feat(web): add auth and fix deployment checks
Quant Engine CI/CD Pipeline / validate-core (push) Failing after 9s
WBS-9.3 - NULL Policy CI Gate / NULL Policy Validation (push) Failing after 6s
Quant Engine CI/CD Pipeline / validate-ui-and-storage (push) Has been skipped
Snapshot Admin Deployment / build-and-deploy (push) Failing after 2m30s
Deploy to Production / Build & Deploy to Production (push) Failing after 3m49s

This commit is contained in:
2026-07-01 13:02:10 +09:00
parent 3e4d545e01
commit 90bbb1860d
17 changed files with 445 additions and 53 deletions
+8 -9
View File
@@ -1,8 +1,12 @@
#!/bin/bash
# Quant Engine Shadow Copy Hot Deploy Script
# To be executed on Hz-Prod-01 Remote Server
#!/usr/bin/env bash
# Quant Engine CI-only hot deploy script
set -e
set -euo pipefail
if [ "${CI_DEPLOY:-0}" != "1" ]; then
echo "ERROR: CI-only deployment policy. Use the Gitea workflow to deploy."
exit 1
fi
DEPLOY_BASE="/home/kjh2064/deployments"
ACTIVE_LINK="/home/kjh2064/quantengine_active"
@@ -15,11 +19,9 @@ echo "========================================="
echo "Starting Shadow Copy Hot Deploy [${TIMESTAMP}]"
echo "========================================="
# 1. Ensure directories exist
mkdir -p "${DEPLOY_BASE}"
mkdir -p "${TARGET_DIR}"
# 2. Extract build artifact to unique shadow directory
if [ -f "${TMP_ARCHIVE}" ]; then
echo "Extracting build artifact to ${TARGET_DIR}..."
tar -xzf "${TMP_ARCHIVE}" -C "${TARGET_DIR}"
@@ -29,15 +31,12 @@ else
exit 1
fi
# 3. Swap symbolic link atomically
echo "Swapping symbolic link dynamically..."
ln -sfn "${TARGET_DIR}" "${ACTIVE_LINK}"
# 4. Restart Systemd service (requires passwordless sudo reload or specific policy)
echo "Restarting Systemd service..."
sudo systemctl restart quantengine
# 5. Clean up old deployments (keep last 5)
echo "Cleaning up obsolete deployments..."
cd "${DEPLOY_BASE}"
ls -dt quantengine_* | tail -n +6 | while read -r old_dir; do
+73
View File
@@ -0,0 +1,73 @@
#!/usr/bin/env bash
set -euo pipefail
RESTART=0
if [[ "${1:-}" == "--restart" ]]; then
RESTART=1
fi
echo "=== QuantEngine 502 Diagnosis ==="
echo "Host: $(hostname)"
echo "Time: $(date -Is)"
echo
echo "=== Service Status ==="
systemctl is-active quantengine || true
systemctl is-active nginx || true
echo
echo "=== Active Deployment ==="
readlink -f /home/kjh2064/quantengine_active || true
ls -ld /home/kjh2064/quantengine_active || true
ls -1dt /home/kjh2064/deployments/quantengine_* 2>/dev/null | head -n 5 || true
echo
echo "=== Version Marker ==="
cat /home/kjh2064/quantengine_active/wwwroot/version.json 2>/dev/null || true
echo
echo "=== Local Port Checks ==="
ss -ltnp | grep -E ':(5000|443)\s' || true
echo
echo "=== Loopback HTTP Check ==="
curl -i --max-time 10 http://127.0.0.1:5000/ || true
echo
echo "=== Favicon Checks ==="
curl -i --max-time 10 http://127.0.0.1:5000/favicon.svg || true
curl -i --max-time 10 http://127.0.0.1:5000/favicon.png || true
echo
echo "=== Public HTTP Check ==="
curl -i --max-time 15 https://quant.taxbaik.com/ || true
echo
echo "=== Nginx Config Test ==="
nginx -t || true
echo
echo "=== Recent QuantEngine Logs ==="
journalctl -u quantengine -n 120 --no-pager || true
echo
if [[ "$RESTART" -eq 1 ]]; then
echo "=== Restarting Services ==="
systemctl restart quantengine
systemctl reload nginx
sleep 2
echo
echo "=== Post-Restart Status ==="
systemctl is-active quantengine || true
systemctl is-active nginx || true
echo
echo "=== Post-Restart Loopback Check ==="
curl -i --max-time 10 http://127.0.0.1:5000/ || true
echo
echo "=== Public Endpoint Check ==="
curl -i --max-time 15 https://quant.taxbaik.com/ || true
fi
echo "=== Next Step ==="
echo "If http://127.0.0.1:5000/ fails, the problem is inside quantengine."
echo "If localhost works but the public domain still fails, inspect nginx/proxy config only for quant.taxbaik.com."