completed local setup with compose

2025-11-26 13:17:17 +00:00
parent 8fe5e62fee
commit fdba81809f
87 changed files with 5610 additions and 3376 deletions
--- a/97
+++ b/97
@@ -15,10 +15,7 @@ help: ## Show this help message
 # Environment setup
 bootstrap: ## Bootstrap the development environment
 	@echo "🚀 Bootstrapping AI Tax Agent System..."
-	@if [ ! -f infra/compose/.env ]; then \
-		cp infra/compose/env.example infra/compose/.env; \
-		echo "📝 Created .env file from template"; \
-	fi
+	@./scripts/generate-secrets.sh
 	@mkdir -p data/{postgres,neo4j,qdrant,minio,vault,redis,prometheus,grafana,loki,authentik}
 	@mkdir -p logs/{services,infra}
 	@mkdir -p certs
@@ -32,6 +29,7 @@ networks: ## Create external Docker networks

 generate-secrets: ## Generate secure secrets for deployment
 	@./scripts/generate-secrets.sh
+	@ln -sf ../environments/local/.env infra/compose/.env

 setup-authentik: ## Configure Authentik SSO after deployment
 	@./scripts/setup-authentik.sh
@@ -39,19 +37,22 @@ setup-authentik: ## Configure Authentik SSO after deployment
 complete-authentik-setup: ## Complete Authentik initial setup and get API token
 	@./scripts/complete-authentik-setup.sh

-auto-setup-authentik: ## Automatically complete Authentik initial setup
-	@./scripts/auto-setup-authentik.sh
+

 setup-sso: ## Complete end-to-end SSO setup (setup + configuration)
 	@echo "🔐 Setting up complete SSO configuration..."
-	@echo "Step 1: Attempting automatic initial setup..."
-	@./scripts/auto-setup-authentik.sh || true
-	@echo "Step 2: Getting API token..."
+	@echo "Step 1: Completing Authentik initial setup..."
 	@./scripts/complete-authentik-setup.sh || true
+
 	@echo "Step 3: Importing blueprint configuration..."
 	@./scripts/setup-authentik.sh
+	@echo "Step 4: Configuring Vault OIDC..."
+	@./scripts/setup-vault.sh
 	@echo "🎉 SSO setup complete!"

+setup-vault: ## Configure Vault OIDC
+	@./scripts/setup-vault.sh
+
 fix-databases: ## Fix common database issues
 	@echo "🔧 Fixing database issues..."
 	@./scripts/fix-database-issues.sh
@@ -62,40 +63,40 @@ deploy-with-fixes: ## Deploy with all discovered fixes applied

 networks-clean: ## Remove external Docker networks
 	@echo "🧹 Removing external Docker networks..."
-	@docker network rm ai-tax-agent-frontend 2>/dev/null || true
-	@docker network rm ai-tax-agent-backend 2>/dev/null || true
+	@docker network rm apa-frontend 2>/dev/null || true
+	@docker network rm apa-backend 2>/dev/null || true
 	@echo "✅ Networks removed"

 # Development lifecycle
 run: ## Start all services in development mode
 	@echo "🏃 Starting AI Tax Agent System..."
-	@./scripts/deploy.sh
+	@./infra/scripts/deploy.sh local all

 run-simple: ## Start all services without fixes (original behavior)
 	@echo "🏃 Starting AI Tax Agent System (simple)..."
 	@./scripts/create-networks.sh
 	@./scripts/generate-dev-certs.sh
-	@cd infra/compose && docker compose -f docker-compose.local.yml up -d
+	@cd infra/compose && docker compose up -d
 	@echo "⏳ Waiting for services to be ready..."
 	@sleep 10
 	@make status
-	@echo "🔧 Run 'make setup-authentik' to configure SSO"
+	@echo "🔧 Run 'make setup-sso' to configure SSO"

 setup: generate-secrets deploy-infra ## Complete setup with secrets and infrastructure
 	@echo "🎉 Setup complete! Next steps:"
-	@echo "  1. Run 'make setup-authentik' to configure SSO"
+	@echo "  1. Run 'make setup-sso' to configure SSO"
 	@echo "  2. Run 'make deploy-services' to start application services"
-	@echo "  3. Access Authentik at https://auth.local"
+	@echo "  3. Access Authentik at https://auth.local.lan"
 	@echo ""
 	@echo "🎉 System is running!"
-	@echo "📊 Grafana: https://grafana.local"
-	@echo "🔐 Authentik: https://auth.local"
-	@echo "📝 Review UI: https://review.local"
+	@echo "📊 Grafana: https://grafana.local.lan"
+	@echo "🔐 Authentik: https://auth.local.lan"
+	@echo "📝 Review UI: https://review.local.lan"
 	@echo "🔧 Traefik Dashboard: http://localhost:8080"

 stop: ## Stop all services
 	@echo "🛑 Stopping AI Tax Agent System..."
-	@cd infra/compose && docker compose -f docker-compose.local.yml down
+	@cd infra/compose && docker compose down

 restart: ## Restart all services
 	@echo "🔄 Restarting AI Tax Agent System..."
@@ -105,30 +106,30 @@ restart: ## Restart all services
 # Build and deployment
 build: ## Build all Docker images
 	@echo "🔨 Building Docker images..."
-	@cd infra/compose && docker compose -f docker-compose.local.yml build --parallel
+	@cd infra/compose && docker compose build --parallel
 	@echo "✅ Build complete"

 build-service: ## Build specific service (usage: make build-service SERVICE=svc-ingestion)
 	@echo "🔨 Building $(SERVICE)..."
-	@cd infra/compose && docker compose -f docker-compose.local.yml build $(SERVICE)
+	@cd infra/compose && docker compose build $(SERVICE)
 	@echo "✅ Build complete for $(SERVICE)"

 deploy-infra: networks ## Deploy only infrastructure services
 	@echo "🏗️  Deploying infrastructure services..."
 	@./scripts/generate-dev-certs.sh
-	@cd infra/compose && docker compose -f docker-compose.local.yml up -d ata-traefik ata-postgres ata-redis ata-authentik-db ata-authentik-redis
+	@cd infra/compose && docker compose up -d apa-traefik apa-postgres apa-redis apa-authentik-db apa-authentik-redis
 	@echo "⏳ Waiting for databases..."
 	@sleep 15
 	@make fix-databases
-	@cd infra/compose && docker compose -f docker-compose.local.yml up -d ata-authentik-server ata-authentik-worker ata-authentik-outpost ata-vault ata-neo4j ata-qdrant ata-minio ata-prometheus ata-grafana ata-loki
+	@cd infra/compose && docker compose up -d apa-authentik-server apa-authentik-worker apa-authentik-outpost apa-vault apa-neo4j apa-qdrant apa-minio apa-prometheus apa-grafana apa-loki
 	@echo "✅ Infrastructure deployment complete"
 	@echo "⏳ Waiting for services to be ready..."
 	@sleep 30
-	@echo "🔧 Run 'make setup-authentik' to configure SSO"
+	@echo "🔧 Run 'make setup-sso' to configure SSO"

 deploy-services: ## Deploy only application services
 	@echo "🚀 Deploying application services..."
-	@cd infra/compose && docker compose -f docker-compose.local.yml up -d ata-svc-ingestion ata-svc-extract ata-svc-forms ata-svc-hmrc ata-svc-kg ata-svc-normalize-map ata-svc-ocr ata-svc-rag-indexer ata-svc-rag-retriever ata-svc-reason ata-svc-rpa ata-svc-firm-connectors ata-ui-review ata-unleash
+	@cd infra/compose && docker compose up -d apa-svc-ingestion apa-svc-extract apa-svc-forms apa-svc-hmrc apa-svc-kg apa-svc-normalize-map apa-svc-ocr apa-svc-rag-indexer apa-svc-rag-retriever apa-svc-reason apa-svc-rpa apa-svc-firm-connectors
 	@echo "✅ Services deployment complete"

 # Development tools
@@ -236,7 +237,7 @@ deploy-monitoring-prod: ## Deploy monitoring stack (production)
 seed: ## Seed the system with initial data
 	@echo "🌱 Seeding system with initial data..."
 	@echo "📊 Creating Neo4j constraints and indexes..."
-	@docker exec ata-neo4j cypher-shell -u neo4j -p $(NEO4J_PASSWORD) -f /var/lib/neo4j/import/schema.cypher 2>/dev/null || echo "Neo4j not ready"
+	@docker exec apa-neo4j cypher-shell -u neo4j -p $(NEO4J_PASSWORD) -f /var/lib/neo4j/import/schema.cypher 2>/dev/null || echo "Neo4j not ready"
 	@echo "🗂️ Creating Qdrant collections..."
 	@curl -X PUT "http://localhost:6333/collections/documents" -H "Content-Type: application/json" -d '{"vectors": {"size": 1536, "distance": "Cosine"}}' 2>/dev/null || echo "Qdrant not ready"
 	@echo "✅ Seeding complete"
@@ -247,7 +248,7 @@ seed-test-data: ## Load test data for development

 # Monitoring and debugging
 logs: ## Show logs from all services
-	@cd infra/compose && docker compose -f docker-compose.local.yml logs -f
+	@cd infra/compose && docker compose logs -f


 logs-service: ## Show logs from specific service (usage: make logs-service SERVICE=svc-extract)
@@ -255,22 +256,22 @@ logs-service: ## Show logs from specific service (usage: make logs-service SERVI
 		echo "❌ Please specify SERVICE (e.g., make logs-service SERVICE=svc-extract)"; \
 		exit 1; \
 	fi
-	@cd infra/compose && docker compose -f docker-compose.local.yml logs -f $(SERVICE)
+	@cd infra/compose && docker compose logs -f $(SERVICE)

 status: ## Show status of all services
 	@echo "📊 Service Status:"
-	@cd infra/compose && docker compose -f docker-compose.local.yml ps
+	@cd infra/compose && docker compose ps

 health: ## Check health of all services
 	@echo "🏥 Health Check:"
 	@echo "🔗 Traefik: $$(curl -s -o /dev/null -w '%{http_code}' http://localhost:8080/ping || echo 'DOWN')"
-	@echo "🗄️ PostgreSQL: $$(docker exec ata-postgres pg_isready -U postgres 2>/dev/null && echo 'UP' || echo 'DOWN')"
+	@echo "🗄️ PostgreSQL: $$(docker exec apa-postgres pg_isready -U postgres 2>/dev/null && echo 'UP' || echo 'DOWN')"
 	@echo "📊 Neo4j: $$(curl -s -o /dev/null -w '%{http_code}' http://localhost:7474 || echo 'DOWN')"
 	@echo "🔍 Qdrant: $$(curl -s -o /dev/null -w '%{http_code}' http://localhost:6333/health || echo 'DOWN')"
 	@echo "📦 MinIO: $$(curl -s -o /dev/null -w '%{http_code}' http://localhost:9000/minio/health/live || echo 'DOWN')"
 	@echo "🔐 Vault: $$(curl -s -o /dev/null -w '%{http_code}' http://localhost:8200/v1/sys/health || echo 'DOWN')"
-	@echo "🏃 Redis: $$(docker exec ata-redis redis-cli ping 2>/dev/null || echo 'DOWN')"
-	@echo "🔐 Authentik: $$(curl -s -k -o /dev/null -w '%{http_code}' https://auth.local || echo 'DOWN')"
+	@echo "🏃 Redis: $$(docker exec apa-redis redis-cli ping 2>/dev/null || echo 'DOWN')"
+	@echo "🔐 Authentik: $$(curl -s -k -o /dev/null -w '%{http_code}' https://auth.local.lan || echo 'DOWN')"

 verify: ## Run comprehensive infrastructure verification
 	@echo "🔍 Running infrastructure verification..."
@@ -282,24 +283,24 @@ troubleshoot: ## Run comprehensive troubleshooting and fixes

 restart-authentik: ## Restart Authentik components in correct order
 	@echo "🔄 Restarting Authentik components..."
-	@cd infra/compose && docker compose -f docker-compose.local.yml stop ata-authentik-server ata-authentik-worker ata-authentik-outpost
+	@cd infra/compose && docker compose stop apa-authentik-server apa-authentik-worker apa-authentik-outpost
 	@make fix-databases
-	@cd infra/compose && docker compose -f docker-compose.local.yml up -d ata-authentik-server
+	@cd infra/compose && docker compose up -d apa-authentik-server
 	@sleep 15
-	@cd infra/compose && docker compose -f docker-compose.local.yml up -d ata-authentik-worker ata-authentik-outpost
+	@cd infra/compose && docker compose up -d apa-authentik-worker apa-authentik-outpost
 	@echo "✅ Authentik restart complete"

 restart-unleash: ## Restart Unleash with database fixes
 	@echo "🔄 Restarting Unleash..."
-	@cd infra/compose && docker compose -f docker-compose.local.yml stop ata-unleash
+	@cd infra/compose && docker compose stop apa-unleash
 	@make fix-databases
-	@cd infra/compose && docker compose -f docker-compose.local.yml up -d ata-unleash
+	@cd infra/compose && docker compose up -d apa-unleash
 	@echo "✅ Unleash restart complete"

 # Cleanup
 clean: ## Clean up containers, volumes, and networks
 	@echo "🧹 Cleaning up..."
-	@cd infra/compose && docker compose -f docker-compose.local.yml down -v --remove-orphans
+	@cd infra/compose && docker compose down -v --remove-orphans
 	@docker system prune -f
 	@echo "✅ Cleanup complete"

@@ -320,13 +321,13 @@ shell: ## Open shell in specific service (usage: make shell SERVICE=svc-extract)
 	@docker exec -it $(SERVICE) /bin/bash

 db-shell: ## Open PostgreSQL shell
-	@docker exec -it ata-postgres psql -U postgres -d tax_system
+	@docker exec -it apa-postgres psql -U postgres -d tax_system

 neo4j-shell: ## Open Neo4j shell
-	@docker exec -it ata-neo4j cypher-shell -u neo4j -p $(NEO4J_PASSWORD)
+	@docker exec -it apa-neo4j cypher-shell -u neo4j -p $(NEO4J_PASSWORD)

 redis-shell: ## Open Redis shell
-	@docker exec -it ata-redis redis-cli
+	@docker exec -it apa-redis redis-cli

 # Documentation
 docs: ## Generate documentation
@@ -361,9 +362,9 @@ load-test: ## Run load tests
 backup: ## Create backup of all data
 	@echo "💾 Creating backup..."
 	@mkdir -p backups/$$(date +%Y%m%d_%H%M%S)
-	@docker exec ata-postgres pg_dump -U postgres tax_system > backups/$$(date +%Y%m%d_%H%M%S)/postgres.sql
-	@docker exec ata-neo4j neo4j-admin dump --database=neo4j --to=/tmp/neo4j.dump
-	@docker cp ata-neo4j:/tmp/neo4j.dump backups/$$(date +%Y%m%d_%H%M%S)/
+	@docker exec apa-postgres pg_dump -U postgres tax_system > backups/$$(date +%Y%m%d_%H%M%S)/postgres.sql
+	@docker exec apa-neo4j neo4j-admin dump --database=neo4j --to=/tmp/neo4j.dump
+	@docker cp apa-neo4j:/tmp/neo4j.dump backups/$$(date +%Y%m%d_%H%M%S)/
 	@echo "✅ Backup created in backups/ directory"

 restore: ## Restore from backup (usage: make restore BACKUP=20240101_120000)
@@ -374,9 +375,9 @@ restore: ## Restore from backup (usage: make restore BACKUP=20240101_120000)
 	@echo "📥 Restoring from backup $(BACKUP)..."
 	@echo "⚠️ This will overwrite existing data!"
 	@read -p "Are you sure? (y/N): " confirm && [ "$$confirm" = "y" ] || exit 1
-	@docker exec -i ata-postgres psql -U postgres -d tax_system < backups/$(BACKUP)/postgres.sql
-	@docker cp backups/$(BACKUP)/neo4j.dump ata-neo4j:/tmp/
-	@docker exec ata-neo4j neo4j-admin load --database=neo4j --from=/tmp/neo4j.dump --force
+	@docker exec -i apa-postgres psql -U postgres -d tax_system < backups/$(BACKUP)/postgres.sql
+	@docker cp backups/$(BACKUP)/neo4j.dump apa-neo4j:/tmp/
+	@docker exec apa-neo4j neo4j-admin load --database=neo4j --from=/tmp/neo4j.dump --force
 	@echo "✅ Restore complete"

 # Environment variables