# Session 0013: Infrastructure Repo & Ops CLI Bootstrap

**Date:** 2026-02-20
**Status:** Completed
**Origin:** MDF Webseiten session 0018

---

## Work Done

- [x] Created infrastructure repo at `git.mnsoft.org/git/APPS/infrastructure.git`
- [x] Local clone: `/Users/i052341/Daten/Cloud/08 - Others/MDF/Infrastruktur/Code/infrastructure/`
- [x] Server clone: `/opt/infrastructure/`
- [x] Wrote `ops` CLI (bash, ~250 lines) — symlinked to `/usr/local/bin/ops`
- [x] Created `servers/hetzner-vps/registry.yaml` — single source of truth for 5 projects
- [x] Captured 5 Traefik dynamic configs from server into git
- [x] Wrote `monitoring/healthcheck.sh` — container health + disk checks → ntfy
- [x] Installed `ops-healthcheck.timer` (every 5 min) on server
- [x] Added Docker labels (`ops.project`, `ops.environment`, `ops.service`) to all MDF compose files
- [x] Replaced hardcoded `container_name()` in `sync.py` with label-based discovery + UUID suffix fallback
- [x] Verified: `ops status`, `ops health`, `ops disk`, `ops backup mdf prod` all working

## Repo Structure Created

```
infrastructure/
├── ops                           # The ops CLI (bash)
├── servers/hetzner-vps/
│   ├── registry.yaml             # 5 projects defined
│   ├── traefik/dynamic/          # Traefik configs captured
│   ├── bootstrap/                # Coolify service payloads
│   ├── scaffolding/              # Shell aliases, SSH hardening, venv setup
│   ├── systemd/                  # 6 timer/service units
│   └── install.sh                # Full fresh server setup script
├── monitoring/
│   ├── healthcheck.sh
│   ├── ops-healthcheck.service
│   └── ops-healthcheck.timer
└── docs/architecture.md
```

## Key Decisions / Learnings

- `ops` CLI uses `SCRIPT_DIR` with `readlink -f` for symlink-safe path resolution
- `registry.yaml` uses a `name_prefix` field; container matching uses `grep` with word anchoring to prevent substring false matches
- Label-based discovery is primary; Coolify UUID suffix prefix-search is the fallback
- Docker labels added to compose files are not live on running containers until restart — noted as gap

## Files Changed

- `/opt/infrastructure/ops` — new ops CLI (bash)
- `/opt/infrastructure/servers/hetzner-vps/registry.yaml` — new registry
- `/opt/infrastructure/monitoring/healthcheck.sh` — new healthcheck script
- `Code/mdf-system/docker-compose.yaml` — added ops.* Docker labels
- `Code/mdf-system/scripts/sync/sync.py` — label-based container discovery, domain map fix

---

**Tags:** #Session #OpsCLI #Infrastructure