kindred/silo
1
1
Fork 0
Code Issues 30 Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'docs: replace kindred.internal with example.internal in all docs and config' (#61) from docs-remove-internal-hostnames into main

Browse Source 
Reviewed-on: #61
This commit was merged in pull request #61.
This commit is contained in:
forbes
2026-02-11 17:49:40 +00:00
parent a258152175 73195be6a1
commit 460b0f37fd
15 changed files with 104 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -25,7 +25,7 @@ silo/
│ ├── silo/ # CLI tool
│ └── silod/ # API server
├── internal/
│ ├── api/ # HTTP handlers and routes (75 endpoints)
│ ├── api/ # HTTP handlers and routes (78 endpoints)
│ ├── auth/ # Authentication (local, LDAP, OIDC)
│ ├── config/ # Configuration loading
│ ├── db/ # PostgreSQL repositories

10
ROADMAP.md
View File

@@ -39,7 +39,7 @@ This document compares Silo's current capabilities against SOLIDWORKS PDM—the
### Implemented Features (MVP Complete)
#### Core Database System
- PostgreSQL schema with 11 migrations
- PostgreSQL schema with 13 migrations
- UUID-based identifiers throughout
- Soft delete support via `archived_at` timestamps
- Atomic sequence generation for part numbers
@@ -92,7 +92,7 @@ This document compares Silo's current capabilities against SOLIDWORKS PDM—the
- Template generation for import formatting
#### API & Web Interface
- REST API with 75 endpoints
- REST API with 78 endpoints
- Authentication: local (bcrypt), LDAP/FreeIPA, OIDC/Keycloak
- Role-based access control (admin > editor > viewer)
- API token management (SHA-256 hashed)
@@ -129,7 +129,7 @@ This document compares Silo's current capabilities against SOLIDWORKS PDM—the
| Component | Status |
|-----------|--------|
| PostgreSQL | Running (psql.kindred.internal) |
| PostgreSQL | Running (psql.example.internal) |
| MinIO | Configured in Docker Compose |
| Silo API Server | Builds successfully |
| Docker Compose | Complete (dev and production) |
@@ -255,14 +255,14 @@ CAD integration is maintained in separate repositories ([silo-mod](https://git.k
| Feature | SOLIDWORKS PDM | Silo Status | Priority | Complexity |
|---------|---------------|-------------|----------|------------|
| ERP integration | SAP, Dynamics, etc. | Partial (Odoo stubs) | Medium | Complex |
| API access | Full COM/REST API | Full REST API (75 endpoints) | - | - |
| API access | Full COM/REST API | Full REST API (78 endpoints) | - | - |
| Dispatch scripts | Automation without coding | None | Medium | Moderate |
| Task scheduler | Background processing | None | Medium | Moderate |
| Email system | SMTP integration | None | High | Simple |
| Web portal | Browser access | Full (React SPA + auth) | - | - |
**Gap Analysis:**
Silo has a comprehensive REST API (75 endpoints) and a full web UI with authentication. Odoo ERP integration has config/sync-log scaffolding but push/pull operations are stubs. Remaining gaps: email notifications, task scheduler, dispatch automation.
Silo has a comprehensive REST API (78 endpoints) and a full web UI with authentication. Odoo ERP integration has config/sync-log scaffolding but push/pull operations are stubs. Remaining gaps: email notifications, task scheduler, dispatch automation.
---

2
cmd/silo/main.go
View File

@@ -66,7 +66,7 @@ Token subcommands:
silo token revoke <id> Revoke a token
Environment variables for API access:
SILO_API_URL Base URL of the Silo server (e.g., https://silo.kindred.internal)
SILO_API_URL Base URL of the Silo server (e.g., https://silo.example.internal)
SILO_API_TOKEN API token for authentication
Examples:

12
config.example.yaml
View File

@@ -8,7 +8,7 @@ server:
# read_only: false # Reject all write operations; toggle at runtime with SIGUSR1
database:
host: "psql.kindred.internal"
host: "psql.example.internal"
port: 5432
name: "silo"
user: "silo"
@@ -17,7 +17,7 @@ database:
max_connections: 10
storage:
endpoint: "minio.kindred.internal:9000"
endpoint: "minio.example.internal:9000"
access_key: "" # Use SILO_MINIO_ACCESS_KEY env var
secret_key: "" # Use SILO_MINIO_SECRET_KEY env var
bucket: "silo-files"
@@ -53,7 +53,7 @@ auth:
# LDAP / FreeIPA
ldap:
enabled: false
url: "ldaps://ipa.kindred.internal"
url: "ldaps://ipa.example.internal"
base_dn: "dc=kindred,dc=internal"
user_search_dn: "cn=users,cn=accounts,dc=kindred,dc=internal"
# Optional service account for user search (omit for direct user bind)
@@ -77,10 +77,10 @@ auth:
# OIDC / Keycloak
oidc:
enabled: false
issuer_url: "https://keycloak.kindred.internal/realms/silo"
issuer_url: "https://keycloak.example.internal/realms/silo"
client_id: "silo"
client_secret: "" # Use SILO_OIDC_CLIENT_SECRET env var
redirect_url: "https://silo.kindred.internal/auth/callback"
redirect_url: "https://silo.example.internal/auth/callback"
scopes: ["openid", "profile", "email"]
# Map Keycloak realm roles to Silo roles
admin_role: "silo-admin"
@@ -90,4 +90,4 @@ auth:
# CORS origins (locked down when auth is enabled)
cors:
allowed_origins:
- "https://silo.kindred.internal"
- "https://silo.example.internal"

12
deployments/config.prod.yaml
View File

@@ -1,7 +1,7 @@
# Silo Production Configuration
# Single-binary deployment: silod serves API + React SPA
#
# Layout on silo.kindred.internal:
# Layout on silo.example.internal:
# /opt/silo/bin/silod - server binary
# /opt/silo/web/dist/ - built React frontend (served automatically)
# /opt/silo/schemas/ - part number schemas
@@ -18,10 +18,10 @@
server:
host: "0.0.0.0"
port: 8080
base_url: "https://silo.kindred.internal"
base_url: "https://silo.example.internal"
database:
host: "psql.kindred.internal"
host: "psql.example.internal"
port: 5432
name: "silo"
user: "silo"
@@ -30,7 +30,7 @@ database:
max_connections: 20
storage:
endpoint: "minio.kindred.internal:9000"
endpoint: "minio.example.internal:9000"
access_key: "" # Set via SILO_MINIO_ACCESS_KEY
secret_key: "" # Set via SILO_MINIO_SECRET_KEY
bucket: "silo-files"
@@ -53,7 +53,7 @@ auth:
default_admin_password: "" # Set via SILO_ADMIN_PASSWORD
ldap:
enabled: true
url: "ldaps://ipa.kindred.internal"
url: "ldaps://ipa.example.internal"
base_dn: "dc=kindred,dc=internal"
user_search_dn: "cn=users,cn=accounts,dc=kindred,dc=internal"
user_attr: "uid"
@@ -73,4 +73,4 @@ auth:
enabled: false
cors:
allowed_origins:
- "https://silo.kindred.internal"
- "https://silo.example.internal"

12
deployments/docker-compose.prod.yaml
View File

@@ -1,5 +1,5 @@
# Production Docker Compose for Silo
# Uses external PostgreSQL (psql.kindred.internal) and MinIO (minio.kindred.internal)
# Uses external PostgreSQL (psql.example.internal) and MinIO (minio.example.internal)
#
# Usage:
# export SILO_DB_PASSWORD=<your-password>
@@ -15,23 +15,23 @@ services:
container_name: silod
restart: unless-stopped
environment:
# Database connection (psql.kindred.internal)
SILO_DB_HOST: psql.kindred.internal
# Database connection (psql.example.internal)
SILO_DB_HOST: psql.example.internal
SILO_DB_PORT: 5432
SILO_DB_NAME: silo
SILO_DB_USER: silo
SILO_DB_PASSWORD: ${SILO_DB_PASSWORD:?Database password required}
SILO_DB_SSLMODE: require
# MinIO storage (minio.kindred.internal)
SILO_MINIO_ENDPOINT: minio.kindred.internal:9000
# MinIO storage (minio.example.internal)
SILO_MINIO_ENDPOINT: minio.example.internal:9000
SILO_MINIO_ACCESS_KEY: ${SILO_MINIO_ACCESS_KEY:?MinIO access key required}
SILO_MINIO_SECRET_KEY: ${SILO_MINIO_SECRET_KEY:?MinIO secret key required}
SILO_MINIO_BUCKET: silo-files
SILO_MINIO_USE_SSL: "true"
# Server settings
SILO_SERVER_BASE_URL: ${SILO_BASE_URL:-http://silo.kindred.internal:8080}
SILO_SERVER_BASE_URL: ${SILO_BASE_URL:-http://silo.example.internal:8080}
ports:
- "8080:8080"
volumes:

6
deployments/systemd/silod.env.example
View File

@@ -2,11 +2,11 @@
# Copy to /etc/silo/silod.env and fill in values
# Permissions: chmod 600 /etc/silo/silod.env
# Database credentials (psql.kindred.internal)
# Database credentials (psql.example.internal)
# Database: silo, User: silo
SILO_DB_PASSWORD=
# MinIO credentials (minio.kindred.internal)
# MinIO credentials (minio.example.internal)
# User: silouser
SILO_MINIO_ACCESS_KEY=silouser
SILO_MINIO_SECRET_KEY=
@@ -23,4 +23,4 @@ SILO_ADMIN_PASSWORD=
# SILO_LDAP_BIND_PASSWORD=
# Optional: Override server base URL
# SILO_SERVER_BASE_URL=http://silo.kindred.internal:8080
# SILO_SERVER_BASE_URL=http://silo.example.internal:8080

12
docs/AUTH_USER_GUIDE.md
View File

@@ -38,7 +38,7 @@ API tokens allow the FreeCAD plugin, scripts, and CI pipelines to authenticate w
### Creating a Token (CLI)
```sh
export SILO_API_URL=https://silo.kindred.internal
export SILO_API_URL=https://silo.example.internal
export SILO_API_TOKEN=silo_<your-existing-token>
silo token create --name "CI pipeline"
@@ -140,7 +140,7 @@ auth:
ldap:
enabled: true
url: "ldaps://ipa.kindred.internal"
url: "ldaps://ipa.example.internal"
base_dn: "dc=kindred,dc=internal"
user_search_dn: "cn=users,cn=accounts,dc=kindred,dc=internal"
user_attr: "uid"
@@ -170,10 +170,10 @@ auth:
oidc:
enabled: true
issuer_url: "https://keycloak.kindred.internal/realms/silo"
issuer_url: "https://keycloak.example.internal/realms/silo"
client_id: "silo"
client_secret: "" # Set via SILO_OIDC_CLIENT_SECRET
redirect_url: "https://silo.kindred.internal/auth/callback"
redirect_url: "https://silo.example.internal/auth/callback"
scopes: ["openid", "profile", "email"]
admin_role: "silo-admin"
editor_role: "silo-editor"
@@ -186,7 +186,7 @@ auth:
auth:
cors:
allowed_origins:
- "https://silo.kindred.internal"
- "https://silo.example.internal"
```
## Environment Variables
@@ -254,4 +254,4 @@ UPDATE users SET password_hash = '<bcrypt-hash>', is_active = true WHERE usernam
- Verify the token is set in FreeCAD preferences or `SILO_API_TOKEN`
- Check the API URL points to the correct server
- Test with curl: `curl -H "Authorization: Bearer silo_..." https://silo.kindred.internal/api/items`
- Test with curl: `curl -H "Authorization: Bearer silo_..." https://silo.example.internal/api/items`

56
docs/DEPLOYMENT.md
View File

@@ -17,7 +17,7 @@ This guide covers deploying Silo to a dedicated VM using external PostgreSQL and
```
┌─────────────────────────────────────────────────────────────────┐
│ silo.kindred.internal │
│ silo.example.internal │
│ ┌───────────────────────────────────────────────────────────┐ │
│ │ silod │ │
│ │ (Silo API Server) │ │
@@ -27,7 +27,7 @@ This guide covers deploying Silo to a dedicated VM using external PostgreSQL and
│ │
▼ ▼
┌─────────────────────────┐ ┌─────────────────────────────────┐
│ psql.kindred.internal │ │ minio.kindred.internal │
│ psql.example.internal │ │ minio.example.internal │
│ PostgreSQL 16 │ │ MinIO S3 │
│ :5432 │ │ :9000 (API) │
│ │ │ :9001 (Console) │
@@ -40,8 +40,8 @@ The following external services are already configured:
| Service | Host | Database/Bucket | User |
|---------|------|-----------------|------|
| PostgreSQL | psql.kindred.internal:5432 | silo | silo |
| MinIO | minio.kindred.internal:9000 | silo-files | silouser |
| PostgreSQL | psql.example.internal:5432 | silo | silo |
| MinIO | minio.example.internal:9000 | silo-files | silouser |
Migrations have been applied to the database.
@@ -53,10 +53,10 @@ For a fresh VM, run these commands:
```bash
# 1. SSH to the target host
ssh root@silo.kindred.internal
ssh root@silo.example.internal
# 2. Download and run setup script
curl -fsSL https://gitea.kindred.internal/kindred/silo-0062/raw/branch/main/scripts/setup-host.sh | bash
curl -fsSL https://git.kindred-systems.com/kindred/silo/raw/branch/main/scripts/setup-host.sh | bash
# 3. Configure credentials
nano /etc/silo/silod.env
@@ -69,16 +69,16 @@ nano /etc/silo/silod.env
## Initial Setup
Run the setup script once on `silo.kindred.internal` to prepare the host:
Run the setup script once on `silo.example.internal` to prepare the host:
```bash
# Option 1: If you have the repo locally
scp scripts/setup-host.sh root@silo.kindred.internal:/tmp/
ssh root@silo.kindred.internal 'bash /tmp/setup-host.sh'
scp scripts/setup-host.sh root@silo.example.internal:/tmp/
ssh root@silo.example.internal 'bash /tmp/setup-host.sh'
# Option 2: Direct on the host
ssh root@silo.kindred.internal
curl -fsSL https://git.kindred.internal/kindred/silo/raw/branch/main/scripts/setup-host.sh -o /tmp/setup-host.sh
ssh root@silo.example.internal
curl -fsSL https://git.kindred-systems.com/kindred/silo/raw/branch/main/scripts/setup-host.sh -o /tmp/setup-host.sh
bash /tmp/setup-host.sh
```
@@ -100,10 +100,10 @@ sudo nano /etc/silo/silod.env
Fill in the values:
```bash
# Database credentials (psql.kindred.internal)
# Database credentials (psql.example.internal)
SILO_DB_PASSWORD=your-database-password
# MinIO credentials (minio.kindred.internal)
# MinIO credentials (minio.example.internal)
SILO_MINIO_ACCESS_KEY=silouser
SILO_MINIO_SECRET_KEY=your-minio-secret-key
```
@@ -114,10 +114,10 @@ Before deploying, verify connectivity to external services:
```bash
# Test PostgreSQL
psql -h psql.kindred.internal -U silo -d silo -c 'SELECT 1'
psql -h psql.example.internal -U silo -d silo -c 'SELECT 1'
# Test MinIO
curl -I http://minio.kindred.internal:9000/minio/health/live
curl -I http://minio.example.internal:9000/minio/health/live
```
---
@@ -129,7 +129,7 @@ curl -I http://minio.kindred.internal:9000/minio/health/live
To deploy or update Silo, run the deploy script on the target host:
```bash
ssh root@silo.kindred.internal
ssh root@silo.example.internal
/opt/silo/src/scripts/deploy.sh
```
@@ -165,7 +165,7 @@ sudo /opt/silo/src/scripts/deploy.sh --status
You can override the git repository URL and branch:
```bash
export SILO_REPO_URL=https://git.kindred.internal/kindred/silo.git
export SILO_REPO_URL=https://git.kindred-systems.com/kindred/silo.git
export SILO_BRANCH=main
sudo -E /opt/silo/src/scripts/deploy.sh
```
@@ -247,7 +247,7 @@ curl http://localhost:8080/ready
To update to the latest version:
```bash
ssh root@silo.kindred.internal
ssh root@silo.example.internal
/opt/silo/src/scripts/deploy.sh
```
@@ -269,7 +269,7 @@ When new migrations are added, run them manually:
ls -la /opt/silo/src/migrations/
# Run a specific migration
psql -h psql.kindred.internal -U silo -d silo -f /opt/silo/src/migrations/008_new_feature.sql
psql -h psql.example.internal -U silo -d silo -f /opt/silo/src/migrations/008_new_feature.sql
```
---
@@ -303,13 +303,13 @@ psql -h psql.kindred.internal -U silo -d silo -f /opt/silo/src/migrations/008_ne
1. Test network connectivity:
```bash
nc -zv psql.kindred.internal 5432
nc -zv psql.example.internal 5432
```
2. Test credentials:
```bash
source /etc/silo/silod.env
PGPASSWORD=$SILO_DB_PASSWORD psql -h psql.kindred.internal -U silo -d silo -c 'SELECT 1'
PGPASSWORD=$SILO_DB_PASSWORD psql -h psql.example.internal -U silo -d silo -c 'SELECT 1'
```
3. Check `pg_hba.conf` on PostgreSQL server allows connections from this host.
@@ -318,12 +318,12 @@ psql -h psql.kindred.internal -U silo -d silo -f /opt/silo/src/migrations/008_ne
1. Test network connectivity:
```bash
nc -zv minio.kindred.internal 9000
nc -zv minio.example.internal 9000
```
2. Test with curl:
```bash
curl -I http://minio.kindred.internal:9000/minio/health/live
curl -I http://minio.example.internal:9000/minio/health/live
```
3. Check SSL settings in config match MinIO setup:
@@ -340,8 +340,8 @@ curl -v http://localhost:8080/health
curl -v http://localhost:8080/ready
# If ready fails but health passes, check external services
psql -h psql.kindred.internal -U silo -d silo -c 'SELECT 1'
curl http://minio.kindred.internal:9000/minio/health/live
psql -h psql.example.internal -U silo -d silo -c 'SELECT 1'
curl http://minio.example.internal:9000/minio/health/live
```
### Build Fails
@@ -391,14 +391,14 @@ This script:
getcert list
```
2. The silo config is already updated to use `https://silo.kindred.internal` as base URL. Restart silo:
2. The silo config is already updated to use `https://silo.example.internal` as base URL. Restart silo:
```bash
sudo systemctl restart silod
```
3. Test the setup:
```bash
curl https://silo.kindred.internal/health
curl https://silo.example.internal/health
```
### Certificate Management
@@ -422,7 +422,7 @@ For clients to trust the Silo HTTPS certificate, they need the IPA CA:
```bash
# Download CA cert
curl -o /tmp/ipa-ca.crt https://ipa.kindred.internal/ipa/config/ca.crt
curl -o /tmp/ipa-ca.crt https://ipa.example.internal/ipa/config/ca.crt
# Ubuntu/Debian
sudo cp /tmp/ipa-ca.crt /usr/local/share/ca-certificates/ipa-ca.crt

2
docs/GAP_ANALYSIS.md
View File

@@ -365,7 +365,7 @@ internal/
handlers.go # Items, schemas, projects, revisions
middleware.go # Auth middleware
odoo_handlers.go # Odoo integration endpoints
routes.go # Route registration (75 endpoints)
routes.go # Route registration (78 endpoints)
search.go # Fuzzy search
auth/
auth.go # Auth service: local, LDAP, OIDC

17
docs/SPECIFICATION.md
View File

@@ -37,7 +37,7 @@ Silo treats **part numbering schemas as configuration, not code**. Multiple numb
┌─────────────────────────────────────────────────────────────┐
│ Silo Server (silod) │
│ - REST API (75 endpoints) │
│ - REST API (78 endpoints) │
│ - Authentication (local, LDAP, OIDC) │
│ - Schema parsing and validation │
│ - Part number generation engine │
@@ -50,7 +50,7 @@ Silo treats **part numbering schemas as configuration, not code**. Multiple numb
▼ ▼
┌─────────────────────────┐ ┌─────────────────────────────┐
│ PostgreSQL │ │ MinIO │
│ (psql.kindred.internal)│ │ - File storage │
│ (psql.example.internal)│ │ - File storage │
│ - Item metadata │ │ - Versioned objects │
│ - Relationships │ │ - Thumbnails │
│ - Revision history │ │ │
@@ -63,7 +63,7 @@ Silo treats **part numbering schemas as configuration, not code**. Multiple numb
| Component | Technology | Notes |
|-----------|------------|-------|
| Database | PostgreSQL 16 | Existing instance at psql.kindred.internal |
| Database | PostgreSQL 16 | Existing instance at psql.example.internal |
| File Storage | MinIO | S3-compatible, versioning enabled |
| CLI & API Server | Go (1.24) | chi/v5 router, pgx/v5 driver, zerolog |
| Authentication | Multi-backend | Local (bcrypt), LDAP/FreeIPA, OIDC/Keycloak |
@@ -598,7 +598,7 @@ See [AUTH.md](AUTH.md) for full architecture details and [AUTH_USER_GUIDE.md](AU
## 11. API Design
### 11.1 REST Endpoints (75 Implemented)
### 11.1 REST Endpoints (78 Implemented)
```
# Health (no auth)
@@ -615,6 +615,9 @@ GET /auth/callback # OIDC callback
# Public API (no auth required)
GET /api/auth/config # Auth backend configuration (for login UI)
# Server-Sent Events (require auth)
GET /api/events # SSE stream for real-time updates
# Auth API (require auth)
GET /api/auth/me # Current authenticated user
GET /api/auth/tokens # List user's API tokens
@@ -644,6 +647,7 @@ DELETE /api/projects/{code} # Delete project [ed
# Items (read: viewer, write: editor)
GET /api/items # List/filter items
GET /api/items/search # Fuzzy search
GET /api/items/by-uuid/{uuid} # Get item by UUID
GET /api/items/export.csv # Export items to CSV
GET /api/items/template.csv # CSV import template
GET /api/items/export.ods # Export items to ODS
@@ -689,6 +693,7 @@ GET /api/items/{partNumber}/bom/export.csv # Export BOM as CSV
GET /api/items/{partNumber}/bom/export.ods # Export BOM as ODS
POST /api/items/{partNumber}/bom # Add BOM entry [editor]
POST /api/items/{partNumber}/bom/import # Import BOM from CSV [editor]
POST /api/items/{partNumber}/bom/merge # Merge BOM from ODS with conflict resolution [editor]
PUT /api/items/{partNumber}/bom/{childPartNumber} # Update BOM entry [editor]
DELETE /api/items/{partNumber}/bom/{childPartNumber} # Remove BOM entry [editor]
@@ -734,11 +739,11 @@ POST /api/inventory/{partNumber}/move
### 12.1 Implemented
- [x] PostgreSQL database schema (11 migrations)
- [x] PostgreSQL database schema (13 migrations)
- [x] YAML schema parser for part numbering
- [x] Part number generation engine
- [x] CLI tool (`cmd/silo`)
- [x] API server (`cmd/silod`) with 75 endpoints
- [x] API server (`cmd/silod`) with 78 endpoints
- [x] MinIO integration for file storage with versioning
- [x] BOM relationships (component, alternate, reference)
- [x] Multi-level BOM (recursive expansion with configurable depth)

10
docs/STATUS.md
View File

@@ -10,10 +10,10 @@
| Component | Status | Notes |
|-----------|--------|-------|
| PostgreSQL schema | Complete | 11 migrations applied |
| PostgreSQL schema | Complete | 13 migrations applied |
| YAML schema parser | Complete | Supports enum, serial, constant, string segments |
| Part number generator | Complete | Scoped sequences, category-based format |
| API server (`silod`) | Complete | 75 REST endpoints via chi/v5 |
| API server (`silod`) | Complete | 78 REST endpoints via chi/v5 |
| CLI tool (`silo`) | Complete | Item registration and management |
| MinIO file storage | Complete | Upload, download, versioning, checksums |
| Revision control | Complete | Append-only history, rollback, comparison, status/labels |
@@ -55,7 +55,7 @@ FreeCAD workbench and LibreOffice Calc extension are maintained in separate repo
| Service | Host | Status |
|---------|------|--------|
| PostgreSQL | psql.kindred.internal:5432 | Running |
| PostgreSQL | psql.example.internal:5432 | Running |
| MinIO | localhost:9000 (API) / :9001 (console) | Configured |
| Silo API | localhost:8080 | Builds successfully |
@@ -92,5 +92,7 @@ The schema defines 170 category codes across 10 groups:
| 007_revision_status.sql | Revision status and labels |
| 008_odoo_integration.sql | Odoo ERP integration tables (integrations, sync_log) |
| 009_auth.sql | Authentication system (users, api_tokens, sessions, audit_log, user tracking columns) |
| 010_item_extended_fields.sql | Extended item fields (sourcing_type, sourcing_link, standard_cost, long_description) |
| 010_item_extended_fields.sql | Extended item fields (sourcing_type, long_description) |
| 011_item_files.sql | Item file attachments (item_files table, thumbnail_key column) |
| 012_bom_source.sql | BOM entry source tracking |
| 013_move_cost_sourcing_to_props.sql | Move sourcing_link and standard_cost from item columns to revision properties |

14
scripts/deploy.sh
View File

@@ -1,18 +1,18 @@
#!/bin/bash
# Deploy Silo to silo.kindred.internal
# Deploy Silo to silo.example.internal
#
# Usage: ./scripts/deploy.sh [host]
# host defaults to silo.kindred.internal
# host defaults to silo.example.internal
#
# Prerequisites:
# - SSH access to the target host
# - /etc/silo/silod.env must exist on target with credentials filled in
# - PostgreSQL reachable from target at psql.kindred.internal
# - MinIO reachable from target at minio.kindred.internal
# - PostgreSQL reachable from target at psql.example.internal
# - MinIO reachable from target at minio.example.internal
set -euo pipefail
TARGET="${1:-silo.kindred.internal}"
TARGET="${1:-silo.example.internal}"
DEPLOY_DIR="/opt/silo"
CONFIG_DIR="/etc/silo"
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
@@ -123,14 +123,14 @@ if command -v psql &>/dev/null && [ -n "${SILO_DB_PASSWORD:-}" ]; then
for f in "$DEPLOY_DIR/migrations/"*.sql; do
echo " $(basename "$f")"
PGPASSWORD="$SILO_DB_PASSWORD" psql \
-h psql.kindred.internal -p 5432 \
-h psql.example.internal -p 5432 \
-U silo -d silo \
-f "$f" -q 2>&1 | grep -v "already exists" || true
done
echo " Migrations complete."
else
echo " WARNING: psql not available or SILO_DB_PASSWORD not set, skipping migrations."
echo " Run migrations manually: PGPASSWORD=... psql -h psql.kindred.internal -U silo -d silo -f /opt/silo/migrations/NNN_name.sql"
echo " Run migrations manually: PGPASSWORD=... psql -h psql.example.internal -U silo -d silo -f /opt/silo/migrations/NNN_name.sql"
fi
# Start service

14
scripts/setup-host.sh
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env bash
#
# Silo Host Setup Script
# Run this once on silo.kindred.internal to prepare for deployment
# Run this once on silo.example.internal to prepare for deployment
#
# Usage:
# sudo ./setup-host.sh
@@ -24,7 +24,7 @@ BLUE='\033[0;34m'
NC='\033[0m'
# Configuration
REPO_URL="${SILO_REPO_URL:-https://gitea.kindred.internal/kindred/silo-0062.git}"
REPO_URL="${SILO_REPO_URL:-https://git.kindred-systems.com/kindred/silo.git}"
REPO_BRANCH="${SILO_BRANCH:-main}"
INSTALL_DIR="/opt/silo"
CONFIG_DIR="/etc/silo"
@@ -159,17 +159,17 @@ if [[ ! -f "${ENV_FILE}" ]]; then
# Silo daemon environment variables
# Fill in the values below
# Database credentials (psql.kindred.internal)
# Database credentials (psql.example.internal)
# Database: silo, User: silo
SILO_DB_PASSWORD=
# MinIO credentials (minio.kindred.internal)
# MinIO credentials (minio.example.internal)
# User: silouser
SILO_MINIO_ACCESS_KEY=silouser
SILO_MINIO_SECRET_KEY=
# Optional overrides
# SILO_SERVER_BASE_URL=http://silo.kindred.internal:8080
# SILO_SERVER_BASE_URL=http://silo.example.internal:8080
EOF
chmod 600 "${ENV_FILE}"
chown root:silo "${ENV_FILE}"
@@ -214,10 +214,10 @@ echo "1. Edit ${ENV_FILE} and fill in credentials:"
echo " sudo nano ${ENV_FILE}"
echo ""
echo "2. Verify database connectivity:"
echo " psql -h psql.kindred.internal -U silo -d silo -c 'SELECT 1'"
echo " psql -h psql.example.internal -U silo -d silo -c 'SELECT 1'"
echo ""
echo "3. Verify MinIO connectivity:"
echo " curl -I http://minio.kindred.internal:9000/minio/health/live"
echo " curl -I http://minio.example.internal:9000/minio/health/live"
echo ""
echo "4. Run the deployment:"
echo " sudo ${INSTALL_DIR}/src/scripts/deploy.sh"

20
scripts/setup-ipa-nginx.sh
View File

@@ -7,8 +7,8 @@
# sudo ./scripts/setup-ipa-nginx.sh
#
# Prerequisites:
# - FreeIPA server at ipa.kindred.internal
# - DNS configured for silo.kindred.internal
# - FreeIPA server at ipa.example.internal
# - DNS configured for silo.example.internal
# - Admin credentials for IPA enrollment
set -euo pipefail
@@ -21,10 +21,10 @@ BLUE='\033[0;34m'
NC='\033[0m'
# Configuration
IPA_SERVER="${IPA_SERVER:-ipa.kindred.internal}"
IPA_DOMAIN="${IPA_DOMAIN:-kindred.internal}"
IPA_SERVER="${IPA_SERVER:-ipa.example.internal}"
IPA_DOMAIN="${IPA_DOMAIN:-example.internal}"
IPA_REALM="${IPA_REALM:-KINDRED.INTERNAL}"
HOSTNAME="silo.kindred.internal"
HOSTNAME="silo.example.internal"
CERT_DIR="/etc/ssl/silo"
SILO_PORT=8080
@@ -193,7 +193,7 @@ cat > /etc/nginx/sites-available/silo << 'NGINX_EOF'
server {
listen 80;
listen [::]:80;
server_name silo.kindred.internal;
server_name silo.example.internal;
# Allow certmonger/ACME challenges
location /.well-known/ {
@@ -209,7 +209,7 @@ server {
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name silo.kindred.internal;
server_name silo.example.internal;
# SSL certificates (managed by certmonger/IPA)
ssl_certificate /etc/ssl/silo/silo.crt;
@@ -343,14 +343,14 @@ echo " getcert list"
echo ""
echo "2. Update silo config to use correct base URL:"
echo " sudo nano /etc/silo/config.yaml"
echo " # Change base_url to: https://silo.kindred.internal"
echo " # Change base_url to: https://silo.example.internal"
echo ""
echo "3. Restart silo service:"
echo " sudo systemctl restart silod"
echo ""
echo "4. Test the setup:"
echo " curl -k https://silo.kindred.internal/health"
echo " curl https://silo.kindred.internal/health # after trusting IPA CA"
echo " curl -k https://silo.example.internal/health"
echo " curl https://silo.example.internal/health # after trusting IPA CA"
echo ""
echo "5. Trust IPA CA on client machines:"
echo " # The CA cert is at: ${CERT_DIR}/ca.crt"