PersonaEngine

Plan¶

Step 1: Teardown¶

la-infra-cli decommission --domain persona.loopaware.com --vmid 107 --node la-vmh-12

Step 2: Provision DB + S3 (idempotent)¶

la-infra-cli db provision persona-engine
la-infra-cli garage create-bucket persona-engine

Step 3: Allocate IP¶

la-infra-cli ip next-free --project persona-engine --owner fredrick --domain persona.loopaware.com --purpose "PersonaEngine Laravel API" --vmid 107

Step 4: Create LXC¶

la-infra-cli proxmox create-lxc --vmid 107 --node la-vmh-12 debian-13 la-persona-engine-01 <NEW_IP>/16 10.32.0.1 --storage pve-12-disk --memory 2048 --cores 2

Step 5: Deploy code¶

la-infra-cli proxmox push-dir 107 /home/fredrick/PersonaEngine /var/www/PersonaEngine --user root --group root

Step 6: Configure inside LXC¶

la-infra-cli proxmox exec 107 -- "COMPOSER_ALLOW_SUPERUSER=1 composer install --no-dev --prefer-dist"
la-infra-cli proxmox exec 107 -- "php artisan key:generate --force"
# Set .env with DB/valkey/garage credentials
la-infra-cli proxmox exec 107 -- "php artisan migrate --force"

Step 7: Start services¶

la-infra-cli proxmox exec 107 -- "service nginx restart && service php8.4-fpm restart"

Step 8: Setup deploy key + git pull¶

Deploy key (ID 6) already on Forgejo. Write private key to LXC, configure SSH (Port 2222), verify git clone.

Step 9: Add ingress¶

la-infra-cli ingress add persona.loopaware.com <NEW_IP> 80 --cert loopaware.com.pem --https

Step 10: Update deploy.yml¶

Replace infra deploy with push-dir + exec git pull + exec composer install + `exec migrate"

Root Cause of Previous Failure¶

LXC 107 deployment used pct exec (from inside LXC) instead of pct push (from host side), causing ZFS ACL inheritance issues on /var/www (aclinherit=restricted + acltype=posix). All writes to /var/www from lxc-attach appeared to succeed but did not persist.

Key Fix¶

push-dir writes from the Proxmox host side via pct push, bypassing the ACL issue entirely.