From 2a0bca6d984f62515a0b66a8ad2daa242363a165 Mon Sep 17 00:00:00 2001 From: aitbc Date: Tue, 26 May 2026 10:28:26 +0200 Subject: [PATCH] feat: add runtime secrets generation to setup_credentials - Added call to load-keystore-secrets.sh in setup_credentials function - Generates /run/aitbc/secrets/.env during setup - Required by blockchain-node and blockchain-rpc systemd services - Added error handling if secrets generation fails - Prevents service startup failures due to missing runtime secrets - Fixes hermes setup stumble where services failed to start --- scripts/setup.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/scripts/setup.sh b/scripts/setup.sh index a0100da4..791fb96d 100755 --- a/scripts/setup.sh +++ b/scripts/setup.sh @@ -386,6 +386,17 @@ setup_credentials() { log "Added API_KEY_HASH_SECRET to .env" fi + # Generate runtime secrets file for systemd services + log "Generating runtime secrets file..." + if [ -f "/opt/aitbc/scripts/utils/load-keystore-secrets.sh" ]; then + /opt/aitbc/scripts/utils/load-keystore-secrets.sh || { + warning "Failed to generate runtime secrets file" + warning "Services may fail to start without /run/aitbc/secrets/.env" + } + else + warning "load-keystore-secrets.sh not found, skipping runtime secrets generation" + fi + success "Secure credentials setup completed" }