# Anais de Referência — VM123 Finance Stack · FOSS + Odoo + OpenPanel (Spec 024) **Data:** 2026-06-17 **Utilizador:** Roger **Projeto:** Ligbox Ops Platform · VM123 (`10.10.10.123`) **Spec:** `specs/024-openpanel-fossbilling/` **Deploy:** `deploy/vm123-finance-stack/` --- ## Decisões desta sessão | Tema | Decisão | |------|---------| | Stack | FOSSBilling + Odoo 16 (Docker) + OpenPanel (bare metal) | | Domínios | **Opção B** — marca `ligbox.com.br` | | FOSSBilling | `https://financeiro.ligbox.com.br/foss` | | Odoo 16 | `https://financeiro.ligbox.com.br/odoo` | | OpenPanel | `https://openpanel.ligbox.com.br` (subdomínio dedicado) | | Integração | FOSS → OpenPanel via API :2087 (módulo GitHub) | | Odoo | ERP interno — sync com FOSS/OpenPanel = fase 2 | --- ## Estado VM123 (2026-06-17) | Item | Status | |------|--------| | VM Proxmox 123 `vm123-finance` | ✅ running | | IP / GW | `10.10.10.123/24` · gw `10.10.10.1` | | SSH LAN | ✅ `root@10.10.10.123` | | Bootstrap (swap, fail2ban, UFW) | ✅ | | DNS fix pós-clone | ✅ `resolv.conf` estático `1.1.1.8` | | Docker FOSS + Odoo | ✅ ports `:8092` `:8069` | | Wizard FOSS / Odoo | ⏳ pendente | | OpenPanel install | ⏳ pendente | | Traefik CT114 rotas | ⏳ pendente confirmação Roger | | DNS Cloudflare | ⏳ pendente | | DNAT SSH WAN `:2523` | ⏳ pendente pfSense | **OS:** Debian 13 (clone VM121) · **RAM:** 4 GB + swap 2 GB · **Disco:** ~60 GB --- ## Arquitectura ``` Traefik CT114 │ ├── financeiro.ligbox.com.br/foss → VM123:8092 (FOSSBilling) ├── financeiro.ligbox.com.br/odoo → VM123:8069 (Odoo 16) └── openpanel.ligbox.com.br → VM123:2083 (OpenPanel host) VM123 Docker: fossbilling + mariadb + odoo + postgres VM123 host: OpenPanel Enterprise (NÃO Docker) FOSSBilling ──API :2087──► OpenPanel (provisionar hosting) Desk VM122 ──links──► financeiro.ligbox.com.br/foss ``` --- ## Credenciais Ficheiro dedicado (mesmo conteúdo): `CREDENCIAIS_LIGBOX_OPS_AMBIENTES_20260617.txt` ### Desk VM122 — `desk.ligbox.com.br` | User | Senha | Papel | |------|-------|-------| | root | `gsq9qtIUD6SQ45Egm8yP` | super_admin | | admin | `gsq9qtIUD6SQ45Egm8yP` | ops_lead | | mini | `gsq9qtIUD6SQ45Egm8yP` | technician | | noc | `gsq9qtIUD6SQ45Egm8yP` | noc | SSH Linux VM122: `root` / `805353` **Nota:** `805353` não funciona no login Desk (rotacionada 2026-06-10). ### VM123 Finance — `10.10.10.123` | User | Senha | Uso | |------|-------|-----| | root | `805353` | SSH | | admin | `805353` | sudo | | mini | `805353` | automação | **Docker `.env`** (`/opt/vm123-finance-stack/.env`): | Variável | Valor | |----------|-------| | FOSS_MARIADB_PASSWORD | `LbFoss9367c416` | | ODOO_DB_PASSWORD | `LbOdood9ca25c3` | | FOSSBILLING_URL | `https://financeiro.ligbox.com.br/foss` | | ODOO_URL | `https://financeiro.ligbox.com.br/odoo` | | OPENPANEL_DOMAIN | `openpanel.ligbox.com.br` | FOSSBilling admin / Odoo master: **ainda não configurados** (wizards). ### Wizard VM112 — `10.10.10.112` | User | Senha | |------|-------| | root SSH | `@betinplace` | API admin key: `ibytera-corp-api-key-change-later` ### Traefik CT114 — `10.10.10.114` | User | Senha | |------|-------| | root SSH | `805353` | ### Proxmox — `10.10.10.2:8006` | User | Senha | |------|-------| | root@pam | `@betinplace` | SSH host: fechado · API: OK ### pfSense API | User | Senha | |------|-------| | api_cursor | `805353` | | user_api | `@betinplace` | URL: `https://firewall.itecnologys.com/api/v2/` API Key: `7015072cb259165a3ac4b304f556d035` ### Tokens internos Desk (`.env` VM122) | Item | Valor | |------|-------| | JWT_SECRET | `e4b303fe43f8b24b1d924f5ab235d2cea3657b6cd132c925ce60280c64c87ade` | | OPS_INTERNAL_TOKEN | `128b96e7c12d9b391edbc727880fbdc905b60fa59b52a865` | | WEBHOOK_SECRET | `ligbox-ops-dev-secret` | | VM112_ASSIST_TOKEN | `ligbox-desk-assist-7f3a9c2e1b8d4f06` | | DESK_BOOTSTRAP_PASSWORD | `gsq9qtIUD6SQ45Egm8yP` | ### Cloudflare API | Conta | Token | |-------|-------| | DNS ligbox | `EYH0ZbKTI41f1O0EoW5uxGUUCA3-Fsrt6b4-1xYJ` | | ligbox.com.br | `UBvRO4URpoGPH-vgjVRfKWOpklvmD9vV9PRX43mP` | | DNS extra | `cGjq1sABVWq98eiq9DZACleefcVBBGwpR9Foh3X8` | ### Odoo V16 (API externa) API Key: `813f08e77c858c573e8b7d10d1304dac9e073c8e` --- ## Ficheiros alterados | Path | Alteração | |------|-----------| | `specs/024-openpanel-fossbilling/spec.md` | Domínios ligbox.com.br | | `deploy/vm123-finance-stack/.env.example` | URLs ligbox | | `deploy/vm123-finance-stack/traefik-routes-snippet.yml` | Hosts ligbox | | `deploy/vm123-finance-stack/install-openpanel.sh` | Domínio default ligbox | | `deploy/vm123-finance-stack/README.md` | URLs + DNS | | VM123 `/opt/vm123-finance-stack/.env` | Aplicado em produção | --- ## Próximos passos 1. Wizards FOSSBilling + Odoo na VM123 2. `install-openpanel.sh` (bare metal) 3. `setup-foss-openpanel-module.sh` 4. DNS: `financeiro.ligbox.com.br` + `openpanel.ligbox.com.br` 5. Traefik CT114 — merge `traefik-routes-snippet.yml` 6. DNAT SSH `:2523` pfSense → VM123:22 7. Desk Spec 023 — links financeiro --- ## Canais de cópia ``` /opt/ligbox-ops-platform/specs/024-openpanel-fossbilling/ /opt/ligbox-ops-platform/docs/anais-referencia/ /opt/ligbox-ops-platform/LAPTOP/ /root/obsidian-infra/ligbox-ops-platform/ ```