KB-4510
INFRA-FINALIZE — Docker + Cron DONE
2 min read Revision 1
reportdockercrongh-backupinfra2026-04-05
INFRA-FINALIZE — Docker Rebuild + GH Backup Cron
Date: 2026-04-05 | Status: ✅ DONE
Việc A: Docker Rebuild
| Check | Result |
|---|---|
| A1: container status | Up, healthy, created 16:52 UTC |
| A2: health | healthy, 879 docs, 1346 vectors, sync ok |
| A3: sync test | INSERT 1346→1347, DELETE 1347→1346 ✅ |
| A4: audit-sync | 0 orphans after cleanup |
| A5: all containers | 7/7 running (agent-data, postgres, directus, nuxt, qdrant, nginx, uptime-kuma) |
| pg_vector_listener.py | IN image (persistent) ✅ |
Việc B: GH Backup Cron
| Check | Result |
|---|---|
| B6: script exists | /opt/incomex/scripts/git-push-gh-daily.sh (98 lines) |
| B7: cron | 0 6,18 * * * (2x daily) |
| B8: test push | vps-daily-20260405 on both GH repos ✅ |
| B9: .git-token | -rw------- root 600 ✅ |
| B10: remote URLs | clean (no token in URL) ✅ |
GH Branches Created
| Repo | Branch | Hash |
|---|---|---|
| web-test | vps-daily-20260405 |
dd0e52b5 |
| agent-data-test | vps-daily-20260405 |
f6dd4057 |
Token Notes
- Token from GSM
gh_pat_sync_secrets(fetched on macbook, cached on VPS) - VPS service account
cursor-ci-builderlacks Secret Manager permission - Token cached in
/opt/incomex/.git-token(chmod 600, .gitignore) - Token expires: needs manual refresh from macbook when PAT expires
- TD: grant VPS SA access to GSM, or use deploy key
Auto-cleanup
Script deletes GH branches older than 7 days (vps-daily-* pattern).
VPS Git
/opt/incomex: commite92d553/opt/incomex/docker/agent-data-repo: commitf6dd405
Docker persistent ✅ | Cron 2x/day ✅ | Both repos backed up to GH