ef2c8c5940
Fixed 3 bugs in Aphoria's claim verification engine that were causing false positives in Maxwell validation testing: **Bug 1: Path matching + predicate filtering** - Added predicate filtering to prevent cross-predicate matches - Added path prefix matching to respect crate boundaries - Prevents core/imports/serde from matching hypervisor/vsock/imports/serde **Bug 2: Value-specific absent checks** - Absent mode now checks for specific forbidden value, not any observation - Example: "Clone absent" + "Debug present" = PASS (not CONFLICT) - Only conflicts when the exact forbidden value is found **Bug 3: Wildcard pattern support** - Wildcard patterns like message/*/derives now match multiple paths - Enhanced wildcard_matches() to support prefix/*/suffix patterns - Correctly strips full scheme+language from observation paths **Test coverage:** - All 39 existing tests passing - 3 new tests added for bug fixes - 2 tests updated to use correct predicates - Zero clippy warnings **Maxwell validation:** - maxwell-core-no-serde-001: CONFLICT → PASS (respects path boundaries) - maxwell-singleton-no-clone-001: CONFLICT → PASS (value-specific absent) - 5 claims now correctly show as MISSING (expose predicate mismatches) The fixes successfully eliminate false positives while exposing pre-existing issues where claims used incorrect predicates. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
79 lines
2.0 KiB
Bash
Executable File
79 lines
2.0 KiB
Bash
Executable File
#!/bin/bash
|
|
# Setup nginx reverse proxy for StemeDB dashboard
|
|
|
|
set -e
|
|
|
|
echo "Setting up nginx proxy for StemeDB..."
|
|
|
|
# Create nginx config
|
|
sudo tee /etc/nginx/sites-available/stemedb > /dev/null <<'EOF'
|
|
server {
|
|
listen 80;
|
|
server_name jml;
|
|
|
|
# Dashboard (Next.js)
|
|
location / {
|
|
proxy_pass http://127.0.0.1:18188;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection 'upgrade';
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_cache_bypass $http_upgrade;
|
|
}
|
|
|
|
# API endpoints
|
|
location /v1/ {
|
|
proxy_pass http://127.0.0.1:18180;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
|
|
# Health endpoint
|
|
location /health {
|
|
proxy_pass http://127.0.0.1:18180;
|
|
proxy_http_version 1.1;
|
|
}
|
|
|
|
# Metrics endpoint
|
|
location /metrics {
|
|
proxy_pass http://127.0.0.1:18180;
|
|
proxy_http_version 1.1;
|
|
}
|
|
|
|
# Swagger UI
|
|
location /swagger-ui {
|
|
proxy_pass http://127.0.0.1:18180;
|
|
proxy_http_version 1.1;
|
|
}
|
|
|
|
location /api-docs {
|
|
proxy_pass http://127.0.0.1:18180;
|
|
proxy_http_version 1.1;
|
|
}
|
|
}
|
|
EOF
|
|
|
|
# Enable site
|
|
sudo ln -sf /etc/nginx/sites-available/stemedb /etc/nginx/sites-enabled/stemedb
|
|
|
|
# Test nginx config
|
|
echo "Testing nginx configuration..."
|
|
sudo nginx -t
|
|
|
|
# Reload nginx
|
|
echo "Reloading nginx..."
|
|
sudo systemctl reload nginx
|
|
|
|
echo "✅ Nginx proxy configured!"
|
|
echo ""
|
|
echo "Setup complete. Now run:"
|
|
echo " 1. cargo run --bin stemedb-api # Terminal 1"
|
|
echo " 2. cd applications/stemedb-dashboard && npm run dev # Terminal 2"
|
|
echo " 3. Open http://jml in your browser"
|