] && curl -sS -o /dev/null -w "%{http_code}\n" -X POST 'https://tickets.esdrasrenan.com.br/api/machines/heartbeat' \
+  -H 'Content-Type: application/json' \
+  -d '{"machineToken":"'"$TOKEN"'","status":"online","metrics":{"cpuPct":12,"memFreePct":61}}'