187 lines
5.3 KiB
Markdown
187 lines
5.3 KiB
Markdown
# Anais de Referência — VM123 Finance Stack · FOSS + Odoo + OpenPanel (Spec 024)
|
|
|
|
**Data:** 2026-06-17
|
|
**Utilizador:** Roger
|
|
**Projeto:** Ligbox Ops Platform · VM123 (`10.10.10.123`)
|
|
**Spec:** `specs/024-openpanel-fossbilling/`
|
|
**Deploy:** `deploy/vm123-finance-stack/`
|
|
|
|
---
|
|
|
|
## Decisões desta sessão
|
|
|
|
| Tema | Decisão |
|
|
|------|---------|
|
|
| Stack | FOSSBilling + Odoo 16 (Docker) + OpenPanel (bare metal) |
|
|
| Domínios | **Opção B** — marca `ligbox.com.br` |
|
|
| FOSSBilling | `https://financeiro.ligbox.com.br/foss` |
|
|
| Odoo 16 | `https://financeiro.ligbox.com.br/odoo` |
|
|
| OpenPanel | `https://openpanel.ligbox.com.br` (subdomínio dedicado) |
|
|
| Integração | FOSS → OpenPanel via API :2087 (módulo GitHub) |
|
|
| Odoo | ERP interno — sync com FOSS/OpenPanel = fase 2 |
|
|
|
|
---
|
|
|
|
## Estado VM123 (2026-06-17)
|
|
|
|
| Item | Status |
|
|
|------|--------|
|
|
| VM Proxmox 123 `vm123-finance` | ✅ running |
|
|
| IP / GW | `10.10.10.123/24` · gw `10.10.10.1` |
|
|
| SSH LAN | ✅ `root@10.10.10.123` |
|
|
| Bootstrap (swap, fail2ban, UFW) | ✅ |
|
|
| DNS fix pós-clone | ✅ `resolv.conf` estático `1.1.1.8` |
|
|
| Docker FOSS + Odoo | ✅ ports `:8092` `:8069` |
|
|
| Wizard FOSS / Odoo | ⏳ pendente |
|
|
| OpenPanel install | ⏳ pendente |
|
|
| Traefik CT114 rotas | ⏳ pendente confirmação Roger |
|
|
| DNS Cloudflare | ⏳ pendente |
|
|
| DNAT SSH WAN `:2523` | ⏳ pendente pfSense |
|
|
|
|
**OS:** Debian 13 (clone VM121) · **RAM:** 4 GB + swap 2 GB · **Disco:** ~60 GB
|
|
|
|
---
|
|
|
|
## Arquitectura
|
|
|
|
```
|
|
Traefik CT114
|
|
│
|
|
├── financeiro.ligbox.com.br/foss → VM123:8092 (FOSSBilling)
|
|
├── financeiro.ligbox.com.br/odoo → VM123:8069 (Odoo 16)
|
|
└── openpanel.ligbox.com.br → VM123:2083 (OpenPanel host)
|
|
|
|
VM123 Docker: fossbilling + mariadb + odoo + postgres
|
|
VM123 host: OpenPanel Enterprise (NÃO Docker)
|
|
FOSSBilling ──API :2087──► OpenPanel (provisionar hosting)
|
|
Desk VM122 ──links──► financeiro.ligbox.com.br/foss
|
|
```
|
|
|
|
---
|
|
|
|
## Credenciais
|
|
|
|
Ficheiro dedicado (mesmo conteúdo):
|
|
`CREDENCIAIS_LIGBOX_OPS_AMBIENTES_20260617.txt`
|
|
|
|
### Desk VM122 — `desk.ligbox.com.br`
|
|
|
|
| User | Senha | Papel |
|
|
|------|-------|-------|
|
|
| root | `gsq9qtIUD6SQ45Egm8yP` | super_admin |
|
|
| admin | `gsq9qtIUD6SQ45Egm8yP` | ops_lead |
|
|
| mini | `gsq9qtIUD6SQ45Egm8yP` | technician |
|
|
| noc | `gsq9qtIUD6SQ45Egm8yP` | noc |
|
|
|
|
SSH Linux VM122: `root` / `805353`
|
|
**Nota:** `805353` não funciona no login Desk (rotacionada 2026-06-10).
|
|
|
|
### VM123 Finance — `10.10.10.123`
|
|
|
|
| User | Senha | Uso |
|
|
|------|-------|-----|
|
|
| root | `805353` | SSH |
|
|
| admin | `805353` | sudo |
|
|
| mini | `805353` | automação |
|
|
|
|
**Docker `.env`** (`/opt/vm123-finance-stack/.env`):
|
|
|
|
| Variável | Valor |
|
|
|----------|-------|
|
|
| FOSS_MARIADB_PASSWORD | `LbFoss9367c416` |
|
|
| ODOO_DB_PASSWORD | `LbOdood9ca25c3` |
|
|
| FOSSBILLING_URL | `https://financeiro.ligbox.com.br/foss` |
|
|
| ODOO_URL | `https://financeiro.ligbox.com.br/odoo` |
|
|
| OPENPANEL_DOMAIN | `openpanel.ligbox.com.br` |
|
|
|
|
FOSSBilling admin / Odoo master: **ainda não configurados** (wizards).
|
|
|
|
### Wizard VM112 — `10.10.10.112`
|
|
|
|
| User | Senha |
|
|
|------|-------|
|
|
| root SSH | `@betinplace` |
|
|
|
|
API admin key: `ibytera-corp-api-key-change-later`
|
|
|
|
### Traefik CT114 — `10.10.10.114`
|
|
|
|
| User | Senha |
|
|
|------|-------|
|
|
| root SSH | `805353` |
|
|
|
|
### Proxmox — `10.10.10.2:8006`
|
|
|
|
| User | Senha |
|
|
|------|-------|
|
|
| root@pam | `@betinplace` |
|
|
|
|
SSH host: fechado · API: OK
|
|
|
|
### pfSense API
|
|
|
|
| User | Senha |
|
|
|------|-------|
|
|
| api_cursor | `805353` |
|
|
| user_api | `@betinplace` |
|
|
|
|
URL: `https://firewall.itecnologys.com/api/v2/`
|
|
API Key: `7015072cb259165a3ac4b304f556d035`
|
|
|
|
### Tokens internos Desk (`.env` VM122)
|
|
|
|
| Item | Valor |
|
|
|------|-------|
|
|
| JWT_SECRET | `e4b303fe43f8b24b1d924f5ab235d2cea3657b6cd132c925ce60280c64c87ade` |
|
|
| OPS_INTERNAL_TOKEN | `128b96e7c12d9b391edbc727880fbdc905b60fa59b52a865` |
|
|
| WEBHOOK_SECRET | `ligbox-ops-dev-secret` |
|
|
| VM112_ASSIST_TOKEN | `ligbox-desk-assist-7f3a9c2e1b8d4f06` |
|
|
| DESK_BOOTSTRAP_PASSWORD | `gsq9qtIUD6SQ45Egm8yP` |
|
|
|
|
### Cloudflare API
|
|
|
|
| Conta | Token |
|
|
|-------|-------|
|
|
| DNS ligbox | `EYH0ZbKTI41f1O0EoW5uxGUUCA3-Fsrt6b4-1xYJ` |
|
|
| ligbox.com.br | `UBvRO4URpoGPH-vgjVRfKWOpklvmD9vV9PRX43mP` |
|
|
| DNS extra | `cGjq1sABVWq98eiq9DZACleefcVBBGwpR9Foh3X8` |
|
|
|
|
### Odoo V16 (API externa)
|
|
|
|
API Key: `813f08e77c858c573e8b7d10d1304dac9e073c8e`
|
|
|
|
---
|
|
|
|
## Ficheiros alterados
|
|
|
|
| Path | Alteração |
|
|
|------|-----------|
|
|
| `specs/024-openpanel-fossbilling/spec.md` | Domínios ligbox.com.br |
|
|
| `deploy/vm123-finance-stack/.env.example` | URLs ligbox |
|
|
| `deploy/vm123-finance-stack/traefik-routes-snippet.yml` | Hosts ligbox |
|
|
| `deploy/vm123-finance-stack/install-openpanel.sh` | Domínio default ligbox |
|
|
| `deploy/vm123-finance-stack/README.md` | URLs + DNS |
|
|
| VM123 `/opt/vm123-finance-stack/.env` | Aplicado em produção |
|
|
|
|
---
|
|
|
|
## Próximos passos
|
|
|
|
1. Wizards FOSSBilling + Odoo na VM123
|
|
2. `install-openpanel.sh` (bare metal)
|
|
3. `setup-foss-openpanel-module.sh`
|
|
4. DNS: `financeiro.ligbox.com.br` + `openpanel.ligbox.com.br`
|
|
5. Traefik CT114 — merge `traefik-routes-snippet.yml`
|
|
6. DNAT SSH `:2523` pfSense → VM123:22
|
|
7. Desk Spec 023 — links financeiro
|
|
|
|
---
|
|
|
|
## Canais de cópia
|
|
|
|
```
|
|
/opt/ligbox-ops-platform/specs/024-openpanel-fossbilling/
|
|
/opt/ligbox-ops-platform/docs/anais-referencia/
|
|
/opt/ligbox-ops-platform/LAPTOP/
|
|
/root/obsidian-infra/ligbox-ops-platform/
|
|
```
|