- Fix deploy script to handle non-git directories by cloning to temp
location and moving contents, preserving .env files during clone
- Remove comment lines from env.j2 template to prevent xargs errors
- Add initial deploy task to app_setup role to ensure app is deployed
before service starts
- Fix migrate command precedence to check env-specific overrides first
- Add sudo to systemctl restart commands in deploy script
- Update documentation with project-specific configuration notes
These changes improve deployment reliability for all app projects while
adding support for mirrormatch-specific requirements (db:push, seeding).
All changes are backward-compatible with existing projects (pote, punimTag).
## Summary
This PR adds comprehensive support for deploying the **POTE** application project via Ansible, along with improvements to IP conflict detection and a new app stack provisioning system for Proxmox-managed LXC containers.
## Key Features
### 🆕 New Roles
- **`roles/pote`**: Python/venv deployment role for POTE (PostgreSQL, cron jobs, Alembic migrations)
- **`roles/app_setup`**: Generic app deployment role (Node.js/systemd)
- **`roles/base_os`**: Base OS hardening role
### 🛡️ Safety Improvements
- IP uniqueness validation within projects
- Proxmox-side IP conflict detection
- Enhanced error messages for IP conflicts
### 📦 New Playbooks
- `playbooks/app/site.yml`: End-to-end app stack deployment
- `playbooks/app/provision_vms.yml`: Proxmox guest provisioning
- `playbooks/app/configure_app.yml`: OS + application configuration
## Security
- ✅ All secrets stored in encrypted vault.yml
- ✅ Deploy keys excluded via .gitignore
- ✅ No plaintext secrets committed
## Testing
- ✅ POTE successfully deployed to dev/qa/prod environments
- ✅ All components validated (Git, PostgreSQL, cron, migrations)
Co-authored-by: ilia <ilia@levkin.ca>
Reviewed-on: #3
- Modify ansible.cfg to increase SSH connection retries from 2 to 3 and add a connection timeout setting for better reliability.
- Enhance auto-fallback.sh script to provide detailed feedback during IP connectivity tests, including clearer status messages for primary and fallback IP checks.
- Update documentation to reflect changes in connectivity testing and fallback procedures.
These updates improve the robustness of the connectivity testing process and ensure smoother operations during IP failover scenarios.
