john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tractatus/docs/VPS_ACCESS_REFERENCE.md
TheFlow 008f0169a4 docs: Add VPS access reference and DeepSeek handover brief 
- VPS_ACCESS_REFERENCE.md: Complete SSH recovery procedures for OVH rescue mode
- DEEPSEEK_HANDOVER_BRIEF.md: System maintenance handover documentation

Addresses repeated SSH access failures and documents recovery procedures.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-19 11:03:00 +13:00

234 lines
5.3 KiB
Markdown
Raw Blame History

# VPS Access Reference - agenticgovernance.digital
**Server:** vps-93a693da.vps.ovh.net (91.134.240.3)
**Provider:** OVHCloud
**Domain:** agenticgovernance.digital
---
## Quick Access (When Working)
```bash
# Use SSH alias defined in ~/.ssh/config
ssh tractatus-vps
# Or direct with deploy key
ssh -i ~/.ssh/tractatus_deploy_nopass ubuntu@91.134.240.3
# Or direct with main key
ssh -i ~/.ssh/id_rsa ubuntu@91.134.240.3
```
---
## SSH Keys Authorized on Server
| Key | File | Purpose |
|-----|------|---------|
| Main user key | `~/.ssh/id_rsa` | Primary access |
| Deploy key (no passphrase) | `~/.ssh/tractatus_deploy_nopass` | Automated deployments |
**Public key fingerprints:**
```
id_rsa: SHA256:IcvJSpZZ/0mn8j42weDKgiJPDJioSQfj/arutKmQ3ys
tractatus_deploy_nopass: SHA256:NGTIiqkLMCibVELpQ8BfSO+V3N3FTgATmB9KJi+VjZg
```
**Public key backup location:** https://paste.rs/nELRM (main key)
---
## SSH Config (~/.ssh/config)
```
Host tractatus-vps
HostName 91.134.240.3
User ubuntu
IdentityFile ~/.ssh/tractatus_deploy_nopass
IdentitiesOnly yes
```
---
## When SSH Access Breaks
### Symptoms
- "Permission denied (publickey,password)"
- "Too many authentication failures"
- Host key changed warning
### Diagnosis
```bash
# Test with verbose output
ssh -v -o IdentitiesOnly=yes -i ~/.ssh/tractatus_deploy_nopass ubuntu@91.134.240.3
# Check if server is reachable
ping 91.134.240.3
# Check if web service is up
curl -I https://agenticgovernance.digital/
```
### Recovery via OVH Rescue Mode
**When to use:** SSH keys no longer accepted, server unresponsive, or need to recover from boot failure.
#### Step 1: Enter Rescue Mode
1. Log into OVH Manager: https://www.ovh.com/manager/
2. Navigate to: Bare Metal Cloud → VPS → vps-93a693da
3. Click "Reboot in rescue mode"
4. Select "rescue-customer" image
5. OVH emails temporary root password to account email
#### Step 2: Connect to Rescue Mode
```bash
# Use the temporary password from email
ssh root@91.134.240.3
```
#### Step 3: Mount Main Disk
```bash
# Find the disk (usually /dev/sdb1)
lsblk
# Mount it
mount /dev/sdb1 /mnt/vps
# Verify
ls /mnt/vps/home/ubuntu
```
#### Step 4: Add SSH Keys
**Method A: Direct authorized_keys edit**
```bash
# Create .ssh directory if needed
mkdir -p /mnt/vps/home/ubuntu/.ssh
chmod 700 /mnt/vps/home/ubuntu/.ssh
# Add public key
echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCZ8BH+Bx4uO9DTatRZ/YF5xveP/bTyiAWj+qTF7I+ugxgL9/ejSlW1tSn5Seo4XHoEPD5wZCaWig7m1LMezrRq8fDWHbeXkZltK01xhAPU0L0+OvVZMZacW6+vkNfKcNG9vrxV+K/VTPkT+00TRqlHbP8ZWj0OWd92XAoTroKVYMt4L9e7QeJOJmRmHI0uFaJ0Ufexr2gmZyYhgL2p7PP3oiAvM0xlnTwygl06c3iwXpHKWNydOYPSDs3MkVnDjptmWgKv/J+QXksarwEpA4Csc2dLnco+8KrtocUUcAunz6NJfypA0yNWWzf+/OeffkJ2Rueoe8t/lVffXdI7eVuFkmDufE7XMk9YAE/8+XVqok4OV0Q+bjpH8mKlBA3rNobnWs6obBVJD8/5aphE8NdCR4cgIeRSwieFhfzCl+GBZNvs4yuBdKvQQIfCRAKqTgbuc03XERAef6lJUuJrDjwzvvp1Nd8L7AqJoQS6kYGyxXPf/6nWTZtpxoobdGnJ2FZK6OIpAlsWx9LnybMGy19VfaR9JZSAkLdWxGPb6acNUb2xaaqyuXPo4sWpBM27n1HeKMv/7Oh4WL4zrAxDKfN38k1JsjJJVEABuN/pEOb7BCDnTMLKXlTunZgynAZJ/Dxn+zOAyfzaYSNBotlpYy1zj1AmzvS31L7LJy/aSBHuWw== theflow@the-flow' >> /mnt/vps/home/ubuntu/.ssh/authorized_keys
# Add deploy key
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPdJcKMabIVQRqKqNIpzxHNgxMZ8NOD+9gVCk6dY5uV0 tractatus-deploy' >> /mnt/vps/home/ubuntu/.ssh/authorized_keys
# Fix permissions
chmod 600 /mnt/vps/home/ubuntu/.ssh/authorized_keys
chown -R 1000:1000 /mnt/vps/home/ubuntu/.ssh
```
**Method B: Fetch key from paste.rs**
```bash
curl -s https://paste.rs/nELRM >> /mnt/vps/home/ubuntu/.ssh/authorized_keys
chmod 600 /mnt/vps/home/ubuntu/.ssh/authorized_keys
chown -R 1000:1000 /mnt/vps/home/ubuntu/.ssh
```
#### Step 5: Exit Rescue Mode
1. Return to OVH Manager
2. Click "Restart in normal mode" or "Reboot"
3. Wait 2-3 minutes for server to boot
4. Test SSH access
---
## Common Issues
### Host Key Changed
```bash
# Remove old key
ssh-keygen -R 91.134.240.3
# Reconnect (will prompt to accept new key)
ssh tractatus-vps
```
### Disk Full (Prevents Services Starting)
```bash
# Check disk usage
df -h
# Common culprit: MongoDB logs
sudo rm -rf /var/log/mongodb/*.log*
# Or journal logs
sudo journalctl --vacuum-size=500M
```
### Services Not Starting After Reboot
```bash
# Check status
sudo systemctl status tractatus nginx mongod
# Start services
sudo systemctl start mongod
sudo systemctl start tractatus
sudo systemctl start nginx
# Enable for auto-start
sudo systemctl enable tractatus nginx mongod
```
---
## Deployment
```bash
# From local tractatus project directory
./scripts/deploy.sh
# Dry run first
./scripts/deploy.sh --dry-run
```
---
## Monitoring
### Service Health
```bash
ssh tractatus-vps "sudo systemctl status tractatus nginx mongod --no-pager"
```
### Disk Space
```bash
ssh tractatus-vps "df -h"
```
### MongoDB Logs (check for growth)
```bash
ssh tractatus-vps "ls -lh /var/log/mongodb/"
```
---
## OVH References
- **Manager:** https://www.ovh.com/manager/
- **Server Name:** vps-93a693da.vps.ovh.net
- **IP:** 91.134.240.3
- **Support Ticket (Dec 2025 incident):** CS13385927
---
## History
| Date | Event |
|------|-------|
| 2025-12-09 | Security incident - Docker container compromised |
| 2025-12-09 | Recovery via rescue mode, Docker removed |
| 2026-01-18 | SSH access broken, recovered via rescue mode |
| 2026-01-18 | Disk space crisis (45GB MongoDB logs cleared) |
| 2026-01-19 | SSH access broken again |
---
**Last Updated:** 2026-01-19
Reference in a new issue View git blame Copy permalink