dexorder/ai
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

bugfixes

Browse Source
This commit is contained in:
Tim Olson
2026-04-17 17:15:33 -04:00
parent c8fa99c6d2
commit 6f118107d9
16 changed files with 128 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
doc/plan.md
View File

@@ -1,5 +1,6 @@
# Development Plan
* Single conversation in gateway
* Realtime data
* Triggers
* Strategy UI
@@ -8,3 +9,8 @@
* User secrets
* Live Execution
* Sandbox <=> Dexorder auth
* Chat channels
* MCP channel (with or without images)
* TradingView indicator import tool
* Trader preferences tool
*

27
doc/prod_deployment.md
View File

@@ -30,6 +30,16 @@ This script (hardcoded to `--context=prod`) performs:
> **Secrets are NOT updated by this script.** Run `bin/secret-update prod` separately if secrets have changed.
### Post-deploy: refresh user licenses
After any deploy that changes license tier templates (`gateway/src/types/user.ts`), run:
```bash
bin/create-all-users prod
```
This upserts all alpha users and re-applies the current tier template to their `user_licenses` row. Safe to run on an existing database — it will not delete users or lose data. New sandbox deployments will pick up the updated resource limits on next login.
---
## Full Deploy with Iceberg Schema Wipe
@@ -137,3 +147,20 @@ kubectl --context prod -n ai logs deployment/gateway --tail=100
### Gateway shows `42P01` errors but pod is running
The gateway does not auto-migrate on startup. The schema file must be applied manually after any database recreation. A gateway restart alone will not fix this.
### Gateway CrashLoopBackOff — `ECONNREFUSED postgresql://localhost/dexorder`
**Symptom:** New gateway pod crashes immediately with `Database connection failed` and logs show `databaseUrl: "postgresql://localhost/dexorder"`.
**Cause:** The gateway reads `database.url` from `config.yaml` (via `configData`). If that key is absent, it falls back to the localhost default — even if `secrets.yaml` has `database.url`. The code checks `configData.database?.url || secretsData.database?.url || ...` (as of `c8fa99c`), so both sources work, but both files must be present and correctly mounted.
**What to check:**
1. Does the `gateway-config` ConfigMap have a `database:` section? (It should not — credentials belong in secrets as of the nautilus branch.)
2. Does `gateway-secrets` have `database.url`? Verify: `kubectl --context prod -n ai get secret gateway-secrets -o jsonpath='{.data.secrets\.yaml}' | base64 -d`
3. If the secret is missing the database section, run `bin/secret-update prod` (requires 1Password desktop to be unlocked — must run interactively, not via pipe).
### `bin/secret-update prod` fails with "authorization prompt dismissed"
1Password's `op inject` requires interactive desktop authentication. Running it via `echo "yes" | bin/secret-update prod` or any background/piped invocation will fail silently (the script prints `✓` even though `kubectl apply` received empty input).
**Fix:** Run `bin/secret-update prod` in an interactive terminal with 1Password unlocked.