#!/usr/bin/env bash # Profile: sc-web-server (hermes) # Role: nginx web/app server — staging and demo environment for AxiomFlow. # Distro: Debian 12 (bookworm) cloud image DOMAIN="sc-web-server" HOSTNAME="hermes" RAM_MB=512 VCPUS=1 DISK_SIZE="8G" GRAPHICS="vnc" BASE_URL="https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-genericcloud-amd64.qcow2" BASE_IMAGE="$SC_BASE_DIR/debian-12-genericcloud-amd64.qcow2" generate_user_data() { cat < AxiomFlow

AxiomFlow Staging

Build not yet deployed.

- path: /opt/deploy/deploy.sh owner: root:root permissions: '0755' content: | #!/usr/bin/env bash set -euo pipefail SRC="\${1:-/home/player/build/dist}" rsync -av --delete "\$SRC/" /var/www/axiomworks/ echo "\$(date) Deploy from \$SRC complete." >> /var/log/axiomworks/deploy.log - path: /home/player/.bashrc owner: root:root permissions: '0644' content: | [ -z "\$PS1" ] && return export TERM=xterm-256color export EDITOR=vim PS1='\[\e[0;33m\]\u@\h\[\e[0m\]:\[\e[0;34m\]\w\[\e[0m\]\$ ' HISTSIZE=5000 HISTFILESIZE=10000 HISTCONTROL=ignoredups:erasedups shopt -s histappend alias ll='ls -lh --color=auto' alias la='ls -lha --color=auto' alias grep='grep --color=auto' alias ..='cd ..' alias nginx-test='nginx -t' alias nginx-reload='systemctl reload nginx' alias logs='journalctl -f' if [ -f /usr/share/bash-completion/bash_completion ]; then . /usr/share/bash-completion/bash_completion fi - path: /etc/sysctl.d/99-sc-hermes.conf owner: root:root permissions: '0644' content: | vm.swappiness=10 vm.vfs_cache_pressure=50 vm.dirty_ratio=15 vm.dirty_background_ratio=3 net.ipv6.conf.all.disable_ipv6=1 net.ipv6.conf.default.disable_ipv6=1 runcmd: - ln -sf /etc/nginx/sites-available/axiomworks.conf /etc/nginx/sites-enabled/axiomworks.conf - rm -f /etc/nginx/sites-enabled/default - mkdir -p /var/www/axiomworks /var/log/axiomworks /opt/deploy - chown -R www-data:www-data /var/www/axiomworks - touch /var/log/axiomworks/deploy.log - chown www-data:www-data /var/log/axiomworks/deploy.log - chown -R player:player /home/player - fallocate -l 512M /swapfile && chmod 600 /swapfile && mkswap /swapfile && swapon /swapfile && echo '/swapfile none swap sw 0 0' >> /etc/fstab - sysctl -p /etc/sysctl.d/99-sc-hermes.conf - systemctl enable --now qemu-guest-agent ssh nginx - systemctl disable --now unattended-upgrades || true - systemctl disable --now apt-daily.timer apt-daily-upgrade.timer || true - systemctl disable --now ModemManager || true - systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target final_message: "Hermes web server is ready." EOF }