harkon/ai-tax-agent
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit
Some checks failed
CI/CD Pipeline / Code Quality & Linting (push) Has been cancelled
Details
CI/CD Pipeline / Policy Validation (push) Has been cancelled
Details
CI/CD Pipeline / Test Suite (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-coverage) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-extract) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-firm-connectors) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-forms) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-hmrc) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-ingestion) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-kg) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-normalize-map) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-ocr) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-rag-indexer) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-rag-retriever) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-reason) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-rpa) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (ui-review) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (svc-coverage) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (svc-extract) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (svc-kg) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (svc-rag-retriever) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (ui-review) (push) Has been cancelled
Details
CI/CD Pipeline / Generate SBOM (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
Details
CI/CD Pipeline / Notifications (push) Has been cancelled
Details

Browse Source
This commit is contained in:
harkon
2025-10-11 08:41:36 +01:00
commit b324ff09ef
276 changed files with 55220 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

241
infra/scripts/deploy.sh Executable file
View File

@@ -0,0 +1,241 @@
#!/bin/bash
# AI Tax Agent Infrastructure Deployment Script
# Supports multiple environments: local, development, production
set -e
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# Logging functions
log_info() {
echo -e "${BLUE} $1${NC}"
}
log_success() {
echo -e "${GREEN}$1${NC}"
}
log_warning() {
echo -e "${YELLOW}⚠️ $1${NC}"
}
log_error() {
echo -e "${RED}$1${NC}"
}
# Script directory
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
INFRA_DIR="$(dirname "$SCRIPT_DIR")"
PROJECT_ROOT="$(dirname "$INFRA_DIR")"
# Usage
usage() {
cat << EOF
Usage: $0 <environment> <stack> [options]
Environments:
local - Local development (localhost)
development - Development server (dev.harkon.co.uk)
production - Production server (harkon.co.uk)
Stacks:
all - Deploy all stacks
infrastructure - Core infrastructure (Vault, MinIO, DBs, Redis, NATS)
monitoring - Monitoring stack (Prometheus, Grafana, Loki)
services - Application services
external - External services (Traefik, Authentik, Gitea)
down - Stop and remove all stacks
Options:
--build - Build images before deploying
--pull - Pull images before deploying
--force - Force recreate containers
Examples:
$0 local all
$0 production infrastructure
$0 development services --build
$0 production down
EOF
exit 1
}
# Check arguments
if [ $# -lt 2 ]; then
usage
fi
ENVIRONMENT=$1
STACK=$2
shift 2
# Validate environment
case $ENVIRONMENT in
local|development|production)
;;
*)
log_error "Invalid environment: $ENVIRONMENT"
usage
;;
esac
# Paths
ENV_FILE="$INFRA_DIR/environments/$ENVIRONMENT/.env"
BASE_DIR="$INFRA_DIR/base"
# Check if environment file exists
if [ ! -f "$ENV_FILE" ]; then
log_error "Environment file not found: $ENV_FILE"
log_info "Copy from template: cp $INFRA_DIR/environments/$ENVIRONMENT/.env.example $ENV_FILE"
exit 1
fi
# Load environment variables
set -a
source "$ENV_FILE"
set +a
log_info "Deploying AI Tax Agent Infrastructure"
echo " Environment: $ENVIRONMENT"
echo " Stack: $STACK"
echo " Env File: $ENV_FILE"
echo ""
# Docker Compose command builder
compose_cmd() {
local file=$1
shift
docker compose -f "$BASE_DIR/$file" --env-file "$ENV_FILE" --project-name "ai-tax-agent-$ENVIRONMENT" "$@"
}
# Deploy infrastructure stack
deploy_infrastructure() {
log_info "Deploying infrastructure stack..."
compose_cmd "infrastructure.yaml" up -d "$@"
log_success "Infrastructure stack deployed"
}
# Deploy monitoring stack
deploy_monitoring() {
log_info "Deploying monitoring stack..."
compose_cmd "monitoring.yaml" up -d "$@"
log_success "Monitoring stack deployed"
}
# Deploy services stack
deploy_services() {
log_info "Deploying services stack..."
compose_cmd "services.yaml" up -d "$@"
log_success "Services stack deployed"
}
# Deploy external services stack
deploy_external() {
log_info "Deploying external services stack..."
if [ "$ENVIRONMENT" = "production" ] || [ "$ENVIRONMENT" = "development" ]; then
log_warning "External services (Traefik, Authentik, Gitea) may already exist on this server"
read -p "Do you want to deploy external services? (y/N) " -n 1 -r
echo
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
log_info "Skipping external services"
return
fi
fi
compose_cmd "external.yaml" up -d "$@"
log_success "External services stack deployed"
}
# Stop all stacks
stop_all() {
log_info "Stopping all stacks..."
if [ -f "$BASE_DIR/services.yaml" ]; then
compose_cmd "services.yaml" down
fi
if [ -f "$BASE_DIR/monitoring.yaml" ]; then
compose_cmd "monitoring.yaml" down
fi
if [ -f "$BASE_DIR/infrastructure.yaml" ]; then
compose_cmd "infrastructure.yaml" down
fi
if [ -f "$BASE_DIR/external.yaml" ]; then
log_warning "External services not stopped (may be shared)"
fi
log_success "All stacks stopped"
}
# Deploy all stacks
deploy_all() {
log_info "Deploying all stacks..."
# Check if networks exist
if ! docker network inspect frontend >/dev/null 2>&1; then
log_warning "Network 'frontend' does not exist. Creating..."
docker network create frontend
fi
if ! docker network inspect backend >/dev/null 2>&1; then
log_warning "Network 'backend' does not exist. Creating..."
docker network create backend
fi
# Deploy in order
deploy_infrastructure "$@"
sleep 5
deploy_monitoring "$@"
sleep 5
deploy_services "$@"
log_success "All stacks deployed successfully!"
echo ""
log_info "Access your services:"
echo " - Grafana: https://grafana.$DOMAIN"
echo " - Prometheus: https://prometheus.$DOMAIN"
echo " - Vault: https://vault.$DOMAIN"
echo " - MinIO: https://minio.$DOMAIN"
echo " - UI Review: https://ui-review.$DOMAIN"
}
# Main deployment logic
case $STACK in
all)
deploy_all "$@"
;;
infrastructure)
deploy_infrastructure "$@"
;;
monitoring)
deploy_monitoring "$@"
;;
services)
deploy_services "$@"
;;
external)
deploy_external "$@"
;;
down)
stop_all
;;
*)
log_error "Invalid stack: $STACK"
usage
;;
esac
log_success "Deployment complete!"

178
infra/scripts/reorganize-structure.sh Executable file
View File

@@ -0,0 +1,178 @@
#!/bin/bash
# Script to reorganize infrastructure from old structure to new structure
# This is a helper script to move files around
set -e
# Colors
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
RED='\033[0;31m'
NC='\033[0m'
log_info() {
echo -e "${BLUE} $1${NC}"
}
log_success() {
echo -e "${GREEN}$1${NC}"
}
log_warning() {
echo -e "${YELLOW}⚠️ $1${NC}"
}
log_error() {
echo -e "${RED}$1${NC}"
}
# Script directory
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
INFRA_DIR="$(dirname "$SCRIPT_DIR")"
PROJECT_ROOT="$(dirname "$INFRA_DIR")"
log_info "Reorganizing infrastructure structure..."
echo " Infra Dir: $INFRA_DIR"
echo ""
# Step 1: Create directory structure (already done by mkdir command)
log_info "Step 1: Verifying directory structure..."
if [ -d "$INFRA_DIR/base" ] && [ -d "$INFRA_DIR/environments" ]; then
log_success "Directory structure exists"
else
log_error "Directory structure not found. Run: mkdir -p infra/{base,environments/{local,development,production},configs/{traefik,grafana,prometheus,loki,vault,authentik},certs/{local,development,production}}"
exit 1
fi
# Step 2: Move config files
log_info "Step 2: Moving configuration files..."
# Traefik configs
if [ -d "$INFRA_DIR/traefik" ] && [ ! -f "$INFRA_DIR/configs/traefik/.moved" ]; then
log_info " Moving Traefik configs..."
cp -r "$INFRA_DIR/traefik/"* "$INFRA_DIR/configs/traefik/" 2>/dev/null || true
touch "$INFRA_DIR/configs/traefik/.moved"
log_success " Traefik configs moved"
fi
# Grafana configs
if [ -d "$INFRA_DIR/grafana" ] && [ ! -f "$INFRA_DIR/configs/grafana/.moved" ]; then
log_info " Moving Grafana configs..."
cp -r "$INFRA_DIR/grafana/"* "$INFRA_DIR/configs/grafana/" 2>/dev/null || true
touch "$INFRA_DIR/configs/grafana/.moved"
log_success " Grafana configs moved"
fi
# Prometheus configs
if [ -d "$INFRA_DIR/prometheus" ] && [ ! -f "$INFRA_DIR/configs/prometheus/.moved" ]; then
log_info " Moving Prometheus configs..."
cp -r "$INFRA_DIR/prometheus/"* "$INFRA_DIR/configs/prometheus/" 2>/dev/null || true
touch "$INFRA_DIR/configs/prometheus/.moved"
log_success " Prometheus configs moved"
fi
# Loki configs
if [ -d "$INFRA_DIR/loki" ] && [ ! -f "$INFRA_DIR/configs/loki/.moved" ]; then
log_info " Moving Loki configs..."
cp -r "$INFRA_DIR/loki/"* "$INFRA_DIR/configs/loki/" 2>/dev/null || true
touch "$INFRA_DIR/configs/loki/.moved"
log_success " Loki configs moved"
fi
# Promtail configs
if [ -d "$INFRA_DIR/promtail" ] && [ ! -f "$INFRA_DIR/configs/promtail/.moved" ]; then
log_info " Moving Promtail configs..."
mkdir -p "$INFRA_DIR/configs/promtail"
cp -r "$INFRA_DIR/promtail/"* "$INFRA_DIR/configs/promtail/" 2>/dev/null || true
touch "$INFRA_DIR/configs/promtail/.moved"
log_success " Promtail configs moved"
fi
# Vault configs
if [ -d "$INFRA_DIR/vault" ] && [ ! -f "$INFRA_DIR/configs/vault/.moved" ]; then
log_info " Moving Vault configs..."
cp -r "$INFRA_DIR/vault/"* "$INFRA_DIR/configs/vault/" 2>/dev/null || true
touch "$INFRA_DIR/configs/vault/.moved"
log_success " Vault configs moved"
fi
# Authentik configs
if [ -d "$INFRA_DIR/authentik" ] && [ ! -f "$INFRA_DIR/configs/authentik/.moved" ]; then
log_info " Moving Authentik configs..."
cp -r "$INFRA_DIR/authentik/"* "$INFRA_DIR/configs/authentik/" 2>/dev/null || true
touch "$INFRA_DIR/configs/authentik/.moved"
log_success " Authentik configs moved"
fi
# Step 3: Move certificates
log_info "Step 3: Moving certificates..."
if [ -d "$INFRA_DIR/certs" ] && [ -f "$INFRA_DIR/certs/local.crt" ]; then
log_info " Moving local certificates..."
cp "$INFRA_DIR/certs/local.crt" "$INFRA_DIR/certs/local/" 2>/dev/null || true
cp "$INFRA_DIR/certs/local.key" "$INFRA_DIR/certs/local/" 2>/dev/null || true
log_success " Certificates moved"
fi
# Step 4: Update base compose files paths
log_info "Step 4: Updating base compose file paths..."
# Update infrastructure.yaml
if [ -f "$INFRA_DIR/base/infrastructure.yaml" ]; then
log_info " Updating infrastructure.yaml paths..."
# This would require sed commands to update volume paths
# For now, just log that manual update may be needed
log_warning " Manual review recommended for volume paths"
fi
# Step 5: Create .gitignore for sensitive files
log_info "Step 5: Creating .gitignore..."
cat > "$INFRA_DIR/.gitignore" << 'EOF'
# Environment files (contain secrets)
environments/*/.env
!environments/*/.env.example
# Certificates
certs/*/
!certs/.gitkeep
# Traefik provider credentials
configs/traefik/.provider.env
# Backup files
*.backup
*.tmp
# Docker volumes (if mounted locally)
volumes/
# Logs
*.log
EOF
log_success ".gitignore created"
# Step 6: Create .gitkeep files
log_info "Step 6: Creating .gitkeep files..."
touch "$INFRA_DIR/certs/local/.gitkeep"
touch "$INFRA_DIR/certs/development/.gitkeep"
touch "$INFRA_DIR/certs/production/.gitkeep"
log_success ".gitkeep files created"
# Step 7: Summary
echo ""
log_success "Reorganization complete!"
echo ""
log_info "Next steps:"
echo " 1. Review moved files in configs/ directory"
echo " 2. Update compose file paths if needed"
echo " 3. Create environment files:"
echo " cp infra/environments/local/.env.example infra/environments/local/.env"
echo " cp infra/environments/development/.env.example infra/environments/development/.env"
echo " 4. Test deployment:"
echo " ./infra/scripts/deploy.sh local infrastructure"
echo ""
log_warning "Old directories (traefik/, grafana/, etc.) are preserved for safety"
log_warning "You can remove them after verifying the new structure works"
echo ""

48
infra/scripts/setup-networks.sh Executable file
View File

@@ -0,0 +1,48 @@
#!/bin/bash
# Setup Docker Networks for AI Tax Agent
# Creates frontend and backend networks if they don't exist
set -e
# Colors
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() {
echo -e "${BLUE} $1${NC}"
}
log_success() {
echo -e "${GREEN}$1${NC}"
}
log_warning() {
echo -e "${YELLOW}⚠️ $1${NC}"
}
log_info "Setting up Docker networks..."
# Create frontend network
if docker network inspect frontend >/dev/null 2>&1; then
log_warning "Network 'frontend' already exists"
else
docker network create frontend
log_success "Created network 'frontend'"
fi
# Create backend network
if docker network inspect backend >/dev/null 2>&1; then
log_warning "Network 'backend' already exists"
else
docker network create backend
log_success "Created network 'backend'"
fi
log_success "Docker networks ready!"
echo ""
log_info "Networks:"
docker network ls | grep -E "frontend|backend"