bus operator deploy

Deployment Orchestration

bus operator deploy is the operator-facing controller for installing and updating a Bus deployment. It coordinates focused operator families for cloud, database, node, inference, billing, Stripe, service rendering, and verification. Provider-specific work stays behind provider-neutral modules such as bus operator cloud, bus operator database, bus operator node, and bus operator inference.

Use doctor before a bootstrap or apply run to check that required inputs and credentials are present. Use plan to inspect the deployment phases before changing infrastructure. bootstrap prepares a new deployment from local operator inputs, while apply reconciles the deployment through the same provider-neutral contracts used by a running Bus system. render systemd and render nginx produce service-manager and reverse-proxy configuration. verify checks the deployed service routes and runtime readiness.

Create ./.env as an operator-owned local file with mode 0600 in the working directory where you run bus. The bus dispatcher loads that file into the operator command environment before dispatch. The minimal shared keys are BUS_DEPLOYMENT_ID, BUS_CLOUD_PROVIDER, BUS_DATABASE_PROVIDER, BUS_INFERENCE_PROVIDER, and the credential-file references required by the focused modules, such as an UpCloud token file, PostgreSQL admin DSN file, Stripe API key file, internal Bus key file, and SSH key file. The focused module pages document the exact provider-specific variables. doctor succeeds with ok: true and named validation phases. plan succeeds with cloud, database, node, inference, and service phases. Run mutating bootstrap or apply only after reviewing the plan. Use --env-file <path> only when you intentionally want to read a non-default env-style file.

umask 077
install -m 700 -d ./deploy ./local
# Populate these files from your secret manager before running doctor:
# ./local/upcloud-token contains the UpCloud API token.
# ./local/postgres-admin-dsn contains the PostgreSQL admin DSN.
# ./local/id_ed25519 contains the SSH private key.
# ./local/stripe-secret-key contains the Stripe secret key.
# ./local/bus-internal-key contains the Bus internal shared key.
cat > ./.env <<'EOF'
BUS_DEPLOYMENT_ID=example-dev
BUS_CLOUD_PROVIDER=upcloud
BUS_UPCLOUD_TOKEN_FILE=./local/upcloud-token
BUS_DATABASE_PROVIDER=postgres
BUS_POSTGRES_ADMIN_DSN_FILE=./local/postgres-admin-dsn
BUS_INFERENCE_PROVIDER=ollama
BUS_SSH_PRIVATE_KEY_FILE=./local/id_ed25519
BUS_STRIPE_API_KEY_FILE=./local/stripe-secret-key
BUS_INTERNAL_KEY_FILE=./local/bus-internal-key
EOF
bus operator deploy doctor
bus operator deploy plan

Stop after plan and review the printed cloud, database, node, inference, and service phases. For a first install, run bootstrap once before apply:

bus operator deploy bootstrap
bus operator deploy apply

For an existing deployment update, skip bootstrap and run only:

bus operator deploy apply

Render service configuration as a separate step. Review the generated output, install it with your host configuration process, then reload systemd or nginx before running verify. The install example below assumes a Linux host with systemd and Debian-style nginx sites-available and sites-enabled directories.

bus operator deploy render systemd > ./deploy/bus-systemd.generated
bus operator deploy render nginx > ./deploy/bus-nginx.generated
sudo install -m 0644 ./deploy/bus-systemd.generated /etc/systemd/system/bus-api.service
sudo install -m 0644 ./deploy/bus-nginx.generated /etc/nginx/sites-available/bus
sudo ln -sf /etc/nginx/sites-available/bus /etc/nginx/sites-enabled/bus
sudo systemctl daemon-reload
sudo systemctl restart bus-api.service
sudo nginx -t
sudo systemctl reload nginx
bus operator deploy verify

The command reads env-style input files with KEY=VALUE or export KEY=VALUE lines. Keep real credentials in local untracked files or a secret manager and pass only file references where supported by the focused operator family. Render commands write their generated plan to stdout unless a focused renderer adds an explicit output flag; they do not modify /etc/systemd/system or nginx live configuration by themselves. A successful verify returns ok: true with service, route, billing, and inference phases. If verification fails, run the matching focused command first, for example bus operator cloud status, bus operator database verify, bus operator node verify, or bus operator inference verify.

Deploy reads deployment settings through an explicit allowlist. If the process environment contains a Bus/provider-looking variable that deploy does not read, the command prints a warning with the variable name only; secret values are not printed. To allow extra variable names for one invocation, set BUS_OPERATOR_DEPLOY_ENV_ALLOW or the shared BUS_OPERATOR_ENV_ALLOW. To make the allowlist persistent, use bus preferences set bus-operator-deploy.env-allow "NAME OTHER_NAME" or the shared bus preferences set bus-operator.env-allow "NAME OTHER_NAME". Multiple names may be separated by commas, colons, semicolons, spaces, tabs, or newlines. Preferences store variable names only, not credential values.

Sources

• bus operator cloud
• bus operator database
• bus operator node
• bus operator inference
• bus operator