Seth/sethmux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(docs): correct deploy topology — static assets live on caddy CT, not steel141

Browse Source 
Wrong-path correction: previous DECISIONS.md and handoff said
toolbar.js deploys to /opt/sethmux/ 'on this host'. Caddy's
'root * /opt/sethmux' resolves against Caddy's filesystem, which is
on the caddy CT (192.168.0.185), not steel141. Deployed copy on
steel141 was harmless but unused; the served file came from caddy CT.

Symptom: 'mux.sethpc.xyz looks the same' after a successful steel141
'cp'. Resolution: scp static/toolbar.js caddy:/opt/sethmux/.

DECISIONS.md now documents the two-host split (Caddy serves static
assets from its own disk; ttyd on steel141 serves --index).
This commit is contained in:
Mortdecai
2026-04-25 00:17:00 -04:00
parent 8a9d89bed5
commit 06c1ebbc7f
2 changed files with 15 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.claude/handoffs/2026-04-24-195210-toolbar-workspace-dark-refresh-deploy.md
+2 -2
View File
@@ -116,8 +116,8 @@ ttyd serves only `--index /opt/sethmux/index.html` and the websocket — **toolb
## Important Context
- **Deployments are MANUAL.** Editing `static/toolbar.js` does not ship until `sudo cp static/toolbar.js /opt/sethmux/toolbar.js`. The Mar 26 → Mar 28 drift this session uncovered (3 toolbar fixes committed but never deployed) suggests this footgun has been hit before.
- **toolbar.js is served by Caddy from `/opt/sethmux/`, not by ttyd.** The systemd unit's `--index /opt/sethmux/index.html` only sets ttyd's index page; everything else under `/opt/sethmux/` is `file_server`'d by Caddy. Consequence: no daemon restart on toolbar changes.
- **Deployments are MANUAL and split across TWO hosts.** Static assets Caddy serves directly (`toolbar.js`, `manifest.json`, `icon-*.png`) live in `/opt/sethmux/` on **caddy CT** (192.168.0.185). Index and notify-server live in `/opt/sethmux/` on **steel141**. Same path, different filesystems. **First deploy this session went to the wrong host** (steel141 only) — symptom was "looks the same" because Caddy was still serving the old file from its own /opt/sethmux/. Correct deploy: `scp static/toolbar.js caddy:/opt/sethmux/`. The Mar 26 → Mar 28 drift this session uncovered (3 toolbar fixes committed but never deployed) suggests this footgun has been hit before — same root cause.
- **toolbar.js is served by Caddy from caddy-CT's `/opt/sethmux/`, not by ttyd.** The systemd unit's `--index /opt/sethmux/index.html` (on steel141) only sets ttyd's index page; static assets are `file_server`'d by Caddy, on Caddy's own filesystem. No daemon restart on toolbar changes.
- **The pre-commit hook (`detect-secrets-hook`, configured at `~/.config/git/hooks/pre-commit`) flags SRI hashes as base64 high-entropy strings.** When adding new HTML with `integrity="sha384-..."` script tags, regenerate baseline with `detect-secrets scan --all-files --exclude-files '\.git/|\.secrets\.baseline$' > .secrets.baseline` before committing. NEVER use `--no-verify` — global rule.
- **The compose bar and the helper-textarea hardening are complementary, not redundant.** Compose bar = autocorrect-friendly typing surface. Helper-textarea hardening = prevents Gboard from corrupting per-keystroke chord/arrow taps. Both stay.
- **Authentik blocks unauthenticated curl** to mux.sethpc.xyz. To verify deploys via HTTP, you'd need an auth token; otherwise, file-hash on disk is the verification path.