Standardize config files: use blockchain.env and node.env instead of .env

- Update CLI config to load from /etc/aitbc/blockchain.env - Update operational-features.md documentation - Update setup.sh to create/use blockchain.env - Update utility scripts (setup-credentials, migrate_secrets, generate_unique_node_ids, chain_regen_node, load-keystore-secrets) - Update workflow scripts (01_preflight_setup, hermes preflight setups) - Maintain backward compatibility for existing deployments
2026-05-26 15:53:04 +02:00
parent 60ea1f91aa
commit 27312dcf2a
11 changed files with 49 additions and 49 deletions
--- a/cli/aitbc_cli/config.py
+++ b/cli/aitbc_cli/config.py
@@ -14,7 +14,7 @@ class CLIConfig(BaseAITBCConfig):
    """CLI-specific configuration inheriting from shared BaseAITBCConfig"""
    
    model_config = SettingsConfigDict(
-        env_file=str(Path("/etc/aitbc/.env")),
+        env_file=str(Path("/etc/aitbc/blockchain.env")),
        env_file_encoding="utf-8",
        case_sensitive=False,
        extra="ignore"
--- a/docs/blockchain/operational-features.md
+++ b/docs/blockchain/operational-features.md
@@ -12,7 +12,7 @@ Automatic bulk sync is implemented in the blockchain node to automatically detec

 ### Configuration

-Configuration parameters in `/etc/aitbc/.env`:
+Configuration parameters in `/etc/aitbc/blockchain.env`:

 | Parameter | Default | Description |
 |-----------|---------|-------------|
@@ -25,10 +25,10 @@ Configuration parameters in `/etc/aitbc/.env`:

 To enable on a node:

-1. Add `auto_sync_enabled=true` to `/etc/aitbc/.env`
+1. Add `auto_sync_enabled=true` to `/etc/aitbc/blockchain.env`
 2. Restart the blockchain node service:
   ```bash
-   sudo systemctl restart aitbc-blockchain-node.service
+   sudo systemctl restart aitbc-blockchain-p2p.service
   ```

 ### Sync Triggers
@@ -189,10 +189,10 @@ Content-Type: application/json
 **Symptoms**: Block gaps not detected or sync not starting.

 **Solutions**:
- Verify `auto_sync_enabled=true` in `/etc/aitbc/.env`
+- Verify `auto_sync_enabled=true` in `/etc/aitbc/blockchain.env`
 - Check `auto_sync_threshold` is appropriate for your network
 - Verify blockchain node service is running
- Check logs: `journalctl -u aitbc-blockchain-node.service -f`
+- Check logs: `journalctl -u aitbc-blockchain-p2p.service -f`

 ### Force Sync Failing

--- a/scripts/setup.sh
+++ b/scripts/setup.sh
@@ -293,19 +293,19 @@ setup_node_identities() {
        local key="$1"
        local value="$2"

-        if grep -q "^${key}=" /etc/aitbc/.env; then
-            sed -i "s|^${key}=.*|${key}=${value}|g" /etc/aitbc/.env
+        if grep -q "^${key}=" /etc/aitbc/blockchain.env; then
+            sed -i "s|^${key}=.*|${key}=${value}|g" /etc/aitbc/blockchain.env
        else
-            echo "${key}=${value}" >> /etc/aitbc/.env
+            echo "${key}=${value}" >> /etc/aitbc/blockchain.env
        fi
    }

-    # Generate unique proposer_id if not already set in /etc/aitbc/.env
-    if [ ! -f "/etc/aitbc/.env" ]; then
-        log "/etc/aitbc/.env does not exist, creating with unique IDs..."
+    # Generate unique proposer_id if not already set in /etc/aitbc/blockchain.env
+    if [ ! -f "/etc/aitbc/blockchain.env" ]; then
+        log "/etc/aitbc/blockchain.env does not exist, creating with unique IDs..."
        PROPOSER_ID="ait1$(generate_uuid | tr -d '-')"
        P2P_NODE_ID="node-$(generate_uuid | tr -d '-')"
-        cat > /etc/aitbc/.env << EOF
+        cat > /etc/aitbc/blockchain.env << EOF
 # AITBC Blockchain Configuration
 # Auto-generated unique node identities
 proposer_id=$PROPOSER_ID
@@ -314,15 +314,15 @@ gossip_backend=broadcast
 gossip_broadcast_url=redis://localhost:6379
 default_peer_rpc_url=http://127.0.0.1:8006
 EOF
-        log "Created /etc/aitbc/.env with unique IDs"
+        log "Created /etc/aitbc/blockchain.env with unique IDs"
    else
        # Check if proposer_id exists, if not add it
-        if ! grep -q "^proposer_id=" /etc/aitbc/.env; then
+        if ! grep -q "^proposer_id=" /etc/aitbc/blockchain.env; then
            PROPOSER_ID="ait1$(generate_uuid | tr -d '-')"
            set_env proposer_id "$PROPOSER_ID"
-            log "Added unique proposer_id to /etc/aitbc/.env"
+            log "Added unique proposer_id to /etc/aitbc/blockchain.env"
        else
-            log "proposer_id already exists in /etc/aitbc/.env"
+            log "proposer_id already exists in /etc/aitbc/blockchain.env"
        fi
    fi

@@ -405,13 +405,13 @@ setup_credentials() {
        log "Keystore password already exists"
    fi

-    # Copy proposer_id from .env to credentials
-    if [ -f "/etc/aitbc/.env" ] && grep -q "^proposer_id=" /etc/aitbc/.env; then
-        grep "^proposer_id=" /etc/aitbc/.env | cut -d'=' -f2 > /etc/aitbc/credentials/proposer_id
+    # Copy proposer_id from blockchain.env to credentials
+    if [ -f "/etc/aitbc/blockchain.env" ] && grep -q "^proposer_id=" /etc/aitbc/blockchain.env; then
+        grep "^proposer_id=" /etc/aitbc/blockchain.env | cut -d'=' -f2 > /etc/aitbc/credentials/proposer_id
        chmod 600 /etc/aitbc/credentials/proposer_id
        log "Copied proposer_id to credentials"
    else
-        log "No proposer_id found in /etc/aitbc/.env, generating random ID"
+        log "No proposer_id found in /etc/aitbc/blockchain.env, generating random ID"
        if python3 -c "import secrets; print(secrets.token_hex(16))" > /etc/aitbc/credentials/proposer_id 2>/dev/null; then
            chmod 600 /etc/aitbc/credentials/proposer_id
            log "Generated random proposer_id"
@@ -423,10 +423,10 @@ setup_credentials() {
        fi
    fi

-    # Add API_KEY_HASH_SECRET to .env if not present
-    if [ -f "/etc/aitbc/.env" ] && ! grep -q "^API_KEY_HASH_SECRET=" /etc/aitbc/.env; then
-        echo "API_KEY_HASH_SECRET=$(cat /etc/aitbc/credentials/api_hash_secret)" >> /etc/aitbc/.env
-        log "Added API_KEY_HASH_SECRET to .env"
+    # Add API_KEY_HASH_SECRET to blockchain.env if not present
+    if [ -f "/etc/aitbc/blockchain.env" ] && ! grep -q "^API_KEY_HASH_SECRET=" /etc/aitbc/blockchain.env; then
+        echo "API_KEY_HASH_SECRET=$(cat /etc/aitbc/credentials/api_hash_secret)" >> /etc/aitbc/blockchain.env
+        log "Added API_KEY_HASH_SECRET to blockchain.env"
    fi

    # Generate runtime secrets file for systemd services
--- a/scripts/utils/chain_regen_node.py
+++ b/scripts/utils/chain_regen_node.py
@@ -32,7 +32,7 @@ from aitbc_chain.state.merkle_patricia_trie import StateManager
 SERVICE_NAME = "aitbc-blockchain-node.service"
 DATA_ROOT = Path("/var/lib/aitbc/data")
 BACKUP_ROOT = Path("/var/lib/aitbc/backups/mpt-regeneration")
-ENV_FILES = [Path("/etc/aitbc/.env"), Path("/etc/aitbc/node.env")]
+ENV_FILES = [Path("/etc/aitbc/blockchain.env"), Path("/etc/aitbc/node.env")]


 def _run(command: list[str], check: bool = False) -> subprocess.CompletedProcess[str]:
--- a/scripts/utils/generate_unique_node_ids.py
+++ b/scripts/utils/generate_unique_node_ids.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 """
 Utility script to generate and set unique node IDs for AITBC nodes.
-This script updates /etc/aitbc/.env and /etc/aitbc/node.env with unique UUID-based IDs.
+This script updates /etc/aitbc/blockchain.env and /etc/aitbc/node.env with unique UUID-based IDs.
 """

 import uuid
@@ -77,7 +77,7 @@ def main():
    print("=== AITBC Unique Node ID Generator ===\n")
    
    # Paths
-    env_path = Path("/etc/aitbc/.env")
+    env_path = Path("/etc/aitbc/blockchain.env")
    node_env_path = Path("/etc/aitbc/node.env")
    
    # Check if running as root
@@ -92,8 +92,8 @@ def main():
    print(f"Generated proposer_id: {proposer_id}")
    print(f"Generated p2p_node_id: {p2p_node_id}\n")
    
-    # Update /etc/aitbc/.env with proposer_id
-    print("Updating /etc/aitbc/.env...")
+    # Update /etc/aitbc/blockchain.env with proposer_id
+    print("Updating /etc/aitbc/blockchain.env...")
    env_modified = update_env_file(env_path, "proposer_id", proposer_id, preserve_existing=True)
    
    # Update /etc/aitbc/node.env with p2p_node_id
--- a/scripts/utils/load-keystore-secrets.sh
+++ b/scripts/utils/load-keystore-secrets.sh
@@ -34,10 +34,10 @@ for db_user in aitbc_user aitbc_marketplace aitbc_governance aitbc_trading aitbc
    fi
 done

-# Add non-sensitive config from main .env
-if [ -f "/etc/aitbc/.env" ]; then
+# Add non-sensitive config from main blockchain.env
+if [ -f "/etc/aitbc/blockchain.env" ]; then
    # Skip lines that are comments or contain migrated secrets
-    grep -v '^#' /etc/aitbc/.env | grep -v 'API_KEY_HASH_SECRET' | grep -v 'proposer_id' >> "$ENV_FILE" || true
+    grep -v '^#' /etc/aitbc/blockchain.env | grep -v 'API_KEY_HASH_SECRET' | grep -v 'proposer_id' >> "$ENV_FILE" || true
 fi

 chmod 600 "$ENV_FILE"
--- a/scripts/utils/migrate_secrets_to_keystore.py
+++ b/scripts/utils/migrate_secrets_to_keystore.py
@@ -22,7 +22,7 @@ def encrypt_secret(plaintext: str, encryption_password: str) -> bytes:
    return salt + nonce + ciphertext

 def main():
-    env_file = Path('/etc/aitbc/.env')
+    env_file = Path('/etc/aitbc/blockchain.env')
    keystore_config_dir = Path('/var/lib/aitbc/keystore/config')
    keystore_passwords_dir = Path('/var/lib/aitbc/keystore/passwords')

--- a/scripts/utils/setup-credentials.py
+++ b/scripts/utils/setup-credentials.py
@@ -14,7 +14,7 @@ def main():
    credentials_dir.mkdir(parents=True, exist_ok=True)
    os.chmod(credentials_dir, 0o700)

-    env_file = Path('/etc/aitbc/.env')
+    env_file = Path('/etc/aitbc/blockchain.env')

    # Read current .env values
    env_vars = {}
--- a/scripts/workflow-hermes/01_preflight_setup_hermes.sh
+++ b/scripts/workflow-hermes/01_preflight_setup_hermes.sh
@@ -68,9 +68,9 @@ echo "4. Updating systemd configurations via hermes agents..."
 hermes execute --agent GenesisAgent --task update_systemd_config || {
    echo "⚠️ hermes config update failed - using manual method"
    # Update main service files
-    sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/.env|g' /opt/aitbc/systemd/aitbc-blockchain-*.service
+    sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/blockchain.env|g' /opt/aitbc/systemd/aitbc-blockchain-*.service
    # Update drop-in configs
-    find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "10-central-env.conf" -exec sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/.env|g' {} \; 2>/dev/null || true
+    find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "10-central-env.conf" -exec sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/blockchain.env|g' {} \; 2>/dev/null || true
    # Fix override configs (wrong venv paths)
    find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "override.conf" -exec sed -i 's|/opt/aitbc/apps/blockchain-node/.venv/bin/python3|/opt/aitbc/venv/bin/python3|g' {} \; 2>/dev/null || true
    systemctl daemon-reload
@@ -80,8 +80,8 @@ hermes execute --agent GenesisAgent --task update_systemd_config || {
 echo "5. Setting up central configuration via hermes agents..."
 hermes execute --agent CoordinatorAgent --task setup_central_config || {
    echo "⚠️ hermes config setup failed - using manual method"
-    cp /opt/aitbc/.env /etc/aitbc/.env.backup 2>/dev/null || true
-    mv /opt/aitbc/.env /etc/aitbc/.env 2>/dev/null || true
+    cp /opt/aitbc/.env /etc/aitbc/blockchain.env.backup 2>/dev/null || true
+    mv /opt/aitbc/.env /etc/aitbc/blockchain.env 2>/dev/null || true
 }

 # 6. Setup AITBC CLI tool (via hermes)
--- a/scripts/workflow-hermes/01_preflight_setup_hermes_simple.sh
+++ b/scripts/workflow-hermes/01_preflight_setup_hermes_simple.sh
@@ -39,17 +39,17 @@ systemctl stop aitbc-blockchain-* 2>/dev/null || echo "No services to stop"
 # 4. Update systemd configurations
 echo "4. Updating systemd configurations..."
 # Update main service files
-sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/.env|g' /opt/aitbc/systemd/aitbc-blockchain-*.service
+sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/blockchain.env|g' /opt/aitbc/systemd/aitbc-blockchain-*.service
 # Update drop-in configs
-find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "10-central-env.conf" -exec sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/.env|g' {} \; 2>/dev/null || true
+find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "10-central-env.conf" -exec sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/blockchain.env|g' {} \; 2>/dev/null || true
 # Fix override configs (wrong venv paths)
 find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "override.conf" -exec sed -i 's|/opt/aitbc/apps/blockchain-node/.venv/bin/python3|/opt/aitbc/venv/bin/python3|g' {} \; 2>/dev/null || true
 systemctl daemon-reload

 # 5. Setup central configuration file
 echo "5. Setting up central configuration file..."
-cp /opt/aitbc/.env /etc/aitbc/.env.backup 2>/dev/null || true
-mv /opt/aitbc/.env /etc/aitbc/.env 2>/dev/null || true
+cp /opt/aitbc/.env /etc/aitbc/blockchain.env.backup 2>/dev/null || true
+mv /opt/aitbc/.env /etc/aitbc/blockchain.env 2>/dev/null || true

 # 6. Setup AITBC CLI tool
 echo "6. Setting up AITBC CLI tool..."
--- a/scripts/workflow/01_preflight_setup.sh
+++ b/scripts/workflow/01_preflight_setup.sh
@@ -13,18 +13,18 @@ systemctl stop aitbc-blockchain-* 2>/dev/null || true
 # 2. Update ALL systemd configurations (main files + drop-ins + overrides)
 echo "2. Updating systemd configurations..."
 # Update main service files
-sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/.env|g' /opt/aitbc/systemd/aitbc-blockchain-*.service
+sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/blockchain.env|g' /opt/aitbc/systemd/aitbc-blockchain-*.service
 # Update drop-in configs
-find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "10-central-env.conf" -exec sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/.env|g' {} \; 2>/dev/null || true
+find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "10-central-env.conf" -exec sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/blockchain.env|g' {} \; 2>/dev/null || true
 # Fix override configs (wrong venv paths)
 find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "override.conf" -exec sed -i 's|/opt/aitbc/apps/blockchain-node/.venv/bin/python3|/opt/aitbc/venv/bin/python3|g' {} \; 2>/dev/null || true
 systemctl daemon-reload

 # 3. Create central configuration file
 echo "3. Setting up central configuration file..."
-cp /opt/aitbc/.env /etc/aitbc/.env.backup 2>/dev/null || true
-# Ensure .env is in the correct location (already should be)
-mv /opt/aitbc/.env /etc/aitbc/.env 2>/dev/null || true
+cp /opt/aitbc/.env /etc/aitbc/blockchain.env.backup 2>/dev/null || true
+# Ensure blockchain.env is in the correct location
+mv /opt/aitbc/.env /etc/aitbc/blockchain.env 2>/dev/null || true

 # 4. Setup AITBC CLI tool
 echo "4. Setting up AITBC CLI tool..."
@@ -48,7 +48,7 @@ chmod 600 /var/lib/aitbc/keystore/.password
 # 7. Verify setup
 echo "7. Verifying setup..."
 aitbc --help 2>/dev/null || echo "CLI available but limited commands"
-ls -la /etc/aitbc/.env
+ls -la /etc/aitbc/blockchain.env

 echo "✅ Pre-flight setup completed successfully!"
 echo "System is ready for multi-node blockchain deployment."