LotusGuild/matrix
2
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Switch Lotus Cinny from nightly dev to stable-release fork workflow
Lint / Shell (shellcheck) (push) Successful in 9s
Details
Lint / JS (eslint) (push) Successful in 7s
Details
Lint / Python (ruff) (push) Successful in 5s
Details
Lint / Python deps (pip-audit) (push) Successful in 55s
Details
Lint / Secret scan (gitleaks) (push) Successful in 5s
Details

Browse Source 
- Replace nightly build script with daily upstream release checker
  (cinny/upstream-check.sh) — posts to Matrix as LotusBot when a new
  cinnyapp/cinny stable release is published
- Add cinny/lotus-build.sh — merges latest release tag into the lotus
  branch, builds, deploys; triggered via !cinny-update webhook
- Fork lives at code.lotusguild.org/LotusGuild/cinny (lotus branch, v4.11.1)
- deploy/hooks-lxc106.json — adds cinny-build webhook endpoint (port 9000)
- Update landing page: "dev branch / nightly" → "Lotus fork / stable releases"
- Set LotusBot avatar on @hookshot_tinker-tickets

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Jared Vititoe
2026-05-13 16:57:35 -04:00
parent 278f850f0c
commit 7f7ddd3e3c
9 changed files with 340 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+74 -23
View File
@@ -19,8 +19,9 @@ matrix/
│ ├── uptime-kuma.js
│ └── ... # One .js per webhook service
├── cinny/
│ ├── config.json # Cinny homeserver config (deployed to /var/www/html/config.json)
── dev-update.sh # Nightly build script for Cinny dev branch
│ ├── config.json # Cinny homeserver config (deployed to /var/www/html/config.json)
── upstream-check.sh # Daily script: checks if cinnyapp/cinny main has new commits, pings Matrix
│ └── lotus-build.sh # Merge + build script: fetches upstream/main, merges, builds, deploys
├── landing/
│ └── index.html # matrix.lotusguild.org landing page
├── draupnir/
@@ -40,7 +41,7 @@ matrix/
├── livekit-graceful-restart.service # oneshot — checks pending restart flag
├── livekit-graceful-restart.timer # Runs every 5 min
├── draupnir.service
└── cinny-dev-update.cron # Installed to /etc/cron.d/ on LXC 106
└── cinny-upstream-check.cron # Installed to /etc/cron.d/ on LXC 106 — runs daily at noon
```
---
@@ -51,7 +52,7 @@ matrix/
|---------|----|-----|-----|------|----------|
| Synapse | 10.10.10.29 | 151 | 8GB | 50GB | Synapse 1.149.0, LiveKit 1.9.11, hookshot 7.3.2, coturn latest |
| PostgreSQL 17 | 10.10.10.44 | 109 | 6GB | 30GB | PostgreSQL 17.9 |
| Cinny Web | 10.10.10.6 | 106 | 2GB | 8GB | Debian 12, nginx, Node 24, Cinny `dev` branch (nightly build) |
| Cinny Web | 10.10.10.6 | 106 | 2GB | 8GB | Debian 12, nginx, Node 24, Lotus Cinny fork (custom, tracks `cinnyapp/cinny` main) |
| Draupnir | 10.10.10.24 | 110 | 1GB | 10GB | Draupnir v2.9.0, Node.js v22 |
| Prometheus | 10.10.10.48 | 118 | — | — | Prometheus — scrapes all Matrix services |
| Grafana | 10.10.10.49 | 107 | — | — | Grafana 12.4.0 — dashboard.lotusguild.org |
@@ -95,12 +96,18 @@ matrix/
- Data directory: `/var/lib/postgresql/17/main`
**Key paths on Cinny LXC (106):**
- Source: `/opt/cinny-dev/` (branch: `dev`, auto-updated nightly at 3am)
- Lotus fork source: `/opt/lotus-cinny/` (fork of `cinnyapp/cinny` main, custom Lotus Guild branch)
- Upstream remote: `https://github.com/cinnyapp/cinny.git` (added as `upstream`)
- Built files: `/var/www/html/`
- Cinny config: `/var/www/html/config.json`
- Config backup (survives rebuilds): `/opt/cinny-dev/.cinny-config.json`
- Dev update script: `/usr/local/bin/cinny-dev-update.sh`
- Cron: `/etc/cron.d/cinny-dev-update` (runs at 3:00am daily)
- Config backup (survives rebuilds): `/opt/lotus-cinny/.cinny-config.json`
- Monitor env: `/etc/cinny-monitor.env` (MATRIX_TOKEN, MATRIX_SERVER, MATRIX_ROOM, MATRIX_PING_USER — not in git)
- Upstream check script: `/usr/local/bin/cinny-upstream-check.sh`
- Build/deploy script: `/usr/local/bin/cinny-build.sh` (triggered by webhook or manual run)
- Cron: `/etc/cron.d/cinny-upstream-check` (runs at noon daily — checks only, does not auto-build)
- Monitor state: `/var/lib/cinny-monitor/last-upstream-commit`
- Monitor log: `/var/log/cinny-monitor.log`
- Build log: `/var/log/cinny-build.log`
- Nginx site config: `/etc/nginx/sites-available/cinny`
---
@@ -122,7 +129,7 @@ Pushes to `main` on `LotusGuild/matrix` automatically deploy to the relevant LXC
| LXC | Service | IP | Port | Deploys When Changed |
|-----|---------|----|----|----------------------|
| 151 | matrix/hookshot | 10.10.10.29 | **9500** | `hookshot/*.js`, `systemd/livekit-server.service` |
| 106 | cinny | 10.10.10.6 | 9000 | `cinny/config.json`, `cinny/dev-update.sh` |
| 106 | cinny | 10.10.10.6 | 9000 | `cinny/config.json`, `cinny/upstream-check.sh`, `cinny/lotus-build.sh`, `deploy/hooks-lxc106.json`, `systemd/cinny-upstream-check.cron` |
| 139 | landing/NPM | 10.10.10.27 | 9000 | `landing/index.html` |
| 110 | draupnir | 10.10.10.24 | 9000 | `draupnir/production.yaml` |
@@ -136,7 +143,10 @@ Pushes to `main` on `LotusGuild/matrix` automatically deploy to the relevant LXC
**LXC 106 — cinny:**
- `cinny/config.json` → copies to `/var/www/html/config.json`
- `cinny/dev-update.sh` → copies to `/usr/local/bin/cinny-dev-update.sh`, `chmod +x`
- `cinny/upstream-check.sh` → copies to `/usr/local/bin/cinny-upstream-check.sh`, `chmod +x`
- `cinny/lotus-build.sh` → copies to `/usr/local/bin/cinny-build.sh`, `chmod +x`
- `deploy/hooks-lxc106.json` → copies to `/etc/webhook/hooks.json`, restarts `webhook` service
- `systemd/cinny-upstream-check.cron` → copies to `/etc/cron.d/cinny-upstream-check`, `chmod 644`
**LXC 139 — landing page:**
- `landing/index.html` → copies to `/var/www/matrix-landing/index.html`, `nginx -s reload`
@@ -158,6 +168,13 @@ Pushes to `main` on `LotusGuild/matrix` automatically deploy to the relevant LXC
- `/usr/local/bin/livekit-graceful-restart.sh`
- `/etc/systemd/system/livekit-graceful-restart.service` + `.timer`
**LXC 106 additionally:**
- `/etc/cinny-monitor.env``MATRIX_TOKEN`, `MATRIX_SERVER`, `MATRIX_ROOM`, `MATRIX_PING_USER` (not in git)
- `/var/lib/cinny-monitor/last-upstream-commit` — state file (tracks last-seen upstream SHA)
- `/opt/lotus-cinny/` — git clone of `code.lotusguild.org/LotusGuild/cinny` with `upstream` remote (`cinnyapp/cinny`)
- `/root/.git-credentials` — Gitea token `lxc106-lotus-cinny` (write:repository scope, revocable via Gitea UI)
- `/var/lib/cinny-monitor/last-upstream-tag` — last seen stable release tag (e.g. `v4.11.1`)
### Livekit Graceful Restart
Killing livekit-server while a call is active drops everyone. Instead:
@@ -338,23 +355,57 @@ POST http://10.10.10.24:8080/_matrix/draupnir/1/report/{roomId}/{eventId}
---
## Cinny Dev Branch (chat.lotusguild.org)
## Lotus Cinny (chat.lotusguild.org)
`chat.lotusguild.org` tracks the Cinny `dev` branch to test the latest beta features.
`chat.lotusguild.org` serves a custom Lotus Guild fork of the official `cinnyapp/cinny` main branch. The fork lives at `code.lotusguild.org/LotusGuild/cinny` and tracks upstream via a `git remote add upstream https://github.com/cinnyapp/cinny.git` workflow.
**Nightly build process (`cinny-dev-update.sh`):**
1. `git fetch origin dev` — checks for new commits; exits early if nothing changed
2. Builds in `/opt/cinny-dev/` using Node 24 with `NODE_OPTIONS=--max_old_space_size=896`
3. Validates `dist/index.html` exists before touching the live web root
4. Copies `dist/` to `/var/www/html/`, restores `config.json` from `/opt/cinny-dev/.cinny-config.json`
5. Runs at 3:00am daily via `/etc/cron.d/cinny-dev-update`
**Upstream monitoring (daily at noon):**
- `cinny-upstream-check.sh` hits the GitHub API and compares the latest `cinnyapp/cinny` main commit against the stored SHA in `/var/lib/cinny-monitor/last-upstream-commit`
- If new commits exist, sends a Matrix message to Spam and Stuff with an `@jared:matrix.lotusguild.org` ping and a link to the commit
- Does **not** auto-build — you review the diff and decide when to merge
**Manual rebuild:**
**Merge + build workflow:**
1. Receive upstream notification in Matrix
2. Review the diff: `https://github.com/cinnyapp/cinny/compare/<old>...<new>`
3. Send `!cinny-update` in any Matrix room — LotusBot POSTs to the cinny-build webhook on LXC 106
4. `cinny-build.sh` runs: `git fetch upstream && git merge upstream/main`, `npm ci`, `npm run build`, deploys to `/var/www/html/`
5. Build result (success or conflict) is posted back to Matrix
**Manual build (SSH):**
```bash
# On LXC 106
/usr/local/bin/cinny-dev-update.sh
/usr/local/bin/cinny-build.sh
```
**Merge conflict recovery:**
```bash
# On LXC 106
cd /opt/lotus-cinny
git merge upstream/main # resolve conflicts in editor
git add -A && git merge --continue
/usr/local/bin/cinny-build.sh
```
**LXC 106 one-time setup** (after forking `cinnyapp/cinny` to `code.lotusguild.org/LotusGuild/cinny`):
```bash
# On LXC 106
git clone https://code.lotusguild.org/LotusGuild/cinny.git /opt/lotus-cinny
cd /opt/lotus-cinny
git remote add upstream https://github.com/cinnyapp/cinny.git
git fetch upstream
# Create env file (fill in a valid Matrix token)
cat > /etc/cinny-monitor.env << 'EOF'
MATRIX_TOKEN=<jared_or_bot_token>
MATRIX_SERVER=https://matrix.lotusguild.org
MATRIX_ROOM=!GttT4QYd1wlGlkHU3qTmq_P3gbyYKKeSSN6R7TPcJHg
MATRIX_PING_USER=@jared:matrix.lotusguild.org
EOF
chmod 600 /etc/cinny-monitor.env
```
**Cinny-build webhook token** (for LotusBot `!cinny-update`): stored in `deploy/hooks-lxc106.json` (`cinny-build` hook, header `X-Build-Token`). LotusBot must POST to `http://10.10.10.6:9000/hooks/cinny-build` with this header.
**Why 2GB RAM:** Vite's build process OOM-killed at 1GB. 896MB Node heap + OS overhead requires at least 1.5GB; 2GB gives headroom.
---
@@ -394,10 +445,10 @@ Periodic `TLS/TCP socket error: Connection reset by peer` in coturn logs. Normal
- [x] Default room version v12, all rooms upgraded
- [x] Landing page with client recommendations
- [x] Synapse metrics endpoint (port 9000, Prometheus-compatible)
- [x] Cinny `dev` branch — nightly auto-build, tracks latest beta features
- [x] Lotus Cinny fork — custom fork of `cinnyapp/cinny` main, daily upstream check + Matrix notification
- [x] Auto-deployment via Gitea webhooks (all 4 LXCs)
- [ ] Push notifications gateway (Sygnal) — needs Apple/Google developer credentials
- [ ] Cinny custom branding — Lotus Guild theme (colours, title, favicon, PWA name)
- [ ] Lotus Cinny custom branding — Lotus Guild theme (colours, title, favicon, PWA name)
### Performance Tuning
- [x] PostgreSQL `shared_buffers` → 1500MB, `effective_cache_size`, `work_mem`, checkpoint tuning
@@ -461,7 +512,7 @@ Periodic `TLS/TCP socket error: Connection reset by peer` in coturn logs. Normal
### Admin
- [x] Synapse admin API dashboard (synapse-admin at http://10.10.10.29:8080)
- [x] Draupnir moderation bot — LXC 110, v2.9.0, all rooms + space, 2 ban lists
- [ ] Cinny custom branding
- [ ] Lotus Cinny custom branding — fork live at code.lotusguild.org/LotusGuild/cinny
---