WIP

Author: perigrin

README.md

@@ -32,11 +32,12 @@ and Tailscale's mesh networking for secure inter-server communication.
 └─────────────────┘                  └─────────────────┘
          │                                    │
          ▼                                    ▼
-┌─────────────────┐    Tailscale     ┌─────────────────┐
-│  magnet-atheme  │◄─────────────────►│ magnet-postgres │
-│  (US Services)  │   Private Mesh   │  (Fly MPG)      │
-│  OpenSSL+EPYC   │                  │                 │
-└─────────────────┘                  └─────────────────┘
+┌─────────────────┐
+│  magnet-atheme  │
+│  (US Services)  │
+│ opensex backend │
+│  OpenSSL+EPYC   │
+└─────────────────┘
 ```
 
 ### Components
@@ -54,12 +55,7 @@ and Tailscale's mesh networking for secure inter-server communication.
 3. **magnet-atheme** - IRC Services (US/Chicago)
    - User registration and authentication (NickServ)
    - Channel management services (ChanServ)
-   - Persistent data storage via PostgreSQL
-
-4. **magnet-postgres** - Database (US/Chicago)
-   - PostgreSQL database for services persistence
-   - User accounts, channel registrations, configurations
-   - Automated backups and high availability
+   - Persistent data storage via opensex flat file backend
 
 ## Getting Started
 
@@ -73,22 +69,27 @@ and Tailscale's mesh networking for secure inter-server communication.
 
 ## Deployment
 
+**IMPORTANT**: All deployments must be run from the project root directory due to Docker build context requirements.
+
 ### Development Deployment
 
 For testing and development purposes, use development-specific app names to avoid
 conflicts with production:
 
 ```bash
+# Deploy from project root directory (REQUIRED)
+cd /path/to/magnet
+
 # Create development apps with -dev suffix
 fly apps create magnet-hub-dev --org magnet-irc
 fly apps create magnet-atheme-dev --org magnet-irc
 
 # Set up Tailscale authentication for dev
 fly secrets set TAILSCALE_AUTHKEY=tskey-auth-xxxxx --app magnet-9rl-dev
 
-# Deploy base infrastructure (development)
-fly deploy --app magnet-hub-dev
-fly deploy --app magnet-atheme-dev
+# Deploy base infrastructure (from root directory)
+fly deploy --app magnet-hub-dev --dockerfile solanum/Dockerfile --config servers/magnet-9rl/fly.toml
+fly deploy --app magnet-atheme-dev --dockerfile atheme/Dockerfile --config servers/magnet-atheme/fly.toml
 
 # Validate mesh connectivity
 fly ssh console --app magnet-hub-dev
@@ -196,7 +197,7 @@ All components include comprehensive health checks:
 - Tailscale mesh connectivity
 - IRC server responsiveness
 - Services authentication status
-- Database connectivity
+- Flat file backend accessibility
 - SSL certificate validity
 
 ## Development

atheme/Dockerfile

@@ -31,6 +31,7 @@ RUN git clone https://github.com/atheme/atheme -b v${ATHEME_VERSION} --depth=1 /
 RUN cd /atheme-src/libmowgli-2 && git pull origin master
 
 # Generate autotools files if needed and configure with PostgreSQL support
+# Force rebuild 2025-08-25 for PostgreSQL backend module
 RUN cd /atheme-src && \
     autoreconf -fiv && \
     ./configure \
@@ -53,6 +54,9 @@ RUN apk add --no-cache \
     ca-certificates \
     curl \
     gettext \
+    pwgen \
+    su-exec \
+    pcre \
     && rm -rf /var/cache/apk/*
 
 # Copy Atheme from builder
@@ -69,11 +73,20 @@ RUN mkdir -p /var/run/tailscale /var/cache/tailscale /var/lib/tailscale /app
 RUN adduser -D -h /atheme -u $ATHEME_UID atheme
 RUN chown -R atheme /atheme
 
-# Copy configuration templates and startup script
+# Force cache invalidation with build timestamp
+ARG BUILD_TIMESTAMP
+RUN echo "Build timestamp: $BUILD_TIMESTAMP" > /tmp/build_info
+
+# Test build context - copy test file first  
+COPY test-build-context.txt /tmp/test.txt
+
+# Copy configuration templates and startup script  
 COPY atheme/atheme.conf.template /atheme/etc/atheme.conf.template
 COPY atheme/entrypoint.sh /app/entrypoint.sh
 RUN chmod +x /app/entrypoint.sh
 
+
+
 # Health check
 HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
     CMD curl -f http://localhost:8080/health || exit 1

atheme/atheme.conf.template

@@ -1,17 +1,12 @@
 # ABOUTME: Atheme IRC services configuration template with environment variable substitution  
-# ABOUTME: Optimized with OpenSSL for AMD EPYC performance and PostgreSQL backend
+# ABOUTME: Optimized with OpenSSL for AMD EPYC performance and opensex flat file backend
 
 # Atheme Configuration Template for ${ATHEME_NETWORK}
 # Optimized with OpenSSL for AMD EPYC performance
 
-/* Database configuration */
+/* Database configuration - using opensex flat file backend */
 database {
-    module = "postgresql";
-    host = "${ATHEME_POSTGRES_HOST}";
-    port = 5432;
-    database = "${ATHEME_POSTGRES_DB}";
-    username = "postgres";
-    password = ""; # Will be set via DATABASE_URL env var
+    module = "opensex";
 };
 
 /* Network information */
@@ -38,18 +33,18 @@ serverinfo {
     emailtime = 300;
 };
 
-/* Uplink configuration via Tailscale */
-uplink "${ATHEME_HUB_SERVER}.raptor-betelgeuse.ts.net" {
-    host = "${ATHEME_HUB_HOSTNAME}";  /* Tailscale hostname */
+/* Uplink configuration */
+uplink "${ATHEME_HUB_SERVER}.${HUB_NAME}" {
+    host = "${ATHEME_HUB_SERVER}.${HUB_NAME}";
     send_password = "${SERVICES_PASSWORD}";
     receive_password = "${SERVICES_PASSWORD}";
     port = 6667;
-    vhost = "0.0.0.0";
+    /* No vhost specified - let it use the default interface */
 };
 
 /* Operator configuration */
-operator "${OPERATOR_PASSWORD}" {
-    name = "admin";
+operator "admin" {
+    password = "${OPERATOR_PASSWORD}";
     class = "sra";
 };
 
@@ -65,7 +60,7 @@ nickserv {
     user = "services";
     host = "services.raptor-betelgeuse.ts.net";
     real = "Nickname Services";
-    aliases = { "NS" };
+    aliases = "NS";
 };
 
 /* ChanServ configuration */
@@ -74,7 +69,7 @@ chanserv {
     user = "services";
     host = "services.raptor-betelgeuse.ts.net";
     real = "Channel Services";
-    aliases = { "CS" };
+    aliases = "CS";
 };
 
 /* OperServ configuration */
@@ -83,7 +78,7 @@ operserv {
     user = "services";
     host = "services.raptor-betelgeuse.ts.net";
     real = "Operator Services";
-    aliases = { "OS" };
+    aliases = "OS";
 };
 
 /* MemoServ configuration */
@@ -92,11 +87,11 @@ memoserv {
     user = "services";
     host = "services.raptor-betelgeuse.ts.net";
     real = "Memo Services";
-    aliases = { "MS" };
+    aliases = "MS";
 };
 
 /* Protocol module */
-loadmodule "modules/protocol/solanum";
+loadmodule "modules/protocol/charybdis";
 
 /* Backend modules */
 loadmodule "modules/backend/opensex";

atheme/entrypoint.sh

@@ -1,6 +1,6 @@
-#!/bin/bash
-# ABOUTME: Atheme IRC services startup script with Tailscale integration and database connectivity
-# ABOUTME: Handles ephemeral Tailscale auth, password generation, and PostgreSQL connection
+#!/bin/sh
+# ABOUTME: Atheme IRC services startup script with Tailscale integration
+# ABOUTME: Handles ephemeral Tailscale auth, password generation, and opensex flat file backend
 
 set -e
 
@@ -12,7 +12,7 @@ sleep 5
 
 # Connect to Tailscale network
 HOSTNAME=${SERVER_NAME:-atheme-${FLY_REGION:-unknown}}
-/usr/local/bin/tailscale up --auth-key=${TAILSCALE_AUTHKEY} --hostname=${HOSTNAME} --ephemeral --ssh --accept-routes=false --accept-dns=true
+/usr/local/bin/tailscale up --auth-key=${TAILSCALE_AUTHKEY} --hostname=${HOSTNAME} --ssh --accept-routes=false --accept-dns=true
 
 echo "Connected to Tailscale as ${HOSTNAME}"
 
@@ -39,16 +39,9 @@ source /atheme/etc/passwords.conf
 # Process atheme.conf template with generated passwords
 echo "Instantiating atheme.conf from template..."
 
-# Extract database details from DATABASE_URL if available
-if [ -n "$DATABASE_URL" ]; then
-    echo "Using DATABASE_URL for PostgreSQL connection"
-    # Parse DATABASE_URL: postgres://user:pass@host:port/dbname
-    export ATHEME_POSTGRES_HOST=$(echo "$DATABASE_URL" | sed -n 's/.*@\([^:]*\):.*/\1/p')
-    export ATHEME_POSTGRES_DB=$(echo "$DATABASE_URL" | sed -n 's/.*\/\([^?]*\).*/\1/p')
-    echo "Extracted from DATABASE_URL: host=$ATHEME_POSTGRES_HOST, db=$ATHEME_POSTGRES_DB"
-fi
+# Atheme uses opensex flat file backend - no database configuration needed
 
-envsubst '${ATHEME_NETWORK} ${ATHEME_NETWORK_DOMAIN} ${SERVICES_PASSWORD} ${OPERATOR_PASSWORD} ${ATHEME_POSTGRES_HOST} ${ATHEME_POSTGRES_DB} ${ATHEME_HUB_SERVER} ${ATHEME_HUB_HOSTNAME}' \
+envsubst '${ATHEME_NETWORK} ${ATHEME_NETWORK_DOMAIN} ${SERVICES_PASSWORD} ${OPERATOR_PASSWORD} ${ATHEME_HUB_SERVER} ${HUB_NAME}' \
     < /atheme/etc/atheme.conf.template \
     > /atheme/etc/atheme.conf
 
@@ -59,31 +52,11 @@ echo "Atheme configuration instantiated successfully"
 echo "Tailscale hostname: ${HOSTNAME}"
 echo "Services password: ${SERVICES_PASSWORD}"
 
-# Wait for PostgreSQL to be available (if DATABASE_URL is set)
-if [ -n "$DATABASE_URL" ]; then
-    echo "Waiting for PostgreSQL to be available..."
-    max_attempts=30
-    attempt=1
-    
-    while [ $attempt -le $max_attempts ]; do
-        if pg_isready -d "$DATABASE_URL" >/dev/null 2>&1; then
-            echo "PostgreSQL is ready!"
-            break
-        fi
-        
-        echo "PostgreSQL not ready, attempt $attempt/$max_attempts..."
-        sleep 2
-        attempt=$((attempt + 1))
-    done
-    
-    if [ $attempt -gt $max_attempts ]; then
-        echo "WARNING: PostgreSQL not available after $max_attempts attempts, proceeding anyway"
-    fi
-fi
+# Atheme uses opensex flat file backend - no database connection needed
 
 # Simple HTTP health endpoint
 (while true; do
-    echo -e "HTTP/1.1 200 OK\r\nContent-Type: text/plain\r\n\r\nAtheme Services Health OK" | nc -l -p 8080 -q 1
+    echo -e "HTTP/1.1 200 OK\r\nContent-Type: text/plain\r\n\r\nAtheme Services Health OK" | nc -l -p 8080
 done) &
 
 # Start Atheme as atheme user