pryscraper/DEPLOYMENT.md
cryptorugmunch bb77eb5f35 chore(license): re-license to dual MIT (core) + BSL 1.1 (stealth)
Re-license Pry from full Proprietary to a dual-license model:

- Core engine, extraction, templates (80+), MCP server, x402 payment rail,
  CLI, SDK, browser extension, WordPress plugin, Shopify app, and
  llm_providers: MIT (see LICENSE)
- Anti-detection / stealth subset (15 files): BSL 1.1 with Change Date
  2029-01-01 (see LICENSE-BSL-STEALTH)

BSL files (anti-detection moat):
  ultimate_scraper.py, stealth_engine.py, stealth_scripts/*.js (6),
  camoufox_integration.py, tls_fingerprint.py, cookie_warmer.py,
  behavioral_biometrics.py, adaptive.py, browser_pool.py, network.py,
  captcha_solver.py, shadow_dom.py, lazy_load.py, signup_automator.py,
  auth_connector.py

This enables community contributions to the core engine (templates,
integrations, MCP tools) while protecting the anti-detection techniques
that constitute the actual competitive moat. BSL Additional Use Grant
permits free non-production use; production deployment requires a
commercial license from enterprise@rugmunch.io.

Changes:
- Replace proprietary LICENSE with MIT LICENSE + new LICENSE-BSL-STEALTH
- Add SPDX-License-Identifier headers to 300+ source files
- Add docs/adr/0002-dual-licensing.md (ADR documenting the decision)
- Update README.md: new License section with BSL Additional Use Grant
- Update LICENSING_PRICING_STRATEGY.md: Section 3 (PryScraper) for dual license
- Update AGENTS.md: license line in header + new rule 8 (PRs touching BSL rejected)
- Update pyproject.toml: license = "MIT AND BSL-1.1" + classifiers + license-files
- Update DECISIONS.md index with ADR-0002
- Update STATUS.md (2026-07-03) and PLAN.md sprint goals

Refs: ADR-0002
2026-07-02 19:49:21 +02:00

1.7 KiB

//: # (Copyright (c) 2026 Rug Munch Media LLC)

DEPLOYMENT.md — PryScraper

How to deploy. Build, push, restart, rollback.

Architecture

  • Container: Docker
  • Image registry: local (Talos)
  • Orchestration: docker-compose on Talos
  • Reverse proxy: nginx on Talos
  • Auto-deploy: forgejo webhook → Talos deploy script

Deploy

Automatic (CI/CD)

On merge to main:

  1. forgejo webhook fires
  2. Talos deploy script pulls latest commit
  3. Rebuilds Docker image
  4. Stops old container, starts new
  5. Runs health check
  6. Rolls back on failure

Manual

ssh netcup
cd /srv/pryscraper
git pull origin main
docker build -t pryscraper:latest .
docker stop pryscraper
docker rm pryscraper
docker run -d --name pryscraper --restart unless-stopped --network host -p 8005:8005 pryscraper:latest

Health Check

curl -fsS http://localhost:8005/health

Rollback

ssh netcup
cd /srv/pryscraper
git log --oneline -5   # find last good commit
git checkout <commit-hash>
docker build -t pryscraper:latest .
docker restart pryscraper

Logs

docker logs pryscraper --tail 100 -f

Monitoring

  • Prometheus: /metrics endpoint
  • Grafana: dashboards in fleet-infra
  • Loki: log aggregation

Secrets

All secrets in gopass:

  • rmi/pryscraper/admin_key
  • rmi/pryscraper/db_password
  • see AGENTS.md for full list

Loaded via docker --env-file or systemd EnvironmentFile.

Firewall

  • Public: 80, 443 (nginx)
  • Internal: 8005 (localhost only, behind nginx)
  • Tailscale: 8005 for admin access

Backup

  • Code: forgejo (source of truth) + Hydra bare mirror (daily 04:00)
  • Data: DB snapshot to R2 (daily)
  • Config: gopass