From 07a097c259d0f95bc45ee982d93aa5ef48d024dd Mon Sep 17 00:00:00 2001
From: OG T <ogt@WOOOMacMiniM4.local>
Date: Thu, 9 Apr 2026 18:04:19 +0800
Subject: [PATCH] =?UTF-8?q?fix(infra):=20Sprint=203=20=E8=87=AA=E5=8B=95?=
 =?UTF-8?q?=E4=BF=AE=E5=BE=A9=E5=85=A8=E9=8F=88=E8=B7=AF=E4=BF=AE=E5=BE=A9?=
 =?UTF-8?q?=20=E2=80=94=20docker-188=20SSH=20egress=20+=20service=20regist?=
 =?UTF-8?q?ry=20=E6=93=B4=E5=85=85?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

NetworkPolicy: 新增 192.168.0.188:22 egress — repair-bot-188.sh 執行路徑
service-registry.yaml: 新增 signoz/bitan-app (AUTO, 188主機)

修復覆蓋: Bug #11 補完 (188 SSH) + 188 服務分級覆蓋
E2E 驗證: MoWoooWorkDown → SSH → REPAIR_OK:momo-app (3791ms)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 k8s/awoooi-prod/02-network-policy.yaml |  6 +++++-
 ops/config/service-registry.yaml       | 13 +++++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/k8s/awoooi-prod/02-network-policy.yaml b/k8s/awoooi-prod/02-network-policy.yaml
index d2f85a8c..cd0e625f 100644
--- a/k8s/awoooi-prod/02-network-policy.yaml
+++ b/k8s/awoooi-prod/02-network-policy.yaml
@@ -83,11 +83,15 @@ spec:
   policyTypes:
     - Egress
   egress:
-    # 允許訪問 192.168.0.188 主機服務
+    # 允許訪問 192.168.0.188 主機服務 (AI+Web 中心)
     - to:
         - ipBlock:
             cidr: 192.168.0.188/32
       ports:
+        # SSH — repair-bot-188.sh 自動修復 (momo-app/tsenyang/signoz/minio/openclaw)
+        # (2026-04-09 Claude Sonnet 4.6 Asia/Taipei, docker-188 修復路徑)
+        - protocol: TCP
+          port: 22
         # PostgreSQL (Host 直裝)
         - protocol: TCP
           port: 5432
diff --git a/ops/config/service-registry.yaml b/ops/config/service-registry.yaml
index afb5c162..710df45b 100644
--- a/ops/config/service-registry.yaml
+++ b/ops/config/service-registry.yaml
@@ -170,6 +170,19 @@ services:
     stateful_level: AUTO
     containers: ["langfuse-web", "langfuse-worker"]
 
+  - name: signoz
+    display_name: "SignOz (APM)"
+    host: "192.168.0.188"
+    stateful_level: AUTO
+    reason: "APM 無狀態查詢層，docker compose up -d 可恢復（ClickHouse 資料不受影響）"
+    containers: ["signoz"]
+
+  - name: bitan-app
+    display_name: "Bitan App"
+    host: "192.168.0.188"
+    stateful_level: AUTO
+    containers: ["bitan-app"]
+
   - name: ollama
     display_name: "Ollama (Local LLM)"
     host: "192.168.0.188"