GBrain Dashboard
Browse Notes
New Note
Edit: github-backup/docs/05-gce-activation-runbook.md
Cancel
Note Content (Markdown)
# GCE Activation Runbook ## Current Host - Project: `n8n-hosting-452913` - Instance: `instance-20250306-165614` - Zone: `us-central1-c` - Public IP: `34.27.189.109` - OS: Debian 12 - Machine: `e2-medium`, 2 vCPU, 4 GB RAM - Prepared path: `/srv/easier-hermes` ## Current Services Observed before staging: - `n8n` on port `5678`. - `easier-done` on port `8080`. - `easier-marketing` on port `3080`. - nginx on ports `80` and `443`. ## Current Hermes State Prepared: - `/srv/easier-hermes/source/hermes-agent` - `/srv/easier-hermes/data` - `/srv/easier-hermes/vault` - `/srv/easier-hermes/ops` - `/srv/easier-hermes/audit` Inactive: - No Hermes image. - No Hermes container. - No Hermes listening port. - No gateway. - No provider credentials. - No connectors. - No cron. ## Before Any Activation Run: ```bash df -h / free -h docker ps sudo ss -lntup sudo find /srv/easier-hermes/audit -maxdepth 1 -type f -print ``` Confirm: - At least 15 GB free disk or a decision to build elsewhere. - n8n is healthy. - Backups/snapshots are current. - No major client work is happening on the host. ## Build Image Later Only during a maintenance window or on a roomier host: ```bash cd /srv/easier-hermes/ops/deployment sudo HERMES_BUILD_IMAGE=1 bash ./prepare-hermes-host.sh ``` Do not start the container yet. ## Dry Config Check ```bash cd /srv/easier-hermes/ops/deployment sudo docker compose --profile activate config ``` Expected: - No published ports. - Command is interactive chat. - Data mounted at `/opt/data`. - Vault mounted at `/vault`. ## First Interactive Start Only after image exists and provider credentials are configured safely: ```bash cd /srv/easier-hermes/ops/deployment sudo docker compose --profile activate run --rm hermes ``` Do not use `up -d` initially. ## Stop Conditions Stop if: - Disk drops below 5 GB free. - Swap climbs heavily while n8n is active. - Any new public port appears. - Hermes asks for broad connector permissions. - Any secret would need to be pasted into chat or committed to Git.
Save Changes