oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions 21 Packages Projects Releases Wiki Activity

Standardize config files: use blockchain.env and node.env instead of .env
Some checks failed
Cross-Node Transaction Testing / transaction-test (push) Has been cancelled
Details
Deploy to Testnet / deploy-testnet (push) Has been cancelled
Details
Multi-Node Stress Testing / stress-test (push) Has been cancelled
Details
Security Scanning / security-scan (push) Has been cancelled
Details
CLI Tests / test-cli (push) Has been cancelled
Details
Documentation Validation / validate-docs (push) Failing after 11s
Details
Documentation Validation / validate-policies-strict (push) Successful in 4s
Details

Browse Source 
- Update CLI config to load from /etc/aitbc/blockchain.env
- Update operational-features.md documentation
- Update setup.sh to create/use blockchain.env
- Update utility scripts (setup-credentials, migrate_secrets, generate_unique_node_ids, chain_regen_node, load-keystore-secrets)
- Update workflow scripts (01_preflight_setup, hermes preflight setups)
- Maintain backward compatibility for existing deployments
This commit is contained in:
aitbc
2026-05-26 15:53:04 +02:00
parent 60ea1f91aa
commit 27312dcf2a
11 changed files with 49 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cli/aitbc_cli/config.py
View File

@@ -14,7 +14,7 @@ class CLIConfig(BaseAITBCConfig):
"""CLI-specific configuration inheriting from shared BaseAITBCConfig""" """CLI-specific configuration inheriting from shared BaseAITBCConfig"""
model_config = SettingsConfigDict( model_config = SettingsConfigDict(
env_file=str(Path("/etc/aitbc/.env")), env_file=str(Path("/etc/aitbc/blockchain.env")),
env_file_encoding="utf-8", env_file_encoding="utf-8",
case_sensitive=False, case_sensitive=False,
extra="ignore" extra="ignore"

10
docs/blockchain/operational-features.md
View File

@@ -12,7 +12,7 @@ Automatic bulk sync is implemented in the blockchain node to automatically detec
### Configuration ### Configuration
Configuration parameters in `/etc/aitbc/.env`: Configuration parameters in `/etc/aitbc/blockchain.env`:
| Parameter | Default | Description | | Parameter | Default | Description |
|-----------|---------|-------------| |-----------|---------|-------------|
@@ -25,10 +25,10 @@ Configuration parameters in `/etc/aitbc/.env`:
To enable on a node: To enable on a node:
1. Add `auto_sync_enabled=true` to `/etc/aitbc/.env` 1. Add `auto_sync_enabled=true` to `/etc/aitbc/blockchain.env`
2. Restart the blockchain node service: 2. Restart the blockchain node service:
```bash ```bash
sudo systemctl restart aitbc-blockchain-node.service sudo systemctl restart aitbc-blockchain-p2p.service
``` ```
### Sync Triggers ### Sync Triggers
@@ -189,10 +189,10 @@ Content-Type: application/json
**Symptoms**: Block gaps not detected or sync not starting. **Symptoms**: Block gaps not detected or sync not starting.
**Solutions**: **Solutions**:
- Verify `auto_sync_enabled=true` in `/etc/aitbc/.env` - Verify `auto_sync_enabled=true` in `/etc/aitbc/blockchain.env`
- Check `auto_sync_threshold` is appropriate for your network - Check `auto_sync_threshold` is appropriate for your network
- Verify blockchain node service is running - Verify blockchain node service is running
- Check logs: `journalctl -u aitbc-blockchain-node.service -f` - Check logs: `journalctl -u aitbc-blockchain-p2p.service -f`
### Force Sync Failing ### Force Sync Failing

38
scripts/setup.sh
View File

@@ -293,19 +293,19 @@ setup_node_identities() {
local key="$1" local key="$1"
local value="$2" local value="$2"
if grep -q "^${key}=" /etc/aitbc/.env; then if grep -q "^${key}=" /etc/aitbc/blockchain.env; then
sed -i "s|^${key}=.*|${key}=${value}|g" /etc/aitbc/.env sed -i "s|^${key}=.*|${key}=${value}|g" /etc/aitbc/blockchain.env
else else
echo "${key}=${value}" >> /etc/aitbc/.env echo "${key}=${value}" >> /etc/aitbc/blockchain.env
fi fi
} }
# Generate unique proposer_id if not already set in /etc/aitbc/.env # Generate unique proposer_id if not already set in /etc/aitbc/blockchain.env
if [ ! -f "/etc/aitbc/.env" ]; then if [ ! -f "/etc/aitbc/blockchain.env" ]; then
log "/etc/aitbc/.env does not exist, creating with unique IDs..." log "/etc/aitbc/blockchain.env does not exist, creating with unique IDs..."
PROPOSER_ID="ait1$(generate_uuid | tr -d '-')" PROPOSER_ID="ait1$(generate_uuid | tr -d '-')"
P2P_NODE_ID="node-$(generate_uuid | tr -d '-')" P2P_NODE_ID="node-$(generate_uuid | tr -d '-')"
cat > /etc/aitbc/.env << EOF cat > /etc/aitbc/blockchain.env << EOF
# AITBC Blockchain Configuration # AITBC Blockchain Configuration
# Auto-generated unique node identities # Auto-generated unique node identities
proposer_id=$PROPOSER_ID proposer_id=$PROPOSER_ID
@@ -314,15 +314,15 @@ gossip_backend=broadcast
gossip_broadcast_url=redis://localhost:6379 gossip_broadcast_url=redis://localhost:6379
default_peer_rpc_url=http://127.0.0.1:8006 default_peer_rpc_url=http://127.0.0.1:8006
EOF EOF
log "Created /etc/aitbc/.env with unique IDs" log "Created /etc/aitbc/blockchain.env with unique IDs"
else else
# Check if proposer_id exists, if not add it # Check if proposer_id exists, if not add it
if ! grep -q "^proposer_id=" /etc/aitbc/.env; then if ! grep -q "^proposer_id=" /etc/aitbc/blockchain.env; then
PROPOSER_ID="ait1$(generate_uuid | tr -d '-')" PROPOSER_ID="ait1$(generate_uuid | tr -d '-')"
set_env proposer_id "$PROPOSER_ID" set_env proposer_id "$PROPOSER_ID"
log "Added unique proposer_id to /etc/aitbc/.env" log "Added unique proposer_id to /etc/aitbc/blockchain.env"
else else
log "proposer_id already exists in /etc/aitbc/.env" log "proposer_id already exists in /etc/aitbc/blockchain.env"
fi fi
fi fi
@@ -405,13 +405,13 @@ setup_credentials() {
log "Keystore password already exists" log "Keystore password already exists"
fi fi
# Copy proposer_id from .env to credentials # Copy proposer_id from blockchain.env to credentials
if [ -f "/etc/aitbc/.env" ] && grep -q "^proposer_id=" /etc/aitbc/.env; then if [ -f "/etc/aitbc/blockchain.env" ] && grep -q "^proposer_id=" /etc/aitbc/blockchain.env; then
grep "^proposer_id=" /etc/aitbc/.env | cut -d'=' -f2 > /etc/aitbc/credentials/proposer_id grep "^proposer_id=" /etc/aitbc/blockchain.env | cut -d'=' -f2 > /etc/aitbc/credentials/proposer_id
chmod 600 /etc/aitbc/credentials/proposer_id chmod 600 /etc/aitbc/credentials/proposer_id
log "Copied proposer_id to credentials" log "Copied proposer_id to credentials"
else else
log "No proposer_id found in /etc/aitbc/.env, generating random ID" log "No proposer_id found in /etc/aitbc/blockchain.env, generating random ID"
if python3 -c "import secrets; print(secrets.token_hex(16))" > /etc/aitbc/credentials/proposer_id 2>/dev/null; then if python3 -c "import secrets; print(secrets.token_hex(16))" > /etc/aitbc/credentials/proposer_id 2>/dev/null; then
chmod 600 /etc/aitbc/credentials/proposer_id chmod 600 /etc/aitbc/credentials/proposer_id
log "Generated random proposer_id" log "Generated random proposer_id"
@@ -423,10 +423,10 @@ setup_credentials() {
fi fi
fi fi
# Add API_KEY_HASH_SECRET to .env if not present # Add API_KEY_HASH_SECRET to blockchain.env if not present
if [ -f "/etc/aitbc/.env" ] && ! grep -q "^API_KEY_HASH_SECRET=" /etc/aitbc/.env; then if [ -f "/etc/aitbc/blockchain.env" ] && ! grep -q "^API_KEY_HASH_SECRET=" /etc/aitbc/blockchain.env; then
echo "API_KEY_HASH_SECRET=$(cat /etc/aitbc/credentials/api_hash_secret)" >> /etc/aitbc/.env echo "API_KEY_HASH_SECRET=$(cat /etc/aitbc/credentials/api_hash_secret)" >> /etc/aitbc/blockchain.env
log "Added API_KEY_HASH_SECRET to .env" log "Added API_KEY_HASH_SECRET to blockchain.env"
fi fi
# Generate runtime secrets file for systemd services # Generate runtime secrets file for systemd services

2
scripts/utils/chain_regen_node.py
View File

@@ -32,7 +32,7 @@ from aitbc_chain.state.merkle_patricia_trie import StateManager
SERVICE_NAME = "aitbc-blockchain-node.service" SERVICE_NAME = "aitbc-blockchain-node.service"
DATA_ROOT = Path("/var/lib/aitbc/data") DATA_ROOT = Path("/var/lib/aitbc/data")
BACKUP_ROOT = Path("/var/lib/aitbc/backups/mpt-regeneration") BACKUP_ROOT = Path("/var/lib/aitbc/backups/mpt-regeneration")
ENV_FILES = [Path("/etc/aitbc/.env"), Path("/etc/aitbc/node.env")] ENV_FILES = [Path("/etc/aitbc/blockchain.env"), Path("/etc/aitbc/node.env")]
def _run(command: list[str], check: bool = False) -> subprocess.CompletedProcess[str]: def _run(command: list[str], check: bool = False) -> subprocess.CompletedProcess[str]:

8
scripts/utils/generate_unique_node_ids.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
""" """
Utility script to generate and set unique node IDs for AITBC nodes. Utility script to generate and set unique node IDs for AITBC nodes.
This script updates /etc/aitbc/.env and /etc/aitbc/node.env with unique UUID-based IDs. This script updates /etc/aitbc/blockchain.env and /etc/aitbc/node.env with unique UUID-based IDs.
""" """
import uuid import uuid
@@ -77,7 +77,7 @@ def main():
print("=== AITBC Unique Node ID Generator ===\n") print("=== AITBC Unique Node ID Generator ===\n")
# Paths # Paths
env_path = Path("/etc/aitbc/.env") env_path = Path("/etc/aitbc/blockchain.env")
node_env_path = Path("/etc/aitbc/node.env") node_env_path = Path("/etc/aitbc/node.env")
# Check if running as root # Check if running as root
@@ -92,8 +92,8 @@ def main():
print(f"Generated proposer_id: {proposer_id}") print(f"Generated proposer_id: {proposer_id}")
print(f"Generated p2p_node_id: {p2p_node_id}\n") print(f"Generated p2p_node_id: {p2p_node_id}\n")
# Update /etc/aitbc/.env with proposer_id # Update /etc/aitbc/blockchain.env with proposer_id
print("Updating /etc/aitbc/.env...") print("Updating /etc/aitbc/blockchain.env...")
env_modified = update_env_file(env_path, "proposer_id", proposer_id, preserve_existing=True) env_modified = update_env_file(env_path, "proposer_id", proposer_id, preserve_existing=True)
# Update /etc/aitbc/node.env with p2p_node_id # Update /etc/aitbc/node.env with p2p_node_id

6
scripts/utils/load-keystore-secrets.sh
View File

@@ -34,10 +34,10 @@ for db_user in aitbc_user aitbc_marketplace aitbc_governance aitbc_trading aitbc
fi fi
done done
# Add non-sensitive config from main .env # Add non-sensitive config from main blockchain.env
if [ -f "/etc/aitbc/.env" ]; then if [ -f "/etc/aitbc/blockchain.env" ]; then
# Skip lines that are comments or contain migrated secrets # Skip lines that are comments or contain migrated secrets
grep -v '^#' /etc/aitbc/.env | grep -v 'API_KEY_HASH_SECRET' | grep -v 'proposer_id' >> "$ENV_FILE" || true grep -v '^#' /etc/aitbc/blockchain.env | grep -v 'API_KEY_HASH_SECRET' | grep -v 'proposer_id' >> "$ENV_FILE" || true
fi fi
chmod 600 "$ENV_FILE" chmod 600 "$ENV_FILE"

2
scripts/utils/migrate_secrets_to_keystore.py
View File

@@ -22,7 +22,7 @@ def encrypt_secret(plaintext: str, encryption_password: str) -> bytes:
return salt + nonce + ciphertext return salt + nonce + ciphertext
def main(): def main():
env_file = Path('/etc/aitbc/.env') env_file = Path('/etc/aitbc/blockchain.env')
keystore_config_dir = Path('/var/lib/aitbc/keystore/config') keystore_config_dir = Path('/var/lib/aitbc/keystore/config')
keystore_passwords_dir = Path('/var/lib/aitbc/keystore/passwords') keystore_passwords_dir = Path('/var/lib/aitbc/keystore/passwords')

2
scripts/utils/setup-credentials.py
View File

@@ -14,7 +14,7 @@ def main():
credentials_dir.mkdir(parents=True, exist_ok=True) credentials_dir.mkdir(parents=True, exist_ok=True)
os.chmod(credentials_dir, 0o700) os.chmod(credentials_dir, 0o700)
env_file = Path('/etc/aitbc/.env') env_file = Path('/etc/aitbc/blockchain.env')
# Read current .env values # Read current .env values
env_vars = {} env_vars = {}

8
scripts/workflow-hermes/01_preflight_setup_hermes.sh
View File

@@ -68,9 +68,9 @@ echo "4. Updating systemd configurations via hermes agents..."
hermes execute --agent GenesisAgent --task update_systemd_config || { hermes execute --agent GenesisAgent --task update_systemd_config || {
echo "⚠️ hermes config update failed - using manual method" echo "⚠️ hermes config update failed - using manual method"
# Update main service files # Update main service files
sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/.env|g' /opt/aitbc/systemd/aitbc-blockchain-*.service sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/blockchain.env|g' /opt/aitbc/systemd/aitbc-blockchain-*.service
# Update drop-in configs # Update drop-in configs
find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "10-central-env.conf" -exec sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/.env|g' {} \; 2>/dev/null || true find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "10-central-env.conf" -exec sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/blockchain.env|g' {} \; 2>/dev/null || true
# Fix override configs (wrong venv paths) # Fix override configs (wrong venv paths)
find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "override.conf" -exec sed -i 's|/opt/aitbc/apps/blockchain-node/.venv/bin/python3|/opt/aitbc/venv/bin/python3|g' {} \; 2>/dev/null || true find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "override.conf" -exec sed -i 's|/opt/aitbc/apps/blockchain-node/.venv/bin/python3|/opt/aitbc/venv/bin/python3|g' {} \; 2>/dev/null || true
systemctl daemon-reload systemctl daemon-reload
@@ -80,8 +80,8 @@ hermes execute --agent GenesisAgent --task update_systemd_config || {
echo "5. Setting up central configuration via hermes agents..." echo "5. Setting up central configuration via hermes agents..."
hermes execute --agent CoordinatorAgent --task setup_central_config || { hermes execute --agent CoordinatorAgent --task setup_central_config || {
echo "⚠️ hermes config setup failed - using manual method" echo "⚠️ hermes config setup failed - using manual method"
cp /opt/aitbc/.env /etc/aitbc/.env.backup 2>/dev/null || true cp /opt/aitbc/.env /etc/aitbc/blockchain.env.backup 2>/dev/null || true
mv /opt/aitbc/.env /etc/aitbc/.env 2>/dev/null || true mv /opt/aitbc/.env /etc/aitbc/blockchain.env 2>/dev/null || true
} }
# 6. Setup AITBC CLI tool (via hermes) # 6. Setup AITBC CLI tool (via hermes)

8
scripts/workflow-hermes/01_preflight_setup_hermes_simple.sh
View File

@@ -39,17 +39,17 @@ systemctl stop aitbc-blockchain-* 2>/dev/null || echo "No services to stop"
# 4. Update systemd configurations # 4. Update systemd configurations
echo "4. Updating systemd configurations..." echo "4. Updating systemd configurations..."
# Update main service files # Update main service files
sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/.env|g' /opt/aitbc/systemd/aitbc-blockchain-*.service sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/blockchain.env|g' /opt/aitbc/systemd/aitbc-blockchain-*.service
# Update drop-in configs # Update drop-in configs
find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "10-central-env.conf" -exec sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/.env|g' {} \; 2>/dev/null || true find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "10-central-env.conf" -exec sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/blockchain.env|g' {} \; 2>/dev/null || true
# Fix override configs (wrong venv paths) # Fix override configs (wrong venv paths)
find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "override.conf" -exec sed -i 's|/opt/aitbc/apps/blockchain-node/.venv/bin/python3|/opt/aitbc/venv/bin/python3|g' {} \; 2>/dev/null || true find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "override.conf" -exec sed -i 's|/opt/aitbc/apps/blockchain-node/.venv/bin/python3|/opt/aitbc/venv/bin/python3|g' {} \; 2>/dev/null || true
systemctl daemon-reload systemctl daemon-reload
# 5. Setup central configuration file # 5. Setup central configuration file
echo "5. Setting up central configuration file..." echo "5. Setting up central configuration file..."
cp /opt/aitbc/.env /etc/aitbc/.env.backup 2>/dev/null || true cp /opt/aitbc/.env /etc/aitbc/blockchain.env.backup 2>/dev/null || true
mv /opt/aitbc/.env /etc/aitbc/.env 2>/dev/null || true mv /opt/aitbc/.env /etc/aitbc/blockchain.env 2>/dev/null || true
# 6. Setup AITBC CLI tool # 6. Setup AITBC CLI tool
echo "6. Setting up AITBC CLI tool..." echo "6. Setting up AITBC CLI tool..."

12
scripts/workflow/01_preflight_setup.sh
View File

@@ -13,18 +13,18 @@ systemctl stop aitbc-blockchain-* 2>/dev/null || true
# 2. Update ALL systemd configurations (main files + drop-ins + overrides) # 2. Update ALL systemd configurations (main files + drop-ins + overrides)
echo "2. Updating systemd configurations..." echo "2. Updating systemd configurations..."
# Update main service files # Update main service files
sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/.env|g' /opt/aitbc/systemd/aitbc-blockchain-*.service sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/blockchain.env|g' /opt/aitbc/systemd/aitbc-blockchain-*.service
# Update drop-in configs # Update drop-in configs
find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "10-central-env.conf" -exec sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/.env|g' {} \; 2>/dev/null || true find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "10-central-env.conf" -exec sed -i 's|EnvironmentFile=/opt/aitbc/.env|EnvironmentFile=/etc/aitbc/blockchain.env|g' {} \; 2>/dev/null || true
# Fix override configs (wrong venv paths) # Fix override configs (wrong venv paths)
find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "override.conf" -exec sed -i 's|/opt/aitbc/apps/blockchain-node/.venv/bin/python3|/opt/aitbc/venv/bin/python3|g' {} \; 2>/dev/null || true find /etc/systemd/system/aitbc-blockchain-*.service.d/ -name "override.conf" -exec sed -i 's|/opt/aitbc/apps/blockchain-node/.venv/bin/python3|/opt/aitbc/venv/bin/python3|g' {} \; 2>/dev/null || true
systemctl daemon-reload systemctl daemon-reload
# 3. Create central configuration file # 3. Create central configuration file
echo "3. Setting up central configuration file..." echo "3. Setting up central configuration file..."
cp /opt/aitbc/.env /etc/aitbc/.env.backup 2>/dev/null || true cp /opt/aitbc/.env /etc/aitbc/blockchain.env.backup 2>/dev/null || true
# Ensure .env is in the correct location (already should be) # Ensure blockchain.env is in the correct location
mv /opt/aitbc/.env /etc/aitbc/.env 2>/dev/null || true mv /opt/aitbc/.env /etc/aitbc/blockchain.env 2>/dev/null || true
# 4. Setup AITBC CLI tool # 4. Setup AITBC CLI tool
echo "4. Setting up AITBC CLI tool..." echo "4. Setting up AITBC CLI tool..."
@@ -48,7 +48,7 @@ chmod 600 /var/lib/aitbc/keystore/.password
# 7. Verify setup # 7. Verify setup
echo "7. Verifying setup..." echo "7. Verifying setup..."
aitbc --help 2>/dev/null || echo "CLI available but limited commands" aitbc --help 2>/dev/null || echo "CLI available but limited commands"
ls -la /etc/aitbc/.env ls -la /etc/aitbc/blockchain.env
echo "✅ Pre-flight setup completed successfully!" echo "✅ Pre-flight setup completed successfully!"
echo "System is ready for multi-node blockchain deployment." echo "System is ready for multi-node blockchain deployment."