Skip to main content

deployment instructions

Service Migration Deployment Instructions

Date: 2026-01-19 Status: Code changes complete, deployment requires manual steps Last Updated: 2026-01-23 (Added NAS sync status and warnings)

✅ COMPLETED AUTOMATICALLY

Phase 2: Code Updates (100% Complete)

  • ✅ Updated 20+ files to use NAS URLs instead of localhost
  • ✅ Updated .env.local with NAS and Vast.ai endpoints
  • ✅ Updated Cloudflare tunnel config to point to NAS

Phase 4: Local Service Cleanup

  • ✅ Stopped local Redis service

⚠️ NAS REPOSITORY SYNC STATUS (2026-01-23)

CRITICAL FINDINGS: Multiple repositories are out of sync between local and NAS.

Out of Sync Repositories

🔴 CRITICAL PRIORITY:

  • security-policies: 46 commits ahead, 2 behind (DIVERGED - requires review)
  • api_normalization: Drupal core/contrib contamination (cleanup required)

🔴 HIGH PRIORITY:

  • agent-buildkit: 15 commits ahead
  • gitlab_components: 17 commits ahead

🟡 MEDIUM PRIORITY:

  • technical-docs: 11 commits ahead, 9 behind (DIVERGED)
  • demo_llm-platform: 7 commits ahead
  • agent-brain: 8 commits ahead
  • platform-agents: 5 commits ahead, 4 behind (DIVERGED)
  • api-schema-registry: Out of sync (branch difference)

⚠️ MISSING:

  • project-template: No bare repo found on NAS

Recommended Sync Actions

Before deploying, sync all repositories to NAS:

# Option 1: Manual push (recommended for reviewing changes)
cd /Users/flux423/Sites/blueflyio/<repo-name>
git push nas <branch-name>

# Option 2: Batch sync (if available)
buildkit infrastructure nas sync-repos --verify

# Option 3: Per-repository review (for diverged repos)
cd /Users/flux423/Sites/blueflyio/security-policies
git fetch nas
git log HEAD..nas/main  # Review NAS commits not in local
git log nas/main..HEAD  # Review local commits not in NAS
git push nas main       # After reviewing conflicts

Note: Diverged repositories (security-policies, platform-agents, technical-docs) may have conflicts. Review carefully before pushing.

📋 MANUAL DEPLOYMENT STEPS REQUIRED

Step 0: Use BuildKit CLI (Recommended)

The BuildKit CLI provides automated deployment commands:

# Deploy to NAS using BuildKit
buildkit infrastructure nas deploy

# Or use the manual deployment command
buildkit infrastructure nas deploy-manual

# Start services on NAS
buildkit infrastructure nas start-services

# Check NAS health
buildkit infrastructure nas health

# View NAS logs
buildkit infrastructure nas logs

# Get NAS summary
buildkit infrastructure nas summary

Note: These commands require SSH access to the NAS. If SSH authentication fails, use Option B or C below.

Step 1: Deploy Docker Compose to NAS

Option A: Using BuildKit CLI (Fastest)

# Automated deployment
buildkit infrastructure nas deploy

# This will:
# 1. Copy docker-compose.yml to NAS
# 2. Create .env file (prompts for secrets)
# 3. Start all services
# 4. Verify deployment

Option B: Using Container Manager UI (Recommended for manual setup)

  1. Open DSM: https://blueflynas.tailcf98b3.ts.net:5001
  2. Navigate to: Container ManagerProjectCreate
  3. Project name: AgentPlatform
  4. Path: /volume1/docker
  5. Import docker-compose.yml from:
    • Local file: common_npm/agent-docker/deployments/nas/docker-compose.nas.yml
    • Or copy content manually

Option C: Using SSH (if authentication works)

# Copy docker-compose file
scp common_npm/agent-docker/deployments/nas/docker-compose.nas.yml \
  bluefly@blueflynas.tailcf98b3.ts.net:/volume1/docker/docker-compose.yml

# SSH to NAS
ssh bluefly@blueflynas.tailcf98b3.ts.net

# Navigate to docker directory
cd /volume1/docker

# Create .env file (get secrets from 1Password)
# Required variables:
# - POSTGRES_USER
# - POSTGRES_PASSWORD
# - MINIO_ROOT_USER
# - MINIO_ROOT_PASSWORD
# - GITLAB_TOKEN
# - CLOUDFLARE_TUNNEL_TOKEN
# - QDRANT_API_KEY (optional)
# - OPENAI_API_KEY (optional)
# - ANTHROPIC_API_KEY (optional)

# Start services
docker-compose up -d

# Verify services
docker ps

Step 2: Create .env File on NAS

Create /volume1/docker/.env with the following variables (get secrets from 1Password):

# Database
POSTGRES_USER=bluefly
POSTGRES_PASSWORD=<from-1password>

# MinIO
MINIO_ROOT_USER=<from-1password>
MINIO_ROOT_PASSWORD=<from-1password>

# GitLab
GITLAB_TOKEN=<from-1password>

# Cloudflare Tunnel
CLOUDFLARE_TUNNEL_TOKEN=<from-1password>

# Optional: API Keys
OPENAI_API_KEY=<optional>
ANTHROPIC_API_KEY=<optional>
QDRANT_API_KEY=<optional>

# Vast.ai
VASTAI_INSTANCE_ID=29484611

Step 3: Verify NAS Services

Using BuildKit CLI (Recommended):

# Comprehensive verification (all checks)
buildkit infrastructure nas verify-deployment

# Quick health check
buildkit infrastructure nas health

# Detailed status
buildkit infrastructure nas summary

# View service logs
buildkit infrastructure nas logs

Verification checks:

  • ✅ Service health (PostgreSQL, Redis, Qdrant, MinIO, Agent services)
  • ✅ Endpoint accessibility (HTTP endpoints)
  • ✅ Cloudflare routes (public URLs)
  • ✅ Vast.ai connectivity (Ollama API)

Manual Verification:

From local Mac, test endpoints:

# Agent Mesh
curl http://blueflynas.tailcf98b3.ts.net:3005/health

# Agent Brain
curl http://blueflynas.tailcf98b3.ts.net:3008/health

# Qdrant
curl http://blueflynas.tailcf98b3.ts.net:6333/health

# MinIO
curl http://blueflynas.tailcf98b3.ts.net:9000/minio/health/live

# PostgreSQL (requires password)
ssh blueflynas.tailcf98b3.ts.net "docker exec postgres pg_isready -U bluefly"

# Redis
ssh blueflynas.tailcf98b3.ts.net "docker exec redis redis-cli ping"

Step 4: Configure Vast.ai Auto-Shutdown

Via Vast.ai Dashboard:

  1. Go to: https://vast.ai/console/instances
  2. Find instance: 29484611
  3. Edit instance settings
  4. Set Idle Timeout: 30 minutes (1800 seconds)
  5. Enable Auto-shutdown on idle
  6. Set Monthly Budget: $50
  7. Enable Budget Alerts at 80% and 95%

Via API:

curl -X PUT https://vast.ai/api/v0/instances/29484611/ \
  -H "Authorization: Bearer $VASTAI_API_KEY" \
  -d '{"idle_timeout": 1800, "budget": 50}'

Step 5: Restart Cloudflare Tunnel

After updating config, restart cloudflared:

brew services restart cloudflared

Or if running manually:

pkill cloudflared
cloudflared tunnel run

Step 6: Final Verification

# Check local ports are free
lsof -i :5432 -i :6379 -i :6333 -i :9000

# Should show nothing (or only connections to NAS)

# Test NAS endpoints
curl http://blueflynas.tailcf98b3.ts.net:3005/health
curl http://blueflynas.tailcf98b3.ts.net:6333/health

# Test Vast.ai
curl http://vastai-gpu.tailcf98b3.ts.net:11434/api/tags

# Test Cloudflare routes
curl https://api.blueflyagents.com/health
curl https://mesh.bluefly.internal/health

📝 FILES MODIFIED

Code Files (20+ files updated)

  • agent-buildkit/src/services/webhook/universal-event-bus.service.ts
  • agent-buildkit/src/services/ai/embedded-kg.service.ts
  • agent-buildkit/src/services/devops/database-persistence.service.ts
  • agent-buildkit/src/experimental/learning/LearningSystem.ts
  • agent-buildkit/src/experimental/ai/ollama-client.ts
  • agent-buildkit/src/commands/vastai/configure-shutdown.command.ts (Updated imports to use @bluefly/agent-router)
  • agent-buildkit/src/commands/vastai/crud-commands.ts (Updated imports to use @bluefly packages)
  • And 15+ more files...

BuildKit CLI Commands (Complete Automation)

Deployment:

  • buildkit infrastructure nas deploy execute or deploy all - Complete end-to-end deployment
  • buildkit infrastructure nas deploy docker-compose - Deploy docker-compose.yml
  • buildkit infrastructure nas deploy cloudflare - Deploy Cloudflare config
  • buildkit infrastructure nas deploy-manual - Manual deployment with prompts

Verification:

  • buildkit infrastructure nas verify-deployment - Comprehensive verification (all checks)
  • buildkit infrastructure nas health - Quick health check
  • buildkit infrastructure nas summary - Detailed status
  • buildkit infrastructure nas logs - View service logs

Management:

  • buildkit infrastructure nas start-services - Start all services
  • buildkit infrastructure nas env - Manage .env file
  • buildkit infrastructure nas containers - Container management

Configuration Files

  • .env.local - Added NAS and Vast.ai endpoints
  • ~/.cloudflared/config.yml - Updated routes to NAS

🎯 SUCCESS CRITERIA

  • All services running on NAS (verified with docker ps on NAS)
  • Local environment variables point to NAS (✅ Done)
  • No hardcoded localhost URLs in code (✅ Done)
  • Cloudflare Tunnel routes to NAS (✅ Done)
  • Vast.ai configured with auto-shutdown (⏳ Manual step)
  • No local services running (✅ Redis stopped)
  • All endpoints accessible via Tailscale hostnames (⏳ Verify after deployment)

📞 TROUBLESHOOTING

SSH Authentication Failed

  • Check SSH key in 1Password: Private/NAS SSH Key
  • Or use password: NAS_BLUE_USER from .env.local
  • Try using BuildKit CLI: buildkit infrastructure nas deploy (handles auth automatically)

Services Not Starting

  • Check logs: buildkit infrastructure nas logs or docker logs <container-name>
  • Verify .env file has all required variables
  • Check disk space: df -h on NAS
  • Use BuildKit health check: buildkit infrastructure nas health

Cloudflare Tunnel Not Working

  • Verify tunnel is running: ps aux | grep cloudflared
  • Check config: ~/.cloudflared/config.yml
  • Restart: brew services restart cloudflared

BuildKit Commands Not Working

  • Ensure you're in the agent-buildkit directory
  • Check SSH access: ssh bluefly@blueflynas.tailcf98b3.ts.net
  • Verify NAS is reachable: ping blueflynas.tailcf98b3.ts.net
  • Use manual deployment if CLI fails: See Option B or C above