ligbox/ligbox-ops-platform
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ligbox-ops-platform/specs/001-webhook-vm112-integration/quickstart.md
Ligbox Spec Hub 3a2c64834b Initial import: ligbox-ops-platform + specs + LAPTOP + obsidian merge (CT130) 
Source: VM122 /opt + obsidian-infra + LAPTOP
Hub: CT130 spec-hub 10.10.10.130
2026-06-19 17:26:41 +00:00

70 lines
2.1 KiB
Markdown
Raw Blame History

# Quickstart: Webhook VM112 → Ops
## Pré-requisitos
- VM112 portal activo: `curl http://10.10.10.112:8090/api/onboarding/health`
- VM122 ops activo: `curl http://10.10.10.122:8080/health`
- Secret igual em ambos `.env`
## 1. Teste manual do receptor (sem portal)
```bash
curl -sf -X POST "http://10.10.10.122:8080/api/v1/webhooks/onboard" \
-H "Content-Type: application/json" \
-H "X-Webhook-Secret: ligbox-ops-dev-secret" \
-d '{"event":"account.created","domain":"teste.manual.ligbox","session_id":"qs-001","data":{"email":"admin@teste.manual.ligbox","account_verified":true,"needs_review":false}}'
curl -sf "http://10.10.10.122:8080/api/v1/desk/tickets" | python3 -m json.tool
```
## 2. Teste idempotência
Repetir o mesmo curl — deve aceitar mas não duplicar ticket (após implementação Phase A).
## 3. Teste auth failure
```bash
curl -sf -X POST "http://10.10.10.122:8080/api/v1/webhooks/onboard" \
-H "Content-Type: application/json" \
-H "X-Webhook-Secret: wrong-secret" \
-d '{"event":"account.created","domain":"x.com","session_id":"x"}'
# Esperado: HTTP 401
```
## 4. Teste E2E (após Phase B)
1. Abrir portal onboarding VM112
2. Completar criação de conta de teste
3. Verificar ticket em `http://10.10.10.122:8091` ou API tickets
4. Verificar activity log portal: entrada webhook OK ou warn
## 5. Teste Ops offline
```bash
# Na VM122: docker-compose stop api
# Completar onboarding no portal
# Portal deve retornar sucesso ao cliente
# Activity log: warn "ops webhook failed"
# Restaurar: docker-compose start api
```
## 6. Deploy checklist
**VM122** (`/opt/ligbox-ops-platform/`):
- [ ] `WEBHOOK_SECRET` definido
- [ ] `docker-compose up -d --build api`
- [ ] fail2ban active
**VM112** (`/opt/ibytera-mail-portal/`):
- [ ] `OPS_WEBHOOK_URL`, `OPS_WEBHOOK_SECRET`, `OPS_WEBHOOK_ENABLED=true`
- [ ] Restart backend portal
- [ ] Sem alteração Carbonio
## 7. Rotação secret (produção)
```bash
NEW=$(openssl rand -hex 32)
# Actualizar .env VM122 WEBHOOK_SECRET=$NEW
# Actualizar .env VM112 OPS_WEBHOOK_SECRET=$NEW
# Restart ambos no mesmo maintenance window
```
Reference in a new issue View git blame Copy permalink