do-server-config/infra/README.md

DO Server Infrastructure

DigitalOcean server at 165.22.1.228 (CyberPanel / OpenLiteSpeed).

Directory Structure

• cron/ — Root crontab (CyberPanel + JARVIS entries)
• systemd/ — Custom systemd service units
• agent/ — JARVIS agent config template

Deploy workflow

1. Edit code in site repos (myronblair/*)
2. git push origin main
3. On server: cd /home/<site>/public_html && git pull origin main

JARVIS agent install

cp agent/config.json /opt/jarvis-agent/config.json
systemctl enable jarvis-agent
systemctl start jarvis-agent

Cloudflare Rocket Loader — IMPORTANT

JARVIS (and all sites) sit behind Cloudflare with Rocket Loader enabled. Rocket Loader does two things that break JavaScript login forms:

1. Changes <script> tag type to a fake value, deferring execution.
2. Injects if (!window.__cfRLUnblockHandlers) return false; into every onclick=, onkeydown=, and other inline HTML event attributes, blocking them until Rocket Loader finishes loading.

Rules for any page with JavaScript that must run immediately:

• Add data-cfasync="false" to ALL <script> tags.
• Never use inline event handler attributes (onclick=, onkeydown=, etc.) on HTML elements — Rocket Loader will block them.
• Attach all event listeners via addEventListener() in JavaScript.
• Use XMLHttpRequest instead of fetch() for auth calls (more compatible).
• Put scripts after their target DOM elements (end of body), not in <head>, so the elements exist when the script runs without needing DOMContentLoaded.

Current login implementation (jarvis repo: public_html/login.html)

Standalone /login.html page handles all auth. index.html redirects to /login.html if no jarvis_token in sessionStorage.

• Script is at end of body, after elements, with data-cfasync="false"
• All handlers attached via addEventListener — no inline attributes
• Uses XHR (not fetch) to POST to /api/auth