# N8N SSH Setup - Run validate-settings.sh

## Overview

Use n8n's SSH node to run the validation script on localhost.

## Prerequisites

✅ SSH is running on localhost (confirmed)
✅ User `garfield` exists

## Setup Steps

### 1. Create SSH Key for n8n (Recommended)

```bash
# Generate SSH key (no passphrase for automation)
ssh-keygen -t ed25519 -f ~/.ssh/n8n_key -N ""

# Copy public key to authorized_keys
cat ~/.ssh/n8n_key.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

# Test connection
ssh -i ~/.ssh/n8n_key garfield@localhost "echo 'SSH works!'"
```

### 2. Import Workflow

1. Open n8n: http://localhost:5678
2. Click **"Add Workflow"**
3. Click **"Import from File"**
4. Select: `n8n-workflow-ssh-local.json`

### 3. Configure SSH Credentials

In n8n:
1. Click the **"SSH - Run Validation"** node
2. Click **"Create New Credential"**
3. Choose **"SSH Password"** (or SSH Private Key if you created one)
4. Enter:
   - **Host:** `localhost`
   - **Port:** `22`
   - **User:** `garfield`
   - **Password:** Your user password (or path to private key)

### 4. Configure Telegram (Optional)

1. Get bot token from @BotFather
2. Get chat ID from @userinfobot
3. Add Telegram credentials in n8n

### 5. Activate

1. Toggle **"Active"** in top-right
2. Click **"Save"**

## Testing

### Manual Trigger

Click **"Execute Workflow"** to test immediately.

### Check Output

The SSH node will return:
- `stdout`: Script output
- `code`: Exit code (0 = success, >0 = issues found)

## Alternative: Simple HTTP Endpoint

If SSH doesn't work, create a simple HTTP endpoint:

### 1. Create API Script

```bash
sudo tee /usr/local/bin/mql-validate-api.sh << 'EOF'
#!/bin/bash
echo "Content-Type: application/json"
echo ""
cd /home/garfield/mql-trading-bots
OUTPUT=$(./scripts/validate-settings.sh 2>&1)
CODE=$?

if [ $CODE -eq 0 ]; then
    echo '{"status":"ok","message":"All checks passed"}'
else
    echo "{\"status\":\"error\",\"code\":$CODE,\"message\":\"Issues found\",\"stdout\":\"$OUTPUT\"}"
fi
EOF
sudo chmod +x /usr/local/bin/mql-validate-api.sh
```

### 2. Setup Python HTTP Server

```bash
cd /home/garfield/mql-trading-bots
python3 -m http.server 8080 &
```

### 3. Use HTTP Request Node

Import: `n8n-workflow-http.json`

## Troubleshooting

### "Connection refused" error
```bash
# Check SSH is listening
sudo systemctl status sshd

# Check port
netstat -tlnp | grep 22
```

### "Permission denied" error
```bash
# Check file permissions
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
```

### Script not found
```bash
# Verify path
ls -la /home/garfield/mql-trading-bots/scripts/validate-settings.sh
```

## Security Notes

- Use SSH keys instead of passwords when possible
- Restrict n8n key to only run validation script in `~/.ssh/authorized_keys`:
  ```
  command="/home/garfield/mql-trading-bots/scripts/validate-settings.sh",no-pty,no-port-forwarding ssh-ed25519 AAAAC3... n8n@local
  ```
- Keep n8n behind firewall/VPN

## Manual Test

Test the script manually:
```bash
/home/garfield/mql-trading-bots/scripts/validate-settings.sh
echo "Exit code: $?"
```