🚨 URGENT: Bossgame P6 Production Setup — Coolify + Cloudflare Tunnel + Ollama

[HeadyMe]

Priority: CRITICAL — Meeting Tomorrow

Depends on: #1

Objective

Configure Bossgame P6 (Ryzen 9 6900HX, 32GB, 1TB NVMe) as the primary production server replacing all Render.com services.

---

Step 1: Install Coolify (5 min)

curl -fsSL https://cdn.coollabs.io/coolify/install.sh | bash

• Web dashboard at port 8000
• Connect to HeadySystems GitHub org
• Enable auto-deploy on push for HeadySystems/Heady

Step 2: Install Cloudflare Tunnel (15 min)

curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared
chmod +x /usr/local/bin/cloudflared
cloudflared login
cloudflared tunnel create heady-nexus

Create ~/.cloudflared/config.yml:

tunnel: heady-nexus
credentials-file: /root/.cloudflared/<TUNNEL-UUID>.json

ingress:
  - hostname: app.headysystems.com
    service: http://localhost:3300
  - hostname: api.headysystems.com
    service: http://localhost:3300
  - hostname: coolify.headysystems.com
    service: http://localhost:8000
  - hostname: app.headyconnection.org
    service: http://localhost:3301
  - hostname: api.headyconnection.org
    service: http://localhost:3301
  - hostname: app.headybuddy.org
    service: http://localhost:3400
  - hostname: api.headymcp.com
    service: http://localhost:3500
  - hostname: api.headyio.com
    service: http://localhost:3600
  - hostname: app.headyme.com
    service: http://localhost:3700
  - hostname: app.headybot.com
    service: http://localhost:3800
  - service: http_status:404

Route DNS + install as service:

cloudflared tunnel route dns heady-nexus app.headysystems.com
cloudflared tunnel route dns heady-nexus api.headysystems.com
cloudflared tunnel route dns heady-nexus coolify.headysystems.com
cloudflared tunnel route dns heady-nexus app.headyconnection.org
cloudflared tunnel route dns heady-nexus api.headyconnection.org
cloudflared tunnel route dns heady-nexus app.headybuddy.org
cloudflared tunnel route dns heady-nexus api.headymcp.com
cloudflared tunnel route dns heady-nexus api.headyio.com
cloudflared tunnel route dns heady-nexus app.headyme.com
cloudflared tunnel route dns heady-nexus app.headybot.com
cloudflared service install
systemctl enable cloudflared
systemctl start cloudflared

Step 3: Install Ollama (20 min)

curl -fsSL https://ollama.com/install.sh | sh
ollama pull llama3.1:8b
ollama pull codellama:13b
ollama pull nomic-embed-text
ollama pull mistral:7b

Step 4: Deploy heady-manager via Coolify

• Import HeadySystems/Heady repo
• Set build pack: Dockerfile or Nixpacks
• Set environment variables (DATABASE_URL, HEADY_API_KEY, ANTHROPIC_API_KEY, etc.)
• Deploy to port 3300
• Verify: curl https://api.headysystems.com/api/health

Step 5: Deploy PostgreSQL + Redis via Coolify

• One-click PostgreSQL 16 with pgvector
• One-click Redis 7
• Update DATABASE_URL to point to local PostgreSQL
• Migrate data from Render PostgreSQL

Step 6: Hardening

• UPS connected
• BIOS: Power On after AC Loss = Enabled
• unattended-upgrades enabled
• Tailscale installed for emergency remote SSH
• Daily pg_dump cron to Cloudflare R2
• Uptime Kuma monitoring all endpoints

Resource Allocation

Service	CPU	RAM
heady-manager	2 cores	2GB
PostgreSQL + pgvector	1 core	4GB
Redis	0.5 core	1GB
Ollama (local LLMs)	4 cores	16GB
Coolify + Traefik	1 core	2GB
HeadyBuddy widget	0.5 core	1GB
cloudflared	0.25 core	256MB
Reserve	0.75 core	5.7GB

Acceptance Criteria

• curl https://api.headysystems.com/api/health returns {ok: true}
• Coolify dashboard accessible at coolify.headysystems.com
• All tunnel routes verified
• Ollama responding to inference requests
• Render.com services can be decommissioned