mirror of
https://github.com/myronblair/do-server-config
synced 2026-06-30 17:50:59 -05:00
49 lines
1.9 KiB
Markdown
49 lines
1.9 KiB
Markdown
# DO Server Infrastructure
|
|
|
|
DigitalOcean server at 165.22.1.228 (CyberPanel / OpenLiteSpeed).
|
|
|
|
## Directory Structure
|
|
- `cron/` — Root crontab (CyberPanel + JARVIS entries)
|
|
- `systemd/` — Custom systemd service units
|
|
- `agent/` — JARVIS agent config template
|
|
|
|
## Deploy workflow
|
|
1. Edit code in site repos (myronblair/*)
|
|
2. `git push origin main`
|
|
3. On server: `cd /home/<site>/public_html && git pull origin main`
|
|
|
|
## JARVIS agent install
|
|
```bash
|
|
cp agent/config.json /opt/jarvis-agent/config.json
|
|
systemctl enable jarvis-agent
|
|
systemctl start jarvis-agent
|
|
```
|
|
|
|
## Cloudflare Rocket Loader — IMPORTANT
|
|
|
|
JARVIS (and all sites) sit behind Cloudflare with **Rocket Loader enabled**.
|
|
Rocket Loader does two things that break JavaScript login forms:
|
|
|
|
1. Changes `<script>` tag `type` to a fake value, deferring execution.
|
|
2. Injects `if (!window.__cfRLUnblockHandlers) return false;` into **every**
|
|
`onclick=`, `onkeydown=`, and other inline HTML event attributes,
|
|
blocking them until Rocket Loader finishes loading.
|
|
|
|
### Rules for any page with JavaScript that must run immediately:
|
|
|
|
- Add `data-cfasync="false"` to ALL `<script>` tags.
|
|
- **Never use inline event handler attributes** (`onclick=`, `onkeydown=`, etc.)
|
|
on HTML elements — Rocket Loader will block them.
|
|
- Attach all event listeners via `addEventListener()` in JavaScript.
|
|
- Use `XMLHttpRequest` instead of `fetch()` for auth calls (more compatible).
|
|
- Put scripts **after** their target DOM elements (end of body), not in `<head>`,
|
|
so the elements exist when the script runs without needing DOMContentLoaded.
|
|
|
|
### Current login implementation (jarvis repo: public_html/login.html)
|
|
|
|
Standalone `/login.html` page handles all auth. `index.html` redirects to
|
|
`/login.html` if no `jarvis_token` in sessionStorage.
|
|
- Script is at end of body, after elements, with `data-cfasync="false"`
|
|
- All handlers attached via `addEventListener` — no inline attributes
|
|
- Uses XHR (not fetch) to POST to `/api/auth`
|