From 87b2fc074bb8828e808111471d731fbefeec9c29 Mon Sep 17 00:00:00 2001 From: Garfield Date: Sun, 14 Jun 2026 12:45:44 -0400 Subject: [PATCH] docs(runbooks): update fix log with Gitea install lock, image upgrade, and push steps --- docs/runbooks/2026-06-14-outage-fix-log.md | 49 ++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/docs/runbooks/2026-06-14-outage-fix-log.md b/docs/runbooks/2026-06-14-outage-fix-log.md index e573541..9a292f0 100644 --- a/docs/runbooks/2026-06-14-outage-fix-log.md +++ b/docs/runbooks/2026-06-14-outage-fix-log.md @@ -353,8 +353,57 @@ GET /auth/tiktok/start -> 302 --- +## 9. Push documentation to Gitea + +After committing the runbooks to the local `hermes-mcp` repo, the push to `git.fetcherpay.com` failed because: +1. The Gitea instance was in install mode (`INSTALL_LOCK = false` in the runtime `/etc/gitea/app.ini`). +2. The configured image `gitea/gitea:1.22-rootless` had a DB migration version (299) older than the existing database (321), causing Gitea to exit on startup once install lock was enabled. + +### Changes made + +**File:** `/home/garfield/Downloads/docker-compose.prod.yml` + +- Added environment variable to lock installation: + ```yaml + environment: + ... + - GITEA__security__INSTALL_LOCK=true + ``` +- Upgraded Gitea image: + ```yaml + image: gitea/gitea:1.24.6-rootless + ``` +- SSH host port already changed from `2222:22` to `22222:22` (see step 6). + +### Commands + +```bash +# Recreate Gitea with the updated config/image +cd /home/garfield/Downloads +export ... # (same env vars as step 4) +docker compose -p fetcherpay -f docker-compose.prod.yml up -d gitea + +# Create the hermes-mcp repository under the existing Gitea admin user +TOKEN=$(docker exec gitea gitea --config /data/gitea/conf/app.ini admin user generate-access-token \ + --username yuukiii --token-name deployment-push --raw --scopes write:user,write:repository,write:admin) +curl -X POST "https://git.fetcherpay.com/api/v1/user/repos" \ + -H "Authorization: token $TOKEN" \ + -H "Content-Type: application/json" \ + -d '{"name":"hermes-mcp","private":false,"description":"Hermes MCP / SquareMCP monorepo"}' + +# Push the runbook commit and update the local remote +cd /home/garfield/hermes-mcp +git push https://yuukiii:${TOKEN}@git.fetcherpay.com/yuukiii/hermes-mcp.git main +git remote set-url origin https://git.fetcherpay.com/yuukiii/hermes-mcp.git +``` + +**Result:** `main` branch with the runbooks is now live at `https://git.fetcherpay.com/yuukiii/hermes-mcp`. + +--- + ## Notes / gotchas - `/api/pilot-request` is `POST`-only. A `GET` request returns `404`, which is expected. - The `/auth/tiktok` routes are `/auth/tiktok/start` and `/auth/tiktok/callback`; the Traefik `PathPrefix(`/auth/tiktok`)` rule correctly forwards both. - Static certificate extraction required root access; Docker root containers were used when `sudo` began prompting for a password. +- The local git remote was updated from the non-existent `garfield/hermes-mcp` path to `yuukiii/hermes-mcp` because the only existing Gitea admin user is `yuukiii`.