Vish/homelab-optimized
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sanitized mirror from private repository - 2026-04-18 11:19:59 UTC
Some checks failed
Documentation / Build Docusaurus (push) Failing after 5m14s
Details
Documentation / Deploy to GitHub Pages (push) Has been skipped
Details

Browse Source
This commit is contained in:
Gitea Mirror Bot
2026-04-18 11:19:59 +00:00
commit fb00a325d1
1418 changed files with 359990 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

482
docs/services/stoatchat/DEPLOYMENT_GUIDE.md Normal file
View File

@@ -0,0 +1,482 @@
# Stoatchat Complete Deployment Guide - Seattle VM
This guide documents the complete process used to deploy Stoatchat on the Seattle VM. Follow these steps to recreate the deployment on a new server.
## Prerequisites
- Ubuntu/Debian server with root access
- Domain name with Cloudflare DNS management
- Gmail account with App Password for SMTP
- At least 4GB RAM and 20GB storage
## Step 1: Server Preparation
### 1.1 Update System
```bash
apt update && apt upgrade -y
apt install -y curl wget git build-essential pkg-config libssl-dev nginx certbot python3-certbot-nginx
```
### 1.2 Install Docker
```bash
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
systemctl enable docker
systemctl start docker
```
### 1.3 Install Rust
```bash
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source ~/.cargo/env
rustup default stable
```
## Step 2: Clone and Build Stoatchat
### 2.1 Clone Repository
```bash
cd /root
git clone https://github.com/stoatchat/stoatchat.git
cd stoatchat
```
### 2.2 Build Services
```bash
# This takes 15-30 minutes depending on server specs
cargo build --release
# Or for debug builds (faster compilation, used in current deployment):
cargo build
```
## Step 3: Infrastructure Services Setup
### 3.1 Create Docker Compose File
```bash
cat > compose.yml << 'EOF'
services:
redis:
image: eqalpha/keydb
container_name: stoatchat-redis
ports:
- "6380:6379"
volumes:
- ./data/redis:/data
restart: unless-stopped
database:
image: mongo:7
container_name: stoatchat-mongodb
ports:
- "27017:27017"
volumes:
- ./data/mongodb:/data/db
environment:
MONGO_INITDB_ROOT_USERNAME: stoatchat
MONGO_INITDB_ROOT_PASSWORD: "REDACTED_PASSWORD"
ulimits:
nofile:
soft: 65536
hard: 65536
restart: unless-stopped
minio:
image: minio/minio:latest
container_name: stoatchat-minio
command: server /data --console-address ":9001"
environment:
MINIO_ROOT_USER: REDACTED_MINIO_CRED
MINIO_ROOT_PASSWORD: "REDACTED_PASSWORD"
volumes:
- ./data/minio:/data
ports:
- "14009:9000"
- "9001:9001"
restart: unless-stopped
livekit:
image: livekit/livekit-server:v1.9.9
container_name: stoatchat-livekit
ports:
- "7880:7880"
- "7881:7881"
- "7882:7882/udp"
volumes:
- ./livekit.yml:/livekit.yml:ro
command: --config /livekit.yml
restart: unless-stopped
EOF
```
### 3.2 Create LiveKit Configuration
```bash
cat > livekit.yml << 'EOF'
port: 7880
redis:
address: localhost:6380
username: ""
password: ""
webhook:
api_key: worldwide
urls:
- 'http://localhost:8500/worldwide'
logging:
level: debug
keys:
worldwide: YOUR_LIVEKIT_API_KEY_GENERATE_RANDOM_32_CHARS
EOF
```
### 3.3 Start Infrastructure Services
```bash
docker-compose up -d
```
## Step 4: Stoatchat Configuration
### 4.1 Create Configuration Override
```bash
cat > Revolt.overrides.toml << 'EOF'
[database]
redis = "redis://127.0.0.1:6380/"
mongodb = "mongodb://stoatchat:YOUR_SECURE_MONGODB_PASSWORD@127.0.0.1:27017/revolt"
[hosts]
app = "https://YOUR_DOMAIN"
api = "https://api.YOUR_DOMAIN"
events = "wss://events.YOUR_DOMAIN"
autumn = "https://files.YOUR_DOMAIN"
january = "https://proxy.YOUR_DOMAIN"
[hosts.livekit]
worldwide = "wss://voice.YOUR_DOMAIN"
[email]
smtp_host = "smtp.gmail.com"
smtp_port = 587
smtp_username = "YOUR_GMAIL@gmail.com"
smtp_password = "REDACTED_PASSWORD"
from_address = "YOUR_GMAIL@gmail.com"
smtp_tls = true
[files]
s3_region = "us-east-1"
s3_bucket = "revolt-uploads"
s3_endpoint = "http://127.0.0.1:14009"
s3_access_key_id = "REDACTED_MINIO_CRED"
s3_secret_access_key = "YOUR_SECURE_MINIO_PASSWORD"
[security]
vapid_private_key = REDACTED_VAPID_PRIVATE_KEY
[features]
captcha_enabled = false
email_verification = true
invite_only = false
[limits]
max_file_size = 104857600 # 100MB
max_message_length = 2000
max_embed_count = 10
EOF
```
## Step 5: SSL Certificates Setup
### 5.1 Configure Cloudflare DNS
Set up A records for all subdomains pointing to your server IP:
- YOUR_DOMAIN
- api.YOUR_DOMAIN
- events.YOUR_DOMAIN
- files.YOUR_DOMAIN
- proxy.YOUR_DOMAIN
- voice.YOUR_DOMAIN
### 5.2 Obtain SSL Certificates
```bash
# Get certificates for all domains
certbot certonly --nginx -d YOUR_DOMAIN -d api.YOUR_DOMAIN -d events.YOUR_DOMAIN -d files.YOUR_DOMAIN -d proxy.YOUR_DOMAIN -d voice.YOUR_DOMAIN
# Or individually if needed:
certbot certonly --nginx -d YOUR_DOMAIN
certbot certonly --nginx -d api.YOUR_DOMAIN
certbot certonly --nginx -d events.YOUR_DOMAIN
certbot certonly --nginx -d files.YOUR_DOMAIN
certbot certonly --nginx -d proxy.YOUR_DOMAIN
certbot certonly --nginx -d voice.YOUR_DOMAIN
```
## Step 6: Nginx Configuration
### 6.1 Create Nginx Configuration
```bash
cat > /etc/nginx/sites-available/stoatchat << 'EOF'
# Main app (placeholder/frontend)
server {
listen 80;
server_name YOUR_DOMAIN;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name YOUR_DOMAIN;
ssl_certificate /etc/letsencrypt/live/YOUR_DOMAIN/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem;
location / {
return 200 'Stoatchat - Coming Soon';
add_header Content-Type text/plain;
}
}
# API Server
server {
listen 80;
server_name api.YOUR_DOMAIN;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name api.YOUR_DOMAIN;
ssl_certificate /etc/letsencrypt/live/api.YOUR_DOMAIN/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/api.YOUR_DOMAIN/privkey.pem;
location / {
proxy_pass http://127.0.0.1:14702;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# Events WebSocket
server {
listen 80;
server_name events.YOUR_DOMAIN;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name events.YOUR_DOMAIN;
ssl_certificate /etc/letsencrypt/live/events.YOUR_DOMAIN/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/events.YOUR_DOMAIN/privkey.pem;
location / {
proxy_pass http://127.0.0.1:14703;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 86400;
}
}
# File Server
server {
listen 80;
server_name files.YOUR_DOMAIN;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name files.YOUR_DOMAIN;
ssl_certificate /etc/letsencrypt/live/files.YOUR_DOMAIN/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/files.YOUR_DOMAIN/privkey.pem;
client_max_body_size 100M;
location / {
proxy_pass http://127.0.0.1:14704;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# Media Proxy
server {
listen 80;
server_name proxy.YOUR_DOMAIN;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name proxy.YOUR_DOMAIN;
ssl_certificate /etc/letsencrypt/live/proxy.YOUR_DOMAIN/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/proxy.YOUR_DOMAIN/privkey.pem;
location / {
proxy_pass http://127.0.0.1:14705;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# Voice/Video (LiveKit)
server {
listen 80;
server_name voice.YOUR_DOMAIN;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name voice.YOUR_DOMAIN;
ssl_certificate /etc/letsencrypt/live/voice.YOUR_DOMAIN/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/voice.YOUR_DOMAIN/privkey.pem;
location / {
proxy_pass http://127.0.0.1:7880;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 86400;
}
}
EOF
```
### 6.2 Enable Configuration
```bash
ln -s /etc/nginx/sites-available/stoatchat /etc/nginx/sites-enabled/
nginx -t
systemctl reload nginx
```
## Step 7: Start Stoatchat Services
### 7.1 Create Service Startup Script
```bash
cat > /root/stoatchat/start-services.sh << 'EOF'
#!/bin/bash
cd /root/stoatchat
# Start services in background
nohup ./target/debug/revolt-delta > api.log 2>&1 &
nohup ./target/debug/revolt-bonfire > events.log 2>&1 &
nohup ./target/debug/revolt-autumn > files.log 2>&1 &
nohup ./target/debug/revolt-january > proxy.log 2>&1 &
nohup ./target/debug/revolt-gifbox > gifbox.log 2>&1 &
echo "All Stoatchat services started"
EOF
chmod +x /root/stoatchat/start-services.sh
```
### 7.2 Start Services
```bash
cd /root/stoatchat
./start-services.sh
```
## Step 8: Verification
### 8.1 Check Services
```bash
# Check processes
ps aux | grep revolt
# Check ports
ss -tlnp | grep -E "(14702|14703|14704|14705|14706|7880)"
# Test endpoints
curl -k https://api.YOUR_DOMAIN/
curl -k https://files.YOUR_DOMAIN/
curl -k https://proxy.YOUR_DOMAIN/
curl -k https://voice.YOUR_DOMAIN/
```
### 8.2 Expected Responses
- API: `{"revolt":"0.10.3","features":...}`
- Files: `{"autumn":"Hello, I am a file server!","version":"0.10.3"}`
- Proxy: `{"january":"Hello, I am a media proxy server!","version":"0.10.3"}`
- Voice: `OK`
## Step 9: Setup Systemd Services (Optional but Recommended)
### 9.1 Create Systemd Service Files
```bash
# Create service for each component
cat > /etc/systemd/system/stoatchat-api.service << 'EOF'
[Unit]
Description=Stoatchat API Server
After=network.target docker.service
Requires=docker.service
[Service]
Type=simple
User=root
WorkingDirectory=/root/stoatchat
ExecStart=/root/stoatchat/target/debug/revolt-delta
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
EOF
# Repeat for other services...
systemctl daemon-reload
systemctl enable stoatchat-api
systemctl start stoatchat-api
```
## Step 10: Frontend Setup (Future)
The main domain currently shows a placeholder. To complete the setup:
1. Deploy a Revolt.js frontend or compatible client
2. Update nginx configuration to serve the frontend
3. Configure the frontend to use your API endpoints
## Security Considerations
1. **Change all default passwords** in the configuration files
2. **Generate new API keys** for LiveKit and VAPID
3. **Set up firewall rules** to restrict access to internal ports
4. **Enable fail2ban** for SSH protection
5. **Regular security updates** for the system and Docker images
## Backup Strategy
1. **Database**: Regular MongoDB dumps
2. **Files**: Backup MinIO data directory
3. **Configuration**: Backup all .toml and .yml files
4. **SSL Certificates**: Backup Let's Encrypt directory
## Monitoring
Consider setting up monitoring for:
- Service health checks
- Resource usage (CPU, RAM, disk)
- Log aggregation
- SSL certificate expiration
- Database performance
---
This deployment guide captures the complete process used to set up Stoatchat on the Seattle VM. Adjust domain names, passwords, and paths as needed for your specific deployment.

345
docs/services/stoatchat/MIGRATION_GUIDE.md Normal file
View File

@@ -0,0 +1,345 @@
# Stoatchat Migration Guide
This guide covers migrating the Stoatchat deployment from the Seattle VM to a new server.
## Pre-Migration Checklist
### 1. Document Current State
```bash
# On Seattle VM - document current configuration
cd /root/stoatchat
# Save current configuration
cp Revolt.overrides.toml Revolt.overrides.toml.backup
cp livekit.yml livekit.yml.backup
cp compose.yml compose.yml.backup
# Document running services
ps aux | grep revolt > running_services.txt
ss -tlnp | grep -E "(14702|14703|14704|14705|14706|7880)" > port_status.txt
# Check Docker services
docker-compose ps > docker_status.txt
```
### 2. Backup Data
```bash
# Create backup directory
mkdir -p /root/stoatchat-backup/$(date +%Y%m%d)
cd /root/stoatchat-backup/$(date +%Y%m%d)
# Backup MongoDB
docker exec stoatchat-mongodb mongodump --uri="mongodb://stoatchat:stoatchat_secure_password_change_me@localhost:27017/revolt" --out ./mongodb-backup
# Backup MinIO data
docker exec stoatchat-minio tar czf - /data > minio-backup.tar.gz
# Backup Redis data (optional - mostly cache)
docker exec stoatchat-redis redis-cli BGSAVE
docker cp stoatchat-redis:/data/dump.rdb ./redis-backup.rdb
# Backup configuration files
cp /root/stoatchat/Revolt.overrides.toml ./
cp /root/stoatchat/livekit.yml ./
cp /root/stoatchat/compose.yml ./
cp -r /etc/nginx/sites-available/stoatchat ./nginx-config
# Backup SSL certificates
sudo tar czf letsencrypt-backup.tar.gz /etc/letsencrypt/
```
### 3. Test Backup Integrity
```bash
# Verify MongoDB backup
ls -la mongodb-backup/revolt/
mongorestore --dry-run --uri="mongodb://stoatchat:stoatchat_secure_password_change_me@localhost:27017/revolt-test" mongodb-backup/
# Verify MinIO backup
tar -tzf minio-backup.tar.gz | head -10
# Verify configuration files
cat Revolt.overrides.toml | grep -E "(mongodb|redis|s3_)"
```
## Migration Process
### Phase 1: Prepare New Server
#### 1.1 Server Setup
```bash
# On new server - follow deployment guide steps 1-2
# Install dependencies, Docker, Rust
# Clone repository and build services
```
#### 1.2 DNS Preparation
```bash
# Update Cloudflare DNS to point to new server IP
# Or use Cloudflare API with your token (see Vaultwarden → Homelab → Cloudflare)
# Example API call to update DNS:
curl -X PUT "https://api.cloudflare.com/client/v4/zones/ZONE_ID/dns_records/RECORD_ID" \
-H "Authorization: Bearer <CLOUDFLARE_TOKEN>" \
-H "Content-Type: application/json" \
--data '{"type":"A","name":"api.st.vish.gg","content":"NEW_SERVER_IP"}'
```
### Phase 2: Data Migration
#### 2.1 Transfer Backup Files
```bash
# From Seattle VM to new server
scp -r /root/stoatchat-backup/$(date +%Y%m%d)/* root@NEW_SERVER_IP:/root/stoatchat-restore/
# Or use rsync for better reliability
rsync -avz --progress /root/stoatchat-backup/$(date +%Y%m%d)/ root@NEW_SERVER_IP:/root/stoatchat-restore/
```
#### 2.2 Restore Configuration
```bash
# On new server
cd /root/stoatchat-restore
# Restore configuration files
cp Revolt.overrides.toml /root/stoatchat/
cp livekit.yml /root/stoatchat/
cp compose.yml /root/stoatchat/
# Update configuration for new server if needed
sed -i 's/OLD_SERVER_IP/NEW_SERVER_IP/g' /root/stoatchat/Revolt.overrides.toml
```
#### 2.3 Restore SSL Certificates
```bash
# On new server
cd /root/stoatchat-restore
# Restore Let's Encrypt certificates
sudo tar xzf letsencrypt-backup.tar.gz -C /
# Or obtain new certificates
certbot certonly --nginx -d st.vish.gg -d api.st.vish.gg -d events.st.vish.gg -d files.st.vish.gg -d proxy.st.vish.gg -d voice.st.vish.gg
```
#### 2.4 Setup Infrastructure Services
```bash
# On new server
cd /root/stoatchat
# Start infrastructure services
docker-compose up -d
# Wait for services to be ready
sleep 30
```
#### 2.5 Restore Data
```bash
# Restore MongoDB
docker exec -i stoatchat-mongodb mongorestore --uri="mongodb://stoatchat:stoatchat_secure_password_change_me@localhost:27017" --drop /root/stoatchat-restore/mongodb-backup/
# Restore MinIO data
docker exec -i stoatchat-minio sh -c 'cd / && tar xzf -' < /root/stoatchat-restore/minio-backup.tar.gz
# Restart MinIO to recognize new data
docker-compose restart minio
```
### Phase 3: Service Migration
#### 3.1 Configure Nginx
```bash
# On new server
cp /root/stoatchat-restore/nginx-config /etc/nginx/sites-available/stoatchat
ln -s /etc/nginx/sites-available/stoatchat /etc/nginx/sites-enabled/
# Test and reload nginx
nginx -t
systemctl reload nginx
```
#### 3.2 Start Stoatchat Services
```bash
# On new server
cd /root/stoatchat
# Start services
nohup ./target/debug/revolt-delta > api.log 2>&1 &
nohup ./target/debug/revolt-bonfire > events.log 2>&1 &
nohup ./target/debug/revolt-autumn > files.log 2>&1 &
nohup ./target/debug/revolt-january > proxy.log 2>&1 &
nohup ./target/debug/revolt-gifbox > gifbox.log 2>&1 &
```
### Phase 4: Verification and Testing
#### 4.1 Service Health Check
```bash
# Check all services are running
ps aux | grep revolt
ss -tlnp | grep -E "(14702|14703|14704|14705|14706|7880)"
# Test endpoints
curl -k https://api.st.vish.gg/
curl -k https://files.st.vish.gg/
curl -k https://proxy.st.vish.gg/
curl -k https://voice.st.vish.gg/
```
#### 4.2 Data Integrity Check
```bash
# Check MongoDB data
docker exec stoatchat-mongodb mongo --eval "db.adminCommand('listCollections')" revolt
# Check MinIO data
docker exec stoatchat-minio mc ls local/revolt-uploads/
# Check Redis connectivity
docker exec stoatchat-redis redis-cli ping
```
#### 4.3 Functional Testing
```bash
# Test API endpoints
curl -X GET https://api.st.vish.gg/users/@me -H "Authorization: Bearer TEST_TOKEN"
# Test file upload (if you have test files)
curl -X POST https://files.st.vish.gg/attachments -F "file=@test.jpg"
# Test WebSocket connection (using wscat if available)
wscat -c wss://events.st.vish.gg/
```
## Post-Migration Tasks
### 1. Update DNS (if not done earlier)
```bash
# Update all DNS records to point to new server
# api.st.vish.gg -> NEW_SERVER_IP
# events.st.vish.gg -> NEW_SERVER_IP
# files.st.vish.gg -> NEW_SERVER_IP
# proxy.st.vish.gg -> NEW_SERVER_IP
# voice.st.vish.gg -> NEW_SERVER_IP
# st.vish.gg -> NEW_SERVER_IP
```
### 2. Update Monitoring
```bash
# Update any monitoring systems to check new server
# Update health check URLs
# Update alerting configurations
```
### 3. Cleanup Old Server
```bash
# On Seattle VM - ONLY after confirming new server works
# Stop services
pkill -f revolt-
# Stop Docker services
docker-compose down
# Archive data (don't delete immediately)
mv /root/stoatchat /root/stoatchat-archived-$(date +%Y%m%d)
```
## Rollback Plan
If migration fails, you can quickly rollback:
### 1. Immediate Rollback
```bash
# Update DNS back to Seattle VM IP
# Restart services on Seattle VM
# On Seattle VM
cd /root/stoatchat
docker-compose up -d
./start-services.sh
```
### 2. Data Rollback
```bash
# If data was corrupted during migration
# Restore from backup on Seattle VM
cd /root/stoatchat-backup/$(date +%Y%m%d)
# Follow restore procedures above
```
## Migration Checklist
### Pre-Migration
- [ ] Document current state
- [ ] Create complete backup
- [ ] Test backup integrity
- [ ] Prepare new server
- [ ] Plan DNS update strategy
### During Migration
- [ ] Transfer backup files
- [ ] Restore configuration
- [ ] Setup infrastructure services
- [ ] Restore data
- [ ] Configure nginx
- [ ] Start Stoatchat services
### Post-Migration
- [ ] Verify all services running
- [ ] Test all endpoints
- [ ] Check data integrity
- [ ] Update DNS records
- [ ] Update monitoring
- [ ] Archive old server data
### Rollback Ready
- [ ] Keep old server running until confirmed
- [ ] Have DNS rollback plan
- [ ] Keep backup accessible
- [ ] Document any issues found
## Troubleshooting Common Issues
### Services Won't Start
```bash
# Check logs
tail -f /root/stoatchat/*.log
# Check configuration
cat /root/stoatchat/Revolt.overrides.toml | grep -E "(mongodb|redis)"
# Check infrastructure services
docker-compose logs
```
### Database Connection Issues
```bash
# Test MongoDB connection
docker exec stoatchat-mongodb mongo --eval "db.adminCommand('ismaster')"
# Check credentials
grep mongodb /root/stoatchat/Revolt.overrides.toml
```
### SSL Certificate Issues
```bash
# Check certificate validity
openssl x509 -in /etc/letsencrypt/live/api.st.vish.gg/fullchain.pem -text -noout
# Renew certificates if needed
certbot renew --dry-run
```
### DNS Propagation Issues
```bash
# Check DNS resolution
dig api.st.vish.gg
nslookup api.st.vish.gg 8.8.8.8
# Check from different locations
curl -H "Host: api.st.vish.gg" http://NEW_SERVER_IP/
```
---
This migration guide provides a comprehensive process for moving Stoatchat to a new server while minimizing downtime and ensuring data integrity.

107
docs/services/stoatchat/README.md Normal file
View File

@@ -0,0 +1,107 @@
# Stoatchat Deployment - Seattle VM
Stoatchat is a self-hosted Discord/Slack alternative (Revolt.chat fork) deployed on the Seattle VM at st.vish.gg.
## Server Information
- **Host**: Seattle VM (YOUR_WAN_IP)
- **Location**: /root/stoatchat
- **Repository**: https://github.com/stoatchat/stoatchat.git
- **Domain**: st.vish.gg (and subdomains)
## Quick Status Check
```bash
# SSH to Seattle VM first
ssh root@YOUR_WAN_IP
# Check all services
ps aux | grep revolt
ss -tlnp | grep -E "(14702|14703|14704|14705|14706|7880)"
# Test endpoints locally
curl -k https://api.st.vish.gg/ --resolve api.st.vish.gg:443:127.0.0.1
curl -k https://files.st.vish.gg/ --resolve files.st.vish.gg:443:127.0.0.1
curl -k https://proxy.st.vish.gg/ --resolve proxy.st.vish.gg:443:127.0.0.1
curl -k https://voice.st.vish.gg/ --resolve voice.st.vish.gg:443:127.0.0.1
```
## Service URLs
- **Main App**: https://st.vish.gg (frontend - placeholder currently)
- **API**: https://api.st.vish.gg
- **WebSocket Events**: wss://events.st.vish.gg
- **File Server**: https://files.st.vish.gg
- **Media Proxy**: https://proxy.st.vish.gg
- **Voice/Video**: wss://voice.st.vish.gg
## Architecture on Seattle VM
```
Internet → Cloudflare → Seattle VM (YOUR_WAN_IP)
Nginx (443/80)
┌───────┼───────┐
│ │ │
Stoatchat Docker System
Services Services Services
│ │ │
┌───┼───┐ │ ┌───┼───┐
│ │ │ │ │ │ │
API Events Files Redis MongoDB MinIO
14702 14703 14704 6380 27017 14009
LiveKit
7880
```
## Current Status: ✅ OPERATIONAL
All services are running and tested on Seattle VM. The setup is production-ready except for the frontend client.
## Files in this Directory
- `docker-compose.yml` - Infrastructure services (Redis, MongoDB, MinIO, LiveKit)
- `Revolt.overrides.toml` - Main configuration file
- `livekit.yml` - LiveKit voice/video configuration
- `nginx-config.conf` - Nginx reverse proxy configuration
- `DEPLOYMENT_GUIDE.md` - Complete step-by-step deployment instructions
- `MIGRATION_GUIDE.md` - Instructions for moving to a new server
- `TROUBLESHOOTING.md` - Common issues and solutions
- `SERVICE_MANAGEMENT.md` - Start/stop/restart procedures
## Service Management
### Starting Services
```bash
cd /root/stoatchat
# Start infrastructure services
docker-compose up -d
# Stoatchat services are built and run as binaries
# They should auto-start, but if needed:
./target/debug/revolt-delta & # API server
./target/debug/revolt-bonfire & # Events WebSocket
./target/debug/revolt-autumn & # File server
./target/debug/revolt-january & # Media proxy
./target/debug/revolt-gifbox & # GIF service
```
### Checking Status
```bash
# Check processes
ps aux | grep revolt
# Check ports
ss -tlnp | grep -E "(14702|14703|14704|14705|14706|7880)"
# Check Docker services
docker-compose ps
# Check nginx
systemctl status nginx
```
Last verified: 2026-02-11

594
docs/services/stoatchat/SERVICE_MANAGEMENT.md Normal file
View File

@@ -0,0 +1,594 @@
# Stoatchat Service Management
Complete guide for managing Stoatchat services on the Seattle VM.
## Service Architecture
```
Stoatchat Services (Native Binaries)
├── revolt-delta (API Server) → Port 14702
├── revolt-bonfire (Events WebSocket) → Port 14703
├── revolt-autumn (File Server) → Port 14704
├── revolt-january (Media Proxy) → Port 14705
└── revolt-gifbox (GIF Service) → Port 14706
Infrastructure Services (Docker)
├── Redis (KeyDB) → Port 6380
├── MongoDB → Port 27017
├── MinIO → Port 14009
└── LiveKit → Port 7880
System Services
└── Nginx → Ports 80, 443
```
## Starting Services
### 1. Start Infrastructure Services
```bash
cd /root/stoatchat
# Start all Docker services
docker-compose up -d
# Check status
docker-compose ps
# Wait for services to be ready (important!)
sleep 30
```
### 2. Start Stoatchat Services
```bash
cd /root/stoatchat
# Start all services in background
nohup ./target/debug/revolt-delta > api.log 2>&1 &
nohup ./target/debug/revolt-bonfire > events.log 2>&1 &
nohup ./target/debug/revolt-autumn > files.log 2>&1 &
nohup ./target/debug/revolt-january > proxy.log 2>&1 &
nohup ./target/debug/revolt-gifbox > gifbox.log 2>&1 &
echo "All Stoatchat services started"
```
### 3. Automated Startup Script
```bash
# Create startup script
cat > /root/stoatchat/start-all-services.sh << 'EOF'
#!/bin/bash
cd /root/stoatchat
echo "Starting infrastructure services..."
docker-compose up -d
echo "Waiting for infrastructure to be ready..."
sleep 30
echo "Starting Stoatchat services..."
nohup ./target/debug/revolt-delta > api.log 2>&1 &
nohup ./target/debug/revolt-bonfire > events.log 2>&1 &
nohup ./target/debug/revolt-autumn > files.log 2>&1 &
nohup ./target/debug/revolt-january > proxy.log 2>&1 &
nohup ./target/debug/revolt-gifbox > gifbox.log 2>&1 &
echo "All services started. Checking status..."
sleep 5
ps aux | grep revolt | grep -v grep
EOF
chmod +x /root/stoatchat/start-all-services.sh
```
## Stopping Services
### 1. Stop Stoatchat Services
```bash
# Stop all revolt processes
pkill -f revolt-
# Or stop individually
pkill -f revolt-delta # API
pkill -f revolt-bonfire # Events
pkill -f revolt-autumn # Files
pkill -f revolt-january # Proxy
pkill -f revolt-gifbox # GIF
```
### 2. Stop Infrastructure Services
```bash
cd /root/stoatchat
# Stop all Docker services
docker-compose down
# Or stop individually
docker-compose stop redis
docker-compose stop database
docker-compose stop minio
docker-compose stop livekit
```
### 3. Complete Shutdown Script
```bash
# Create shutdown script
cat > /root/stoatchat/stop-all-services.sh << 'EOF'
#!/bin/bash
cd /root/stoatchat
echo "Stopping Stoatchat services..."
pkill -f revolt-
echo "Stopping infrastructure services..."
docker-compose down
echo "All services stopped."
EOF
chmod +x /root/stoatchat/stop-all-services.sh
```
## Restarting Services
### 1. Restart Individual Stoatchat Service
```bash
cd /root/stoatchat
# Example: Restart API server
pkill -f revolt-delta
nohup ./target/debug/revolt-delta > api.log 2>&1 &
# Example: Restart Events service
pkill -f revolt-bonfire
nohup ./target/debug/revolt-bonfire > events.log 2>&1 &
```
### 2. Restart Infrastructure Service
```bash
cd /root/stoatchat
# Example: Restart Redis
docker-compose restart redis
# Example: Restart MongoDB
docker-compose restart database
```
### 3. Complete Restart
```bash
cd /root/stoatchat
# Stop everything
./stop-all-services.sh
# Wait a moment
sleep 5
# Start everything
./start-all-services.sh
```
## Service Status Monitoring
### 1. Check Running Processes
```bash
# Check all Stoatchat processes
ps aux | grep revolt | grep -v grep
# Check specific service
ps aux | grep revolt-delta
# Check with process tree
pstree -p | grep revolt
```
### 2. Check Listening Ports
```bash
# Check all Stoatchat ports
ss -tlnp | grep -E "(14702|14703|14704|14705|14706|7880)"
# Check specific port
ss -tlnp | grep 14702
# Check with netstat
netstat -tlnp | grep -E "(14702|14703|14704|14705|14706|7880)"
```
### 3. Check Docker Services
```bash
cd /root/stoatchat
# Check all services
docker-compose ps
# Check specific service
docker-compose ps redis
# Check service logs
docker-compose logs redis
docker-compose logs database
docker-compose logs minio
docker-compose logs livekit
```
### 4. Service Health Check
```bash
# Test all endpoints
curl -s https://api.st.vish.gg/ | jq .revolt
curl -s https://files.st.vish.gg/ | jq .autumn
curl -s https://proxy.st.vish.gg/ | jq .january
curl -s https://voice.st.vish.gg/
# Or use the health check script
/root/stoatchat/health-check.sh
```
## Log Management
### 1. View Service Logs
```bash
cd /root/stoatchat
# View current logs
tail -f api.log # API server
tail -f events.log # Events WebSocket
tail -f files.log # File server
tail -f proxy.log # Media proxy
tail -f gifbox.log # GIF service
# View all logs simultaneously
tail -f *.log
# View with timestamps
tail -f api.log | while read line; do echo "$(date): $line"; done
```
### 2. Log Rotation
```bash
# Create log rotation script
cat > /root/stoatchat/rotate-logs.sh << 'EOF'
#!/bin/bash
cd /root/stoatchat
# Rotate logs if they're larger than 100MB
for log in api.log events.log files.log proxy.log gifbox.log; do
if [ -f "$log" ] && [ $(stat -f%z "$log" 2>/dev/null || stat -c%s "$log") -gt 104857600 ]; then
mv "$log" "$log.$(date +%Y%m%d-%H%M%S)"
touch "$log"
echo "Rotated $log"
fi
done
EOF
chmod +x /root/stoatchat/rotate-logs.sh
# Add to crontab for daily rotation
# crontab -e
# 0 2 * * * /root/stoatchat/rotate-logs.sh
```
### 3. Clear Logs
```bash
cd /root/stoatchat
# Clear all logs
> api.log
> events.log
> files.log
> proxy.log
> gifbox.log
# Or remove and recreate
rm -f *.log
touch api.log events.log files.log proxy.log gifbox.log
```
## Configuration Management
### 1. Backup Configuration
```bash
cd /root/stoatchat
# Create backup
cp Revolt.overrides.toml Revolt.overrides.toml.backup.$(date +%Y%m%d)
cp livekit.yml livekit.yml.backup.$(date +%Y%m%d)
cp compose.yml compose.yml.backup.$(date +%Y%m%d)
```
### 2. Apply Configuration Changes
```bash
cd /root/stoatchat
# After editing Revolt.overrides.toml
# Restart affected services
pkill -f revolt-
./start-all-services.sh
# After editing livekit.yml
docker-compose restart livekit
# After editing compose.yml
docker-compose down
docker-compose up -d
```
### 3. Validate Configuration
```bash
cd /root/stoatchat
# Check TOML syntax
python3 -c "import toml; toml.load('Revolt.overrides.toml')" && echo "TOML valid"
# Check YAML syntax
python3 -c "import yaml; yaml.safe_load(open('livekit.yml'))" && echo "YAML valid"
python3 -c "import yaml; yaml.safe_load(open('compose.yml'))" && echo "Compose valid"
# Check nginx configuration
nginx -t
```
## Systemd Service Setup (Optional)
### 1. Create Systemd Services
```bash
# API Service
cat > /etc/systemd/system/stoatchat-api.service << 'EOF'
[Unit]
Description=Stoatchat API Server
After=network.target docker.service
Requires=docker.service
[Service]
Type=simple
User=root
WorkingDirectory=/root/stoatchat
ExecStart=/root/stoatchat/target/debug/revolt-delta
Restart=always
RestartSec=10
StandardOutput=append:/root/stoatchat/api.log
StandardError=append:/root/stoatchat/api.log
[Install]
WantedBy=multi-user.target
EOF
# Events Service
cat > /etc/systemd/system/stoatchat-events.service << 'EOF'
[Unit]
Description=Stoatchat Events WebSocket
After=network.target docker.service stoatchat-api.service
Requires=docker.service
[Service]
Type=simple
User=root
WorkingDirectory=/root/stoatchat
ExecStart=/root/stoatchat/target/debug/revolt-bonfire
Restart=always
RestartSec=10
StandardOutput=append:/root/stoatchat/events.log
StandardError=append:/root/stoatchat/events.log
[Install]
WantedBy=multi-user.target
EOF
# Files Service
cat > /etc/systemd/system/stoatchat-files.service << 'EOF'
[Unit]
Description=Stoatchat File Server
After=network.target docker.service
Requires=docker.service
[Service]
Type=simple
User=root
WorkingDirectory=/root/stoatchat
ExecStart=/root/stoatchat/target/debug/revolt-autumn
Restart=always
RestartSec=10
StandardOutput=append:/root/stoatchat/files.log
StandardError=append:/root/stoatchat/files.log
[Install]
WantedBy=multi-user.target
EOF
# Proxy Service
cat > /etc/systemd/system/stoatchat-proxy.service << 'EOF'
[Unit]
Description=Stoatchat Media Proxy
After=network.target docker.service
Requires=docker.service
[Service]
Type=simple
User=root
WorkingDirectory=/root/stoatchat
ExecStart=/root/stoatchat/target/debug/revolt-january
Restart=always
RestartSec=10
StandardOutput=append:/root/stoatchat/proxy.log
StandardError=append:/root/stoatchat/proxy.log
[Install]
WantedBy=multi-user.target
EOF
# GIF Service
cat > /etc/systemd/system/stoatchat-gifbox.service << 'EOF'
[Unit]
Description=Stoatchat GIF Service
After=network.target docker.service
Requires=docker.service
[Service]
Type=simple
User=root
WorkingDirectory=/root/stoatchat
ExecStart=/root/stoatchat/target/debug/revolt-gifbox
Restart=always
RestartSec=10
StandardOutput=append:/root/stoatchat/gifbox.log
StandardError=append:/root/stoatchat/gifbox.log
[Install]
WantedBy=multi-user.target
EOF
```
### 2. Enable and Start Systemd Services
```bash
# Reload systemd
systemctl daemon-reload
# Enable services
systemctl enable stoatchat-api
systemctl enable stoatchat-events
systemctl enable stoatchat-files
systemctl enable stoatchat-proxy
systemctl enable stoatchat-gifbox
# Start services
systemctl start stoatchat-api
systemctl start stoatchat-events
systemctl start stoatchat-files
systemctl start stoatchat-proxy
systemctl start stoatchat-gifbox
# Check status
systemctl status stoatchat-api
systemctl status stoatchat-events
systemctl status stoatchat-files
systemctl status stoatchat-proxy
systemctl status stoatchat-gifbox
```
### 3. Manage with Systemd
```bash
# Start all services
systemctl start stoatchat-api stoatchat-events stoatchat-files stoatchat-proxy stoatchat-gifbox
# Stop all services
systemctl stop stoatchat-api stoatchat-events stoatchat-files stoatchat-proxy stoatchat-gifbox
# Restart all services
systemctl restart stoatchat-api stoatchat-events stoatchat-files stoatchat-proxy stoatchat-gifbox
# Check status of all services
systemctl status stoatchat-*
```
## Maintenance Tasks
### 1. Regular Maintenance
```bash
# Weekly maintenance script
cat > /root/stoatchat/weekly-maintenance.sh << 'EOF'
#!/bin/bash
cd /root/stoatchat
echo "=== Weekly Stoatchat Maintenance ==="
echo "Date: $(date)"
# Rotate logs
./rotate-logs.sh
# Update Docker images
docker-compose pull
# Restart services with new images
docker-compose down
docker-compose up -d
# Clean up old Docker images
docker image prune -f
# Check disk usage
echo "Disk usage:"
df -h /root/stoatchat
echo "Maintenance completed."
EOF
chmod +x /root/stoatchat/weekly-maintenance.sh
```
### 2. Update Procedures
```bash
# Update Stoatchat code
cd /root/stoatchat
git pull origin main
# Rebuild services
cargo build
# Restart services
./stop-all-services.sh
./start-all-services.sh
```
### 3. Backup Procedures
```bash
# Create backup script
cat > /root/stoatchat/backup.sh << 'EOF'
#!/bin/bash
BACKUP_DIR="/root/stoatchat-backups/$(date +%Y%m%d)"
mkdir -p "$BACKUP_DIR"
cd /root/stoatchat
# Backup configuration
cp Revolt.overrides.toml "$BACKUP_DIR/"
cp livekit.yml "$BACKUP_DIR/"
cp compose.yml "$BACKUP_DIR/"
# Backup MongoDB
docker exec stoatchat-mongodb mongodump --out "$BACKUP_DIR/mongodb"
# Backup MinIO data
docker exec stoatchat-minio tar czf - /data > "$BACKUP_DIR/minio-data.tar.gz"
echo "Backup completed: $BACKUP_DIR"
EOF
chmod +x /root/stoatchat/backup.sh
```
## Quick Reference
### Essential Commands
```bash
# Start everything
cd /root/stoatchat && ./start-all-services.sh
# Stop everything
cd /root/stoatchat && ./stop-all-services.sh
# Check status
ps aux | grep revolt && docker-compose ps
# View logs
cd /root/stoatchat && tail -f *.log
# Test endpoints
curl https://api.st.vish.gg/ && curl https://files.st.vish.gg/
```
### Service Ports
- API (revolt-delta): 14702
- Events (revolt-bonfire): 14703
- Files (revolt-autumn): 14704
- Proxy (revolt-january): 14705
- GIF (revolt-gifbox): 14706
- LiveKit: 7880
- Redis: 6380
- MongoDB: 27017
- MinIO: 14009
### Important Files
- Configuration: `/root/stoatchat/Revolt.overrides.toml`
- LiveKit config: `/root/stoatchat/livekit.yml`
- Docker config: `/root/stoatchat/compose.yml`
- Nginx config: `/etc/nginx/sites-available/stoatchat`
- Logs: `/root/stoatchat/*.log`

473
docs/services/stoatchat/TROUBLESHOOTING.md Normal file
View File

@@ -0,0 +1,473 @@
# Stoatchat Troubleshooting Guide
Common issues and solutions for the Stoatchat deployment on Seattle VM.
## Quick Diagnostics
### Check All Services Status
```bash
# SSH to Seattle VM
ssh root@YOUR_WAN_IP
# Check Stoatchat processes
ps aux | grep revolt
# Check ports
ss -tlnp | grep -E "(14702|14703|14704|14705|14706|7880)"
# Check Docker services
cd /root/stoatchat
docker-compose ps
# Check nginx
systemctl status nginx
```
### Test All Endpoints
```bash
# Test locally on server
curl -k https://api.st.vish.gg/ --resolve api.st.vish.gg:443:127.0.0.1
curl -k https://files.st.vish.gg/ --resolve files.st.vish.gg:443:127.0.0.1
curl -k https://proxy.st.vish.gg/ --resolve proxy.st.vish.gg:443:127.0.0.1
curl -k https://voice.st.vish.gg/ --resolve voice.st.vish.gg:443:127.0.0.1
# Test externally
curl https://api.st.vish.gg/
curl https://files.st.vish.gg/
curl https://proxy.st.vish.gg/
curl https://voice.st.vish.gg/
```
## Common Issues
### 1. Services Not Starting
#### Symptoms
- `ps aux | grep revolt` shows no processes
- Ports not listening
- Connection refused errors
#### Diagnosis
```bash
cd /root/stoatchat
# Check if binaries exist
ls -la target/debug/revolt-*
# Try starting manually to see errors
./target/debug/revolt-delta
# Check logs
tail -f api.log events.log files.log proxy.log gifbox.log
```
#### Solutions
```bash
# Rebuild if binaries missing
cargo build
# Check configuration
cat Revolt.overrides.toml | grep -E "(mongodb|redis|s3_)"
# Restart infrastructure services
docker-compose down && docker-compose up -d
# Wait for services to be ready
sleep 30
# Start Stoatchat services
nohup ./target/debug/revolt-delta > api.log 2>&1 &
nohup ./target/debug/revolt-bonfire > events.log 2>&1 &
nohup ./target/debug/revolt-autumn > files.log 2>&1 &
nohup ./target/debug/revolt-january > proxy.log 2>&1 &
nohup ./target/debug/revolt-gifbox > gifbox.log 2>&1 &
```
### 2. Database Connection Issues
#### Symptoms
- Services start but crash immediately
- "Connection refused" in logs
- MongoDB/Redis errors
#### Diagnosis
```bash
# Check Docker services
docker-compose ps
# Test MongoDB connection
docker exec stoatchat-mongodb mongo --eval "db.adminCommand('ismaster')"
# Test Redis connection
docker exec stoatchat-redis redis-cli ping
# Check configuration
grep -E "(mongodb|redis)" /root/stoatchat/Revolt.overrides.toml
```
#### Solutions
```bash
# Restart infrastructure
docker-compose restart
# Check MongoDB logs
docker-compose logs database
# Check Redis logs
docker-compose logs redis
# Verify ports are accessible
telnet 127.0.0.1 27017
telnet 127.0.0.1 6380
```
### 3. SSL Certificate Issues
#### Symptoms
- SSL errors in browser
- Certificate expired warnings
- nginx fails to start
#### Diagnosis
```bash
# Check certificate validity
openssl x509 -in /etc/letsencrypt/live/api.st.vish.gg/fullchain.pem -text -noout | grep -A2 "Validity"
# Check nginx configuration
nginx -t
# Check certificate files exist
ls -la /etc/letsencrypt/live/*/
```
#### Solutions
```bash
# Renew certificates
certbot renew
# Or renew specific certificate
certbot renew --cert-name api.st.vish.gg
# Test renewal
certbot renew --dry-run
# Reload nginx after renewal
systemctl reload nginx
```
### 4. File Upload Issues
#### Symptoms
- File uploads fail
- 413 Request Entity Too Large
- MinIO connection errors
#### Diagnosis
```bash
# Check MinIO status
docker-compose logs minio
# Test MinIO connection
curl http://127.0.0.1:14009/minio/health/live
# Check nginx file size limits
grep client_max_body_size /etc/nginx/sites-available/stoatchat
# Check MinIO credentials
grep -A5 "\[files\]" /root/stoatchat/Revolt.overrides.toml
```
#### Solutions
```bash
# Restart MinIO
docker-compose restart minio
# Check MinIO bucket exists
docker exec stoatchat-minio mc ls local/
# Create bucket if missing
docker exec stoatchat-minio mc mb local/revolt-uploads
# Increase nginx file size limit if needed
sed -i 's/client_max_body_size 100M;/client_max_body_size 500M;/' /etc/nginx/sites-available/stoatchat
systemctl reload nginx
```
### 5. WebSocket Connection Issues
#### Symptoms
- Events service returns 502
- WebSocket connections fail
- Real-time features not working
#### Diagnosis
```bash
# Check events service
curl -k https://events.st.vish.gg/ --resolve events.st.vish.gg:443:127.0.0.1
# Check if service is listening
ss -tlnp | grep 14703
# Check nginx WebSocket configuration
grep -A10 "events.st.vish.gg" /etc/nginx/sites-available/stoatchat
```
#### Solutions
```bash
# Restart events service
pkill -f revolt-bonfire
nohup ./target/debug/revolt-bonfire > events.log 2>&1 &
# Check WebSocket headers in nginx
# Ensure these are present:
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "upgrade";
# Test WebSocket connection (if wscat available)
wscat -c wss://events.st.vish.gg/
```
### 6. LiveKit Voice Issues
#### Symptoms
- Voice/video not working
- LiveKit returns errors
- Connection timeouts
#### Diagnosis
```bash
# Check LiveKit status
docker-compose logs livekit
# Test LiveKit endpoint
curl -k https://voice.st.vish.gg/ --resolve voice.st.vish.gg:443:127.0.0.1
# Check LiveKit configuration
cat /root/stoatchat/livekit.yml
# Check if using correct image
docker images | grep livekit
```
#### Solutions
```bash
# Restart LiveKit
docker-compose restart livekit
# Check Redis connection for LiveKit
docker exec stoatchat-redis redis-cli ping
# Verify LiveKit configuration
# Ensure Redis address matches: localhost:6380
# Check firewall for UDP ports
ufw status | grep 7882
```
### 7. Email/SMTP Issues
#### Symptoms
- Email verification not working
- SMTP connection errors
- Authentication failures
#### Diagnosis
```bash
# Check SMTP configuration
grep -A10 "\[email\]" /root/stoatchat/Revolt.overrides.toml
# Test SMTP connection
telnet smtp.gmail.com 587
# Check logs for SMTP errors
grep -i smtp /root/stoatchat/*.log
```
#### Solutions
```bash
# Verify Gmail App Password is correct
# Check if 2FA is enabled on Gmail account
# Ensure "Less secure app access" is not needed (use App Password instead)
# Test SMTP manually
openssl s_client -starttls smtp -connect smtp.gmail.com:587
```
## Performance Issues
### High CPU Usage
```bash
# Check which service is using CPU
top -p $(pgrep -d',' revolt)
# Check for memory leaks
ps aux --sort=-%mem | grep revolt
# Monitor resource usage
htop
```
### High Memory Usage
```bash
# Check memory usage per service
ps aux --sort=-%mem | grep revolt
# Check Docker container usage
docker stats
# Check system memory
free -h
```
### Slow Response Times
```bash
# Check nginx access logs
tail -f /var/log/nginx/access.log
# Check service logs for slow queries
grep -i "slow\|timeout" /root/stoatchat/*.log
# Test response times
time curl https://api.st.vish.gg/
```
## Log Analysis
### Service Logs Location
```bash
cd /root/stoatchat
# Main service logs
tail -f api.log # API server
tail -f events.log # WebSocket events
tail -f files.log # File server
tail -f proxy.log # Media proxy
tail -f gifbox.log # GIF service
# System logs
journalctl -u nginx -f
docker-compose logs -f
```
### Common Log Patterns
```bash
# Database connection errors
grep -i "connection.*refused\|timeout" *.log
# Authentication errors
grep -i "auth\|login\|token" *.log
# File upload errors
grep -i "upload\|s3\|minio" *.log
# WebSocket errors
grep -i "websocket\|upgrade" *.log
```
## Recovery Procedures
### Complete Service Restart
```bash
cd /root/stoatchat
# Stop all Stoatchat services
pkill -f revolt-
# Restart infrastructure
docker-compose down
docker-compose up -d
# Wait for services to be ready
sleep 30
# Start Stoatchat services
nohup ./target/debug/revolt-delta > api.log 2>&1 &
nohup ./target/debug/revolt-bonfire > events.log 2>&1 &
nohup ./target/debug/revolt-autumn > files.log 2>&1 &
nohup ./target/debug/revolt-january > proxy.log 2>&1 &
nohup ./target/debug/revolt-gifbox > gifbox.log 2>&1 &
# Restart nginx
systemctl restart nginx
```
### Emergency Rebuild
```bash
cd /root/stoatchat
# Stop services
pkill -f revolt-
# Clean build
cargo clean
cargo build
# Restart everything
docker-compose down && docker-compose up -d
sleep 30
# Start services with new binaries
./start-services.sh # If you created this script
```
### Database Recovery
```bash
# If MongoDB is corrupted
docker-compose stop database
docker volume rm stoatchat_mongodb_data # WARNING: This deletes data
docker-compose up -d database
# Restore from backup if available
# mongorestore --uri="mongodb://127.0.0.1:27017/revolt" /path/to/backup
```
## Monitoring Commands
### Health Check Script
```bash
#!/bin/bash
# Save as /root/stoatchat/health-check.sh
echo "=== Stoatchat Health Check ==="
echo "Date: $(date)"
echo
echo "=== Process Status ==="
ps aux | grep revolt | grep -v grep
echo -e "\n=== Port Status ==="
ss -tlnp | grep -E "(14702|14703|14704|14705|14706|7880)"
echo -e "\n=== Docker Services ==="
cd /root/stoatchat && docker-compose ps
echo -e "\n=== Nginx Status ==="
systemctl is-active nginx
echo -e "\n=== Endpoint Tests ==="
for endpoint in api files proxy voice; do
echo -n "$endpoint.st.vish.gg: "
curl -s -o /dev/null -w "%{http_code}" https://$endpoint.st.vish.gg/ || echo "FAIL"
done
echo -e "\n=== Disk Usage ==="
df -h /root/stoatchat
echo -e "\n=== Memory Usage ==="
free -h
```
### Automated Monitoring
```bash
# Add to crontab for regular health checks
# crontab -e
# */5 * * * * /root/stoatchat/health-check.sh >> /var/log/stoatchat-health.log 2>&1
```
## Contact Information
For additional support:
- Repository: https://github.com/stoatchat/stoatchat
- Documentation: Check /root/stoatchat/docs/
- Logs: /root/stoatchat/*.log
- Configuration: /root/stoatchat/Revolt.overrides.toml

77
docs/services/stoatchat/docker-compose.yml Normal file
View File

@@ -0,0 +1,77 @@
services:
# Redis
redis:
image: eqalpha/keydb
ports:
- "6380:6379"
# MongoDB
database:
image: mongo
ports:
- "27017:27017"
volumes:
- ./.data/db:/data/db
ulimits:
nofile:
soft: 65536
hard: 65536
# MinIO
minio:
image: minio/minio
command: server /data
environment:
MINIO_ROOT_USER: REDACTED_MINIO_CRED
MINIO_ROOT_PASSWORD: "REDACTED_PASSWORD"
volumes:
- ./.data/minio:/data
ports:
- "14009:9000"
- "14010:9001"
restart: always
# Create buckets for minio.
createbuckets:
image: minio/mc
depends_on:
- minio
entrypoint: >
/bin/sh -c "while ! /usr/bin/mc ready minio; do
/usr/bin/mc alias set minio http://minio:9000 REDACTED_MINIO_CRED REDACTED_MINIO_CRED;
echo 'Waiting minio...' && sleep 1;
done; /usr/bin/mc mb minio/revolt-uploads; exit 0;"
# Rabbit
rabbit:
image: rabbitmq:4-management
environment:
RABBITMQ_DEFAULT_USER: rabbituser
RABBITMQ_DEFAULT_PASS: "REDACTED_PASSWORD"
volumes:
- ./.data/rabbit:/var/lib/rabbitmq
#- ./rabbit_plugins:/opt/rabbitmq/plugins/
#- ./rabbit_enabled_plugins:/etc/rabbitmq/enabled_plugins
# uncomment this if you need to enable other plugins
ports:
- "5672:5672"
- "15672:15672" # management UI, for development
# Mock SMTP server
maildev:
image: maildev/maildev
ports:
- "14025:25"
- "14080:8080"
environment:
MAILDEV_SMTP_PORT: 25
MAILDEV_WEB_PORT: 8080
MAILDEV_INCOMING_USER: smtp
MAILDEV_INCOMING_PASS: "REDACTED_PASSWORD"
livekit:
image: livekit/livekit-server:v1.9.9
command: --config /etc/livekit.yml
network_mode: "host"
volumes:
- ./livekit.yml:/etc/livekit.yml

166
docs/services/stoatchat/nginx-config.conf Normal file
View File

@@ -0,0 +1,166 @@
# Main app - st.vish.gg
server {
listen 80;
server_name st.vish.gg;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name st.vish.gg;
ssl_certificate /etc/nginx/ssl/st.vish.gg.crt;
ssl_certificate_key /etc/nginx/ssl/st.vish.gg.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
location / {
# This would proxy to the frontend app when it's set up
# For now, return a placeholder
return 200 "Stoatchat Frontend - Coming Soon";
add_header Content-Type text/plain;
}
}
# API - api.st.vish.gg
server {
listen 80;
server_name api.st.vish.gg;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name api.st.vish.gg;
ssl_certificate /etc/letsencrypt/live/api.st.vish.gg/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/api.st.vish.gg/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:14702;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
}
}
# Events WebSocket - events.st.vish.gg
server {
listen 80;
server_name events.st.vish.gg;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name events.st.vish.gg;
ssl_certificate /etc/letsencrypt/live/events.st.vish.gg/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/events.st.vish.gg/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:14703;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
}
}
# Files - files.st.vish.gg
server {
listen 80;
server_name files.st.vish.gg;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name files.st.vish.gg;
ssl_certificate /etc/letsencrypt/live/files.st.vish.gg/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/files.st.vish.gg/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
client_max_body_size 100M;
location / {
proxy_pass http://127.0.0.1:14704;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# Proxy - proxy.st.vish.gg
server {
listen 80;
server_name proxy.st.vish.gg;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name proxy.st.vish.gg;
ssl_certificate /etc/letsencrypt/live/proxy.st.vish.gg/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/proxy.st.vish.gg/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:14705;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# Voice/LiveKit - voice.st.vish.gg
server {
listen 80;
server_name voice.st.vish.gg;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name voice.st.vish.gg;
ssl_certificate /etc/letsencrypt/live/voice.st.vish.gg/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/voice.st.vish.gg/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:7880;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
}
}