jramos/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(repo): reorganize repository structure for improved navigation and maintainability

Browse Source 
Implement comprehensive directory reorganization to improve discoverability,
logical grouping, and separation of concerns across documentation, scripts,
and infrastructure snapshots.

Major Changes:

1. Documentation Reorganization:
   - Created start-here-docs/ for onboarding documentation
     * Moved QUICK-START.md, START-HERE.md, GIT-SETUP-GUIDE.md
     * Moved GIT-QUICK-REFERENCE.md, SCRIPT-USAGE.md, SETUP-COMPLETE.md
   - Created troubleshooting/ directory
     * Moved BUGFIX-SUMMARY.md for centralized issue resolution
   - Created mcp/ directory for Model Context Protocol configurations
     * Moved OBSIDIAN-MCP-SETUP.md to mcp/obsidian/

2. Scripts Reorganization:
   - Created scripts/crawlers-exporters/ for infrastructure collection
     * Moved collect*.sh scripts and collection documentation
     * Consolidates Proxmox homelab export tooling
   - Created scripts/fixers/ for operational repair scripts
     * Moved fix_n8n_db_*.sh scripts
     * Isolated scripts with embedded credentials (templates tracked)
   - Created scripts/qol/ for quality-of-life utilities
     * Moved git-aliases.sh and git-first-commit.sh

3. Infrastructure Snapshots:
   - Created disaster-recovery/ for active infrastructure state
     * Moved latest homelab-export-20251202-204939/ snapshot
     * Contains current VM/CT configurations and system state
   - Created archive-homelab/ for historical snapshots
     * Moved homelab-export-*.tar.gz archives
     * Preserves point-in-time backups for reference

4. Agent Definitions:
   - Created sub-agents/ directory
     * Added backend-builder.md (development agent)
     * Added lab-operator.md (infrastructure operations agent)
     * Added librarian.md (git/version control agent)
     * Added scribe.md (documentation agent)

5. Updated INDEX.md:
   - Reflects new directory structure throughout
   - Updated all file path references
   - Enhanced navigation with new sections
   - Added agent roles documentation
   - Updated quick reference commands

6. Security Improvements:
   - Updated .gitignore to match reorganized file locations
   - Corrected path for scripts/fixers/fix_n8n_db_c_locale.sh exclusion
   - Maintained template-based credential management pattern

Infrastructure State Update:
   - Latest snapshot: 2025-12-02 20:49:54
   - Removed: VM 101 (gitlab), CT 112 (Anytype)
   - Added: CT 113 (n8n)
   - Total: 9 VMs, 3 Containers

Impact:
   - Improved repository navigation and discoverability
   - Logical separation of documentation, scripts, and snapshots
   - Clearer onboarding path for new users
   - Enhanced maintainability through organized structure
   - Foundation for multi-agent workflow support

Files changed: 90 files (+935/-349)
   - 3 modified, 14 new files, 73 renames/moves

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Jordan Ramos
2025-12-02 21:39:33 -07:00
parent eec4c4b298
commit 4f69420aaa
90 changed files with 935 additions and 349 deletions
Download Patch File Download Diff File Expand all files Collapse all files

164
scripts/fixers/fix_n8n_db_c_locale.sh.template Normal file
View File

@@ -0,0 +1,164 @@
#!/bin/bash
################################################################################
# n8n PostgreSQL Permission Fix Script - C.utf8 Locale Version (TEMPLATE)
#
# Purpose: Fix PostgreSQL 15+ permission issues for n8n database
# Root Cause: 1) PostgreSQL 15+ removed default CREATE permission from PUBLIC
# 2) Debian 12 minimal system only has C.utf8 locale available
# Solution: Create database with C.utf8 locale and proper ownership
#
# Environment: Debian 12, PostgreSQL 16, n8n LXC Container (CT 113)
#
# USAGE:
# 1. Copy this template: cp fix_n8n_db_c_locale.sh.template fix_n8n_db_c_locale.sh
# 2. Set environment variable: export N8N_DB_PASSWORD="your_secure_password"
# 3. Run the script: bash fix_n8n_db_c_locale.sh
# 4. Delete the script after use: shred -u fix_n8n_db_c_locale.sh
#
# SECURITY NOTE: This template uses environment variables to avoid hardcoding
# credentials in the repository. The actual script with embedded
# credentials is excluded from git via .gitignore
################################################################################
set -euo pipefail
DB_NAME="n8n_db"
DB_USER="n8n_user"
# IMPORTANT: Set this environment variable before running the script
# Example: export N8N_DB_PASSWORD="your_secure_password_here"
DB_PASSWORD="${N8N_DB_PASSWORD:-}"
if [[ -z "$DB_PASSWORD" ]]; then
echo "ERROR: N8N_DB_PASSWORD environment variable is not set"
echo "Please set it before running this script:"
echo " export N8N_DB_PASSWORD='your_secure_password'"
exit 1
fi
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
LOG_FILE="/var/log/n8n_db_fix_${TIMESTAMP}.log"
# Color codes
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log() {
echo -e "${BLUE}[$(date +'%Y-%m-%d %H:%M:%S')]${NC} $1" | tee -a "$LOG_FILE"
}
log_success() {
echo -e "${GREEN}[✓]${NC} $1" | tee -a "$LOG_FILE"
}
log_error() {
echo -e "${RED}[✗]${NC} $1" | tee -a "$LOG_FILE"
}
echo "================================================================================"
echo "n8n PostgreSQL Permission Fix - C.utf8 Locale Version"
echo "================================================================================"
echo ""
log "Stopping n8n service..."
systemctl stop n8n || true
sleep 3
log_success "n8n service stopped"
log "Dropping existing database (if any) and recreating with C.UTF-8 locale..."
sudo -u postgres psql <<SQL 2>&1 | tee -a "$LOG_FILE"
-- Terminate any existing connections
SELECT pg_terminate_backend(pg_stat_activity.pid)
FROM pg_stat_activity
WHERE pg_stat_activity.datname = '$DB_NAME'
AND pid <> pg_backend_pid();
-- Drop database if exists
DROP DATABASE IF EXISTS $DB_NAME;
-- Create database with C.utf8 locale (Debian 12 system locale)
CREATE DATABASE $DB_NAME
OWNER $DB_USER
ENCODING 'UTF8'
LC_COLLATE = 'C.utf8'
LC_CTYPE = 'C.utf8'
TEMPLATE template0;
-- Connect to the database
\c $DB_NAME
-- Grant all privileges on the public schema (PostgreSQL 15+ fix)
GRANT ALL ON SCHEMA public TO $DB_USER;
-- Grant all privileges on all current and future objects
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO $DB_USER;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO $DB_USER;
GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO $DB_USER;
-- Set default privileges for future objects
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO $DB_USER;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO $DB_USER;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON FUNCTIONS TO $DB_USER;
-- Verify database settings
SELECT datname, datcollate, datctype, pg_get_userbyid(datdba) as owner
FROM pg_database
WHERE datname = '$DB_NAME';
SQL
log_success "Database recreated with C.utf8 locale and proper permissions"
log "Testing database permissions..."
PGPASSWORD="$DB_PASSWORD" psql -h localhost -U $DB_USER -d $DB_NAME <<SQL 2>&1 | tee -a "$LOG_FILE"
-- Test table creation (this is what was failing before)
CREATE TABLE test_table (id SERIAL PRIMARY KEY, test_data VARCHAR(100));
INSERT INTO test_table (test_data) VALUES ('Permission test successful');
SELECT * FROM test_table;
DROP TABLE test_table;
-- Display current user and database
SELECT current_user, current_database();
SQL
if [[ $? -eq 0 ]]; then
log_success "Permission test PASSED - n8n_user can create tables"
else
log_error "Permission test FAILED"
exit 1
fi
log "Starting n8n service..."
systemctl start n8n
sleep 10
if systemctl is-active --quiet n8n; then
log_success "n8n service started successfully"
else
log_error "n8n service failed to start - check logs"
journalctl -u n8n -n 30
exit 1
fi
echo ""
echo "================================================================================"
log_success "n8n DATABASE FIX COMPLETED SUCCESSFULLY"
echo "================================================================================"
echo ""
echo "✅ Database created with:"
echo " - Locale: C.utf8 (Debian 12 system locale)"
echo " - Owner: n8n_user"
echo " - Permissions: Full CREATE access on public schema"
echo ""
echo "📋 Next Steps:"
echo " 1. Monitor service: systemctl status n8n"
echo " 2. Watch logs: journalctl -u n8n -f"
echo " 3. Test access: https://n8n.apophisnetworking.net"
echo ""
echo "📄 Log file: $LOG_FILE"
echo ""
echo "🔒 SECURITY: Remember to delete this script after use:"
echo " shred -u $(readlink -f "$0")"
echo "================================================================================"

349
scripts/fixers/fix_n8n_db_permissions.sh Normal file
View File

@@ -0,0 +1,349 @@
#!/bin/bash
################################################################################
# n8n PostgreSQL Permission Fix Script
#
# Purpose: Fix PostgreSQL 15+ permission issues for n8n database
# Root Cause: PostgreSQL 15+ removed default CREATE permission from PUBLIC
# role on the 'public' schema
# Solution: Recreate database with proper ownership and explicit grants
#
# Author: Backend Builder (Claude Code)
# Date: 2025-12-01
# Environment: Debian 12, PostgreSQL 16, n8n LXC Container (CT 113)
#
# SECURITY NOTE: This script requires database password to be set via environment
# variable or edited directly before use.
################################################################################
set -e # Exit immediately if a command exits with a non-zero status
set -u # Treat unset variables as an error
set -o pipefail # Prevent errors in a pipeline from being masked
################################################################################
# CONFIGURATION
################################################################################
DB_NAME="n8n_db"
DB_USER="n8n_user"
DB_PASSWORD="${N8N_DB_PASSWORD:-YOUR_DB_PASSWORD_HERE}" # Set via env or edit this line
DB_HOST="localhost"
BACKUP_DIR="/var/backups/n8n"
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
BACKUP_FILE="${BACKUP_DIR}/n8n_db_backup_${TIMESTAMP}.sql"
LOG_FILE="/var/log/n8n_db_fix_${TIMESTAMP}.log"
# Color codes for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
################################################################################
# FUNCTIONS
################################################################################
log() {
echo -e "${BLUE}[$(date +'%Y-%m-%d %H:%M:%S')]${NC} $1" | tee -a "$LOG_FILE"
}
log_success() {
echo -e "${GREEN}[✓]${NC} $1" | tee -a "$LOG_FILE"
}
log_warning() {
echo -e "${YELLOW}[⚠]${NC} $1" | tee -a "$LOG_FILE"
}
log_error() {
echo -e "${RED}[✗]${NC} $1" | tee -a "$LOG_FILE"
}
check_password() {
if [[ "$DB_PASSWORD" == "YOUR_DB_PASSWORD_HERE" ]] || [[ -z "$DB_PASSWORD" ]]; then
log_error "Database password not configured!"
log_error "Set N8N_DB_PASSWORD environment variable or edit DB_PASSWORD in this script"
log_error "Example: export N8N_DB_PASSWORD='your_password_here'"
exit 1
fi
}
check_root() {
if [[ $EUID -ne 0 ]]; then
log_error "This script must be run as root"
exit 1
fi
}
check_postgresql() {
if ! systemctl is-active --quiet postgresql; then
log_error "PostgreSQL is not running"
exit 1
fi
log_success "PostgreSQL service is running"
}
check_n8n_service() {
if systemctl list-unit-files | grep -q "n8n.service"; then
return 0
else
log_warning "n8n service not found, skipping service management"
return 1
fi
}
stop_n8n() {
log "Stopping n8n service..."
if check_n8n_service; then
systemctl stop n8n || true
sleep 3
if systemctl is-active --quiet n8n; then
log_error "Failed to stop n8n service"
exit 1
fi
log_success "n8n service stopped"
else
log_warning "n8n service not managed by systemd, ensure it's stopped manually"
fi
}
create_backup() {
log "Creating backup directory..."
mkdir -p "$BACKUP_DIR"
chmod 700 "$BACKUP_DIR"
log "Creating database backup..."
if sudo -u postgres pg_dump -h "$DB_HOST" "$DB_NAME" > "$BACKUP_FILE" 2>/dev/null; then
log_success "Database backed up to: $BACKUP_FILE"
# Check if backup is empty
if [[ ! -s "$BACKUP_FILE" ]]; then
log_warning "Backup file is empty (database may be empty)"
else
BACKUP_SIZE=$(du -h "$BACKUP_FILE" | cut -f1)
log_success "Backup size: $BACKUP_SIZE"
fi
else
log_warning "Database backup failed (database may not exist or be empty)"
echo "-- No data to backup" > "$BACKUP_FILE"
fi
}
drop_database() {
log "Dropping existing database and recreating with proper ownership..."
# Terminate existing connections
sudo -u postgres psql <<EOF 2>&1 | tee -a "$LOG_FILE"
SELECT pg_terminate_backend(pg_stat_activity.pid)
FROM pg_stat_activity
WHERE pg_stat_activity.datname = '$DB_NAME'
AND pid <> pg_backend_pid();
EOF
# Drop and recreate database
sudo -u postgres psql <<EOF 2>&1 | tee -a "$LOG_FILE"
-- Drop database if exists
DROP DATABASE IF EXISTS $DB_NAME;
-- Recreate database with n8n_user as owner
CREATE DATABASE $DB_NAME
OWNER $DB_USER
ENCODING 'UTF8'
LC_COLLATE = 'en_US.UTF-8'
LC_CTYPE = 'en_US.UTF-8'
TEMPLATE template0;
-- Connect to the database
\c $DB_NAME
-- Grant all privileges on the public schema to n8n_user
GRANT ALL ON SCHEMA public TO $DB_USER;
-- Grant all privileges on all tables (current and future)
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO $DB_USER;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO $DB_USER;
GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO $DB_USER;
-- Set default privileges for future objects
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO $DB_USER;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO $DB_USER;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON FUNCTIONS TO $DB_USER;
-- Verify ownership
\dt
EOF
log_success "Database recreated with proper ownership"
}
test_permissions() {
log "Testing database permissions..."
# Test connection and DDL operations
PGPASSWORD="$DB_PASSWORD" psql -h "$DB_HOST" -U "$DB_USER" -d "$DB_NAME" <<EOF 2>&1 | tee -a "$LOG_FILE"
-- Test table creation
CREATE TABLE IF NOT EXISTS permission_test (
id SERIAL PRIMARY KEY,
test_column VARCHAR(100),
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
-- Test insert
INSERT INTO permission_test (test_column) VALUES ('Permission test successful');
-- Test select
SELECT * FROM permission_test;
-- Cleanup test table
DROP TABLE permission_test;
-- Display current user and database
SELECT current_user, current_database();
EOF
if [[ $? -eq 0 ]]; then
log_success "Permission test PASSED - n8n_user can create tables and perform DDL operations"
return 0
else
log_error "Permission test FAILED - n8n_user still lacks necessary permissions"
return 1
fi
}
verify_schema_permissions() {
log "Verifying schema permissions..."
sudo -u postgres psql -d "$DB_NAME" <<EOF | tee -a "$LOG_FILE"
-- Check database ownership
SELECT d.datname AS database_name,
pg_catalog.pg_get_userbyid(d.datdba) AS owner
FROM pg_catalog.pg_database d
WHERE d.datname = '$DB_NAME';
-- Check schema permissions
SELECT
n.nspname AS schema_name,
pg_catalog.pg_get_userbyid(n.nspowner) AS owner,
pg_catalog.array_to_string(n.nspacl, E'\n') AS acl
FROM pg_catalog.pg_namespace n
WHERE n.nspname = 'public';
EOF
log_success "Schema permissions verified"
}
start_n8n() {
log "Starting n8n service..."
if check_n8n_service; then
systemctl start n8n
sleep 5
if systemctl is-active --quiet n8n; then
log_success "n8n service started successfully"
else
log_error "n8n service failed to start"
log "Check logs with: journalctl -u n8n -n 50"
return 1
fi
else
log_warning "n8n service not managed by systemd, start manually"
fi
}
verify_n8n_startup() {
log "Verifying n8n startup and database migration..."
if check_n8n_service; then
sleep 10 # Give n8n time to run migrations
# Check service status
if systemctl is-active --quiet n8n; then
log_success "n8n service is running"
else
log_error "n8n service is not running"
return 1
fi
# Check logs for errors
if journalctl -u n8n --since "1 minute ago" | grep -q "permission denied"; then
log_error "Permission errors still present in n8n logs"
journalctl -u n8n -n 30 | tee -a "$LOG_FILE"
return 1
elif journalctl -u n8n --since "1 minute ago" | grep -q "n8n ready on"; then
log_success "n8n started successfully and is ready"
return 0
else
log_warning "Unable to confirm n8n status from logs, check manually"
return 0
fi
else
log_warning "Cannot verify n8n startup automatically, check manually"
return 0
fi
}
display_summary() {
echo ""
echo "================================================================================"
log_success "n8n DATABASE PERMISSION FIX COMPLETED"
echo "================================================================================"
echo ""
echo "📋 Summary:"
echo " - Database: $DB_NAME"
echo " - User: $DB_USER"
echo " - Backup: $BACKUP_FILE"
echo " - Log file: $LOG_FILE"
echo ""
echo "✅ Actions Completed:"
echo " 1. Created database backup"
echo " 2. Dropped and recreated database with proper ownership"
echo " 3. Granted explicit schema permissions to n8n_user"
echo " 4. Tested DDL permissions successfully"
echo " 5. Restarted n8n service"
echo ""
echo "🔍 Verification Steps:"
echo " 1. Check n8n service: systemctl status n8n"
echo " 2. View recent logs: journalctl -u n8n -n 50 -f"
echo " 3. Access n8n web UI: http://<container-ip>:5678"
echo ""
echo "📊 Database Status:"
sudo -u postgres psql -d "$DB_NAME" -c "\dt" 2>/dev/null || true
echo ""
echo "================================================================================"
}
################################################################################
# MAIN EXECUTION
################################################################################
main() {
echo "================================================================================"
echo "n8n PostgreSQL Permission Fix Script"
echo "================================================================================"
echo ""
# Pre-flight checks
log "Starting pre-flight checks..."
check_root
check_password
check_postgresql
# Execute fix
stop_n8n
create_backup
drop_database
verify_schema_permissions
test_permissions
# Restart and verify
start_n8n
verify_n8n_startup
# Display summary
display_summary
log_success "Script completed successfully!"
}
# Execute main function
main "$@"