oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions 21 Packages Projects Releases Wiki Activity

ci: standardize pytest invocation and add security scanning
Some checks failed
Blockchain Synchronization Verification / sync-verification (push) Failing after 8s
Details
CLI Tests / test-cli (push) Successful in 10s
Details
Contract Performance Benchmarks / benchmark-gas-usage (push) Successful in 1m22s
Details
Contract Performance Benchmarks / benchmark-execution-time (push) Successful in 1m11s
Details
Contract Performance Benchmarks / benchmark-throughput (push) Successful in 1m13s
Details
Cross-Chain Functionality Tests / test-cross-chain-sync (push) Failing after 5s
Details
Cross-Chain Functionality Tests / test-cross-chain-transactions (push) Successful in 5s
Details
Cross-Chain Functionality Tests / test-cross-chain-bridge (push) Has been skipped
Details
Cross-Chain Functionality Tests / test-multi-chain-consensus (push) Failing after 3s
Details
Cross-Chain Functionality Tests / aggregate-results (push) Has been skipped
Details
Cross-Node Transaction Testing / transaction-test (push) Successful in 5s
Details
Deploy to Testnet / deploy-testnet (push) Successful in 1m14s
Details
Contract Performance Benchmarks / compare-benchmarks (push) Has been cancelled
Details
Documentation Validation / validate-docs (push) Failing after 10s
Details
Multi-Node Stress Testing / stress-test (push) Has been cancelled
Details
Node Failover Simulation / failover-test (push) Has been cancelled
Details
Security Scanning / security-scan (push) Has been cancelled
Details
Smart Contract Tests / test-solidity (map[name:aitbc-contracts path:contracts]) (push) Has been cancelled
Details
Smart Contract Tests / test-solidity (map[name:aitbc-token path:packages/solidity/aitbc-token]) (push) Has been cancelled
Details
Smart Contract Tests / test-foundry (push) Has been cancelled
Details
Smart Contract Tests / lint-solidity (push) Has been cancelled
Details
Smart Contract Tests / deploy-contracts (push) Has been cancelled
Details
Documentation Validation / validate-policies-strict (push) Successful in 3s
Details
Integration Tests / test-service-integration (push) Failing after 45s
Details
Multi-Chain Island Architecture Tests / test-multi-chain-island (push) Failing after 2s
Details
Multi-Node Blockchain Health Monitoring / health-check (push) Successful in 5s
Details
P2P Network Verification / p2p-verification (push) Successful in 3s
Details
Production Tests / Production Integration Tests (push) Failing after 7s
Details
Python Tests / test-python (push) Failing after 46s
Details
Staking Tests / test-staking-service (push) Failing after 2s
Details
Staking Tests / test-staking-integration (push) Has been skipped
Details
Staking Tests / test-staking-contract (push) Has been skipped
Details
Staking Tests / run-staking-test-runner (push) Has been skipped
Details
Systemd Sync / sync-systemd (push) Successful in 21s
Details
API Endpoint Tests / test-api-endpoints (push) Failing after 12m19s
Details

Browse Source 
- Changed pytest calls to use `venv/bin/python -m pytest` with explicit config
- Added `--rootdir "$PWD"` and `--import-mode=importlib` for consistent imports
- Fixed PYTHONPATH to use absolute paths with $PWD prefix
- Added smart contract security scanning for Solidity files
- Added Circom circuit security checks for ZK proof circuits
- Added ZK proof implementation security validation
- Added contracts/** to security scanning workflow
This commit is contained in:
aitbc
2026-05-11 13:46:42 +02:00
parent eeed0c61a3
commit e4f1a96172
141 changed files with 63860 additions and 2869 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docs/deployment/0_index.md
View File

@@ -6,12 +6,13 @@ Deploy, operate, and maintain AITBC infrastructure.
| # | File | What you learn |
|---|------|----------------|
| 1 | [1_remote-deployment-guide.md](./1_remote-deployment-guide.md) | Deploy to remote servers |
| 2 | [2_service-naming-convention.md](./2_service-naming-convention.md) | Systemd service names and standards |
| 3 | [3_backup-restore.md](./3_backup-restore.md) | Backup PostgreSQL, Redis, ledger data |
| 4 | [4_incident-runbooks.md](./4_incident-runbooks.md) | Handle outages and incidents |
| 5 | [5_marketplace-deployment.md](./5_marketplace-deployment.md) | Deploy GPU marketplace endpoints |
| 6 | [6_beta-release-plan.md](./6_beta-release-plan.md) | Beta release checklist and timeline |
| 1 | [SETUP.md](./SETUP.md) | Main host bootstrap and setup script |
| 2 | [1_remote-deployment-guide.md](./1_remote-deployment-guide.md) | Deploy to remote servers |
| 3 | [2_service-naming-convention.md](./2_service-naming-convention.md) | Systemd service names and standards |
| 4 | [3_backup-restore.md](./3_backup-restore.md) | Backup PostgreSQL, Redis, ledger data |
| 5 | [4_incident-runbooks.md](./4_incident-runbooks.md) | Handle outages and incidents |
| 6 | [5_marketplace-deployment.md](./5_marketplace-deployment.md) | Deploy GPU marketplace endpoints |
| 7 | [6_beta-release-plan.md](./6_beta-release-plan.md) | Beta release checklist and timeline |
## Related

4
docs/deployment/1_remote-deployment-guide.md
View File

@@ -3,6 +3,8 @@
## Overview
This deployment strategy builds the blockchain node directly on the ns3 server to utilize its gigabit connection, avoiding slow uploads from localhost.
For new-host bootstrap, start with `SETUP.md`, which documents the main `scripts/setup.sh` entry point.
## Quick Start
### 1. Deploy Everything
@@ -132,7 +134,7 @@ Location: `/opt/blockchain-explorer/index.html`
## Next Steps
1. Set up proper authentication
2. Configure HTTPS with SSL certificates
2. Configure HTTPS with manually issued SSL certificates
3. Add multiple peers for network resilience
4. Implement proper backup procedures
5. Set up monitoring and alerting

2
docs/deployment/README.md
View File

@@ -22,6 +22,7 @@
## 📦 **Contents**
- **[SETUP.md](SETUP.md)** - Main host bootstrap and setup script
- **[AITBC1_TEST_COMMANDS.md](AITBC1_TEST_COMMANDS.md)** - Test command reference for AITBC1
- **[AITBC1_UPDATED_COMMANDS.md](AITBC1_UPDATED_COMMANDS.md)** - Updated operational commands for AITBC1
@@ -39,6 +40,7 @@ This directory holds node-specific operational notes and command references, esp
## 🚀 **Next Steps**
- Use `SETUP.md` to bootstrap a new host with the main `scripts/setup.sh` flow.
- Use `AITBC1_TEST_COMMANDS.md` to verify current node behavior.
- Use `AITBC1_UPDATED_COMMANDS.md` as the authoritative updated command reference.
- Cross-check command usage with `../reference/README.md`.

16
docs/deployment/SETUP.md
View File

@@ -2,10 +2,12 @@
## Quick Setup (New Host)
The main setup script lives at `scripts/setup.sh`.
Run this single command on any new host to install AITBC:
```bash
sudo bash <(curl -sSL https://raw.githubusercontent.com/oib/aitbc/main/setup.sh)
sudo bash <(curl -sSL https://gitea.bubuit.net/oib/aitbc/raw/branch/main/scripts/setup.sh)
```
Or clone and run manually:
@@ -13,11 +15,11 @@ Or clone and run manually:
```bash
sudo git clone https://gitea.bubuit.net/oib/aitbc.git /opt/aitbc
cd /opt/aitbc
sudo chmod +x setup.sh
sudo ./setup.sh
sudo chmod +x scripts/setup.sh
sudo ./scripts/setup.sh
```
## What the Setup Script Does
## What `scripts/setup.sh` Does
1. **Prerequisites Check**
- Verifies Python 3.13.5+, pip3, git, systemd
@@ -54,7 +56,7 @@ sudo ./setup.sh
7. **Service Management**
- Creates `/opt/aitbc/start-services.sh` for manual control
- Creates `/opt/aitbc/health-check.sh` for monitoring
- Uses `/opt/aitbc/scripts/monitoring/health_check.sh` for monitoring
- Sets up logging to `/var/log/aitbc-*.log`
## Runtime Directories
@@ -89,7 +91,7 @@ AITBC uses standard Linux system directories for runtime data:
```bash
# Check service health
/opt/aitbc/health-check.sh
/opt/aitbc/scripts/monitoring/health_check.sh
# Restart all services
/opt/aitbc/start-services.sh
@@ -153,7 +155,7 @@ python -m uvicorn app.main:app --host 0.0.0.0 --port 8000
For production deployment:
1. Configure proper environment variables
2. Set up reverse proxy (nginx)
3. Configure SSL certificates
3. Configure SSL certificates manually outside `scripts/setup.sh`
4. Set up log rotation
5. Configure monitoring and alerts
6. Use proper database setup (PostgreSQL/Redis)

798
docs/deployment/comprehensive-guide.md Normal file
View File

@@ -0,0 +1,798 @@
# Comprehensive Deployment Guide
This guide provides detailed instructions for deploying the AITBC platform in various scenarios.
## Table of Contents
- [Prerequisites](#prerequisites)
- [System Requirements](#system-requirements)
- [Deployment Scenarios](#deployment-scenarios)
- [Local Development Setup](#local-development-setup)
- [Single-Server Production Deployment](#single-server-production-deployment)
- [Multi-Server Deployment](#multi-server-deployment)
- [Cloud Deployment](#cloud-deployment)
- [Docker Containerized Deployment](#docker-containerized-deployment)
- [Configuration](#configuration)
- [SSL/TLS Configuration](#ssltls-configuration)
- [Health Checks](#health-checks)
- [Troubleshooting](#troubleshooting)
## Prerequisites
### Software Requirements
- **Operating System**: Debian 12 (bookworm) or Ubuntu 22.04 LTS
- **Python**: 3.13 or higher
- **Node.js**: 24.14.0 or higher (for JavaScript SDK)
- **CUDA Toolkit**: 12.4 (for GPU support)
- **Docker**: 24.0 or higher (for containerized deployment)
- **Docker Compose**: 2.20 or higher
### Hardware Requirements
#### Minimum (Development)
- CPU: 4 cores
- RAM: 8 GB
- Storage: 100 GB SSD
- GPU: Not required for development
#### Recommended (Production)
- CPU: 8+ cores
- RAM: 16+ GB
- Storage: 500 GB NVMe SSD
- GPU: NVIDIA RTX 3090 or better (for mining)
#### Multi-Node
- Each node: 8+ cores, 16+ GB RAM, 100+ GB SSD
- GPU nodes: NVIDIA RTX 3090 or better
- Network: 10 Gbps interconnect
### Network Requirements
- Public IP address (for blockchain node)
- Open ports: 8080 (blockchain), 8011 (coordinator), 8071 (wallet), 8102 (marketplace)
- DNS configuration (optional but recommended)
- Firewall rules configured
## System Requirements
### Operating System
**Supported:**
- Debian 12 (bookworm)
- Ubuntu 22.04 LTS
**Recommended:**
- Debian 12 (bookworm) for production
### Dependencies
```bash
# System dependencies
sudo apt update
sudo apt install -y \
build-essential \
python3-dev \
python3-venv \
python3-pip \
git \
curl \
wget \
gnupg \
lsb-release \
software-properties-common \
apt-transport-https \
ca-certificates \
gnupg \
lsb-release
# CUDA dependencies (for GPU support)
sudo apt install -y \
nvidia-cuda-toolkit \
nvidia-cudnn \
libnvidia-common
```
### Python Environment
```bash
# Create virtual environment
python3 -m venv /opt/aitbc/venv
source /opt/aitbc/venv/bin/activate
# Upgrade pip
pip install --upgrade pip
```
## Deployment Scenarios
### Scenario Comparison
| Scenario | Complexity | Scalability | Cost | Use Case |
|----------|-----------|-------------|------|----------|
| Local Development | Low | None | Low | Development, testing |
| Single-Server | Medium | Low | Low | Small deployments, POC |
| Multi-Server | High | High | High | Production, HA |
| Cloud | Medium | High | Variable | Flexible scaling |
| Docker | Medium | High | Variable | Container orchestration |
## Local Development Setup
### Quick Start
```bash
# Clone repository
git clone https://github.com/oib/AITBC.git /opt/aitbc
cd /opt/aitbc
# Create virtual environment
python3 -m venv venv
source venv/bin/activate
# Install dependencies
pip install -r requirements.txt
# Install local packages
pip install -e packages/py/aitbc-crypto
pip install -e packages/py/aitbc-sdk
# Start services
./scripts/setup.sh
```
### Service Configuration
```bash
# Configure environment
cp .env.example .env
# Edit .env with your settings
# Start blockchain node
python -m apps.blockchain_node.main
# Start coordinator API
python -m apps.coordinator_api.main
# Start marketplace service
python -m apps.marketplace_service.main
```
### Verification
```bash
# Check service health
curl http://localhost:8080/health # Blockchain
curl http://localhost:8011/health # Coordinator
curl http://localhost:8102/health # Marketplace
```
## Single-Server Production Deployment
### Installation Steps
1. **Prepare Server**
```bash
# Update system
sudo apt update && sudo apt upgrade -y
# Create user
sudo useradd -m -s /bin/bash aitbc
sudo usermod -aG docker aitbc
```
2. **Install Dependencies**
```bash
# Install system dependencies
sudo apt install -y \
build-essential \
python3-dev \
python3-venv \
git \
curl \
nginx \
postgresql \
redis-server \
docker.io \
docker-compose
```
3. **Deploy Application**
```bash
# Clone repository
sudo -u aitbc git clone https://github.com/oib/AITBC.git /opt/aitbc
cd /opt/aitbc
# Setup virtual environment
sudo -u aitbc python3 -m venv /opt/aitbc/venv
sudo -u aitbc /opt/aitbc/venv/bin/pip install -r requirements.txt
# Setup database
sudo -u postgres psql -c "CREATE DATABASE aitbc;"
sudo -u postgres psql -c "CREATE USER aitbc WITH PASSWORD 'secure-password';"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE aitbc TO aitbc;"
```
4. **Configure Systemd Services**
```bash
# Setup services
sudo ./scripts/setup.sh
# Enable services
sudo systemctl enable aitbc-blockchain
sudo systemctl enable aitbc-coordinator-api
sudo systemctl enable aitbc-marketplace
# Start services
sudo systemctl start aitbc-blockchain
sudo systemctl start aitbc-coordinator-api
sudo systemctl start aitbc-marketplace
```
5. **Configure Nginx**
```nginx
# /etc/nginx/sites-available/aitbc
upstream coordinator {
server 127.0.0.1:8011;
}
upstream blockchain {
server 127.0.0.1:8080;
}
upstream marketplace {
server 127.0.0.1:8102;
}
server {
listen 80;
server_name your-domain.com;
location /api/ {
proxy_pass http://coordinator;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location /blockchain/ {
proxy_pass http://blockchain;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location /marketplace/ {
proxy_pass http://marketplace;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
```
## Multi-Server Deployment
### Architecture
```
Load Balancer
|
+----------------+----------------+
| | |
Blockchain Node Coordinator API Marketplace
| | |
+----------------+----------------+
|
PostgreSQL Cluster
|
Redis Cluster
```
### Node Types
1. **Blockchain Node**
- Runs blockchain consensus
- Maintains ledger
- Requires public IP
2. **Coordinator API**
- Job submission and management
- Payment processing
- API gateway
3. **Marketplace Service**
- GPU offer management
- Matching engine
- Price discovery
4. **Database Node**
- PostgreSQL cluster
- Redis cache
- Data persistence
### Setup Steps
1. **Configure Network**
```bash
# On each node, configure network
sudo apt install -y etcd
sudo systemctl enable etcd
sudo systemctl start etcd
```
2. **Deploy Blockchain Node**
```bash
# On blockchain node
sudo apt install -y nvidia-cuda-toolkit
git clone https://github.com/oib/AITBC.git /opt/aitbc
cd /opt/aitbc
./scripts/setup/blockchain.sh
```
3. **Deploy Coordinator API**
```bash
# On coordinator node
git clone https://github.com/oib/AITBC.git /opt/aitbc
cd /opt/aitbc
./scripts/setup/coordinator.sh
```
4. **Deploy Marketplace Service**
```bash
# On marketplace node
git clone https://github.com/oib/AITBC.git /opt/aitbc
cd /opt/aitbc
./scripts/setup/marketplace.sh
```
5. **Configure Database Cluster**
```bash
# On database node
sudo apt install -y postgresql redis-server
sudo -u postgres psql -c "CREATE DATABASE aitbc;"
```
## Cloud Deployment
### AWS Deployment
#### EC2 Setup
```bash
# Launch EC2 instances
- Blockchain: t3.xlarge or g4dn.xlarge (GPU)
- Coordinator: t3.large
- Marketplace: t3.large
- Database: RDS PostgreSQL
# Security groups
- Allow ports 8080, 8011, 8071, 8102
- Configure VPC and subnets
```
#### EKS Deployment
```yaml
# kubernetes/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: coordinator-api
spec:
replicas: 3
selector:
matchLabels:
app: coordinator-api
template:
metadata:
labels:
app: coordinator-api
spec:
containers:
- name: coordinator-api
image: aitbc/coordinator-api:latest
ports:
- containerPort: 8011
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: database-secret
key: url
```
### GCP Deployment
#### GKE Setup
```bash
# Create GKE cluster
gcloud container clusters create aitbc-cluster \
--num-nodes=3 \
--machine-type=n1-standard-4 \
--zone=us-central1-a
# Deploy services
kubectl apply -f kubernetes/
```
## Docker Containerized Deployment
### Docker Compose
```yaml
# docker-compose.yml
version: '3.8'
services:
blockchain:
build: ./apps/blockchain_node
ports:
- "8080:8080"
volumes:
- blockchain-data:/data
environment:
- DATABASE_URL=postgresql://user:pass@postgres:5432/aitbc
coordinator:
build: ./apps/coordinator-api
ports:
- "8011:8011"
depends_on:
- blockchain
- postgres
environment:
- DATABASE_URL=postgresql://user:pass@postgres:5432/aitbc
marketplace:
build: ./apps/marketplace_service
ports:
- "8102:8102"
depends_on:
- postgres
environment:
- DATABASE_URL=postgresql://user:pass@postgres:5432/aitbc
postgres:
image: postgres:15
volumes:
- postgres-data:/var/lib/postgresql/data
environment:
- POSTGRES_DB=aitbc
- POSTGRES_USER=aitbc
- POSTGRES_PASSWORD=secure-password
redis:
image: redis:7
ports:
- "6379:6379"
volumes:
blockchain-data:
postgres-data:
```
### Build and Run
```bash
# Build images
docker-compose build
# Start services
docker-compose up -d
# Check status
docker-compose ps
# View logs
docker-compose logs -f
```
## Configuration
### Environment Variables
```bash
# /etc/aitbc/blockchain.env
BLOCKCHAIN_NETWORK_ID=1
BLOCKCHAIN_GENESIS_BLOCK_HASH=0x...
BLOCKCHAIN_CONSENSUS_ALGORITHM=proof_of_stake
BLOCKCHAIN_VALIDATOR_PRIVATE_KEY=0x...
# /etc/aitbc/coordinator.env
COORDINATOR_API_KEY=your-api-key
COORDINATOR_DATABASE_URL=postgresql://user:pass@localhost:5432/aitbc
COORDINATOR_REDIS_URL=redis://localhost:6379
COORDINATOR_JWT_SECRET=your-jwt-secret
# /etc/aitbc/marketplace.env
MARKETPLACE_DATABASE_URL=postgresql://user:pass@localhost:5432/aitbc
MARKETPLACE_REDIS_URL=redis://localhost:6379
MARKETPLACE_API_KEY=your-api-key
```
### Configuration Files
```yaml
# /etc/aitbc/config.yaml
services:
blockchain:
port: 8080
host: 0.0.0.0
database:
host: localhost
port: 5432
name: aitbc
coordinator:
port: 8011
host: 0.0.0.0
database:
host: localhost
port: 5432
name: aitbc
cache:
host: localhost
port: 6379
marketplace:
port: 8102
host: 0.0.0.0
database:
host: localhost
port: 5432
name: aitbc
```
## SSL/TLS Configuration
### Let's Encrypt
```bash
# Install certbot
sudo apt install -y certbot python3-certbot-nginx
# Obtain certificate
sudo certbot --nginx -d your-domain.com
# Auto-renewal
sudo certbot renew --dry-run
```
### Manual Certificate
```bash
# Generate self-signed certificate
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout /etc/ssl/private/aitbc.key \
-out /etc/ssl/certs/aitbc.crt
# Configure Nginx
sudo nano /etc/nginx/sites-available/aitbc
```
### Nginx SSL Configuration
```nginx
server {
listen 443 ssl http2;
server_name your-domain.com;
ssl_certificate /etc/ssl/certs/aitbc.crt;
ssl_certificate_key /etc/ssl/private/aitbc.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
proxy_pass http://localhost:8011;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto https;
}
}
server {
listen 80;
server_name your-domain.com;
return 301 https://$server_name$request_uri;
}
```
## Health Checks
### Service Health Endpoints
```bash
# Blockchain health
curl http://localhost:8080/health
# Coordinator health
curl http://localhost:8011/health
# Marketplace health
curl http://localhost:8102/health
```
### Monitoring Script
```bash
#!/bin/bash
# health-check.sh
services=("blockchain:8080" "coordinator:8011" "marketplace:8102")
for service in "${services[@]}"; do
name="${service%%:*}"
port="${service##*:}"
if curl -f "http://localhost:$port/health" > /dev/null 2>&1; then
echo "✓ $name is healthy"
else
echo "✗ $name is unhealthy"
# Send alert
fi
done
```
### Systemd Health Monitoring
```ini
# /etc/systemd/system/aitbc-health-check.service
[Unit]
Description=AITBC Health Check
After=network.target
[Service]
Type=oneshot
ExecStart=/opt/aitbc/scripts/health-check.sh
[Install]
WantedBy=multi-user.target
```
## Troubleshooting
### Common Issues
#### Service Won't Start
```bash
# Check logs
sudo journalctl -u aitbc-coordinator-api -n 50
# Check port conflicts
sudo netstat -tulpn | grep -E '8080|8011|8102'
# Check permissions
sudo -u aitbc ls -la /opt/aitbc
```
#### Database Connection Failed
```bash
# Check PostgreSQL status
sudo systemctl status postgresql
# Check connection
psql -h localhost -U aitbc -d aitbc
# Check firewall
sudo ufw status
```
#### GPU Not Detected
```bash
# Check GPU
nvidia-smi
# Check CUDA
nvcc --version
# Check driver
sudo dmesg | grep -i nvidia
```
### Performance Issues
#### High CPU Usage
```bash
# Check process CPU
top -p $(pgrep -f coordinator-api)
# Profile with cProfile
python -m cProfile -o profile.stats apps/coordinator_api/main.py
```
#### High Memory Usage
```bash
# Check memory
free -h
# Check process memory
ps aux | grep coordinator-api
# Check for memory leaks
valgrind --leak-check=full python apps/coordinator_api/main.py
```
### Network Issues
#### Connection Refused
```bash
# Check service status
sudo systemctl status aitbc-coordinator-api
# Check firewall
sudo iptables -L -n
# Check network
ping localhost
telnet localhost 8011
```
#### Slow Performance
```bash
# Check network latency
ping -c 10 localhost
# Check bandwidth
iperf3 -s
iperf3 -c localhost
# Check DNS
nslookup your-domain.com
```
## Maintenance
### Backup
```bash
# Database backup
sudo -u postgres pg_dump aitbc > backup-$(date +%Y%m%d).sql
# Blockchain data backup
tar -czf blockchain-backup-$(date +%Y%m%d).tar.gz /var/lib/aitbc/blockchain
# Configuration backup
tar -czf config-backup-$(date +%Y%m%d).tar.gz /etc/aitbc
```
### Updates
```bash
# Update application
cd /opt/aitbc
git pull origin main
source venv/bin/activate
pip install -r requirements.txt
# Restart services
sudo systemctl restart aitbc-coordinator-api
sudo systemctl restart aitbc-blockchain
sudo systemctl restart aitbc-marketplace
```
### Monitoring
```bash
# Check service logs
sudo journalctl -u aitbc-coordinator-api -f
# Check system metrics
htop
# Check network
iftop
```

651
docs/deployment/debian-miner-installation.md Normal file
View File

@@ -0,0 +1,651 @@
# Debian Stable Miner Installation Guide
This guide provides step-by-step instructions for installing the AITBC miner on Debian stable (trixie).
## Prerequisites
### System Requirements
- **Operating System**: Debian 13 (trixie) or Ubuntu 24.04 LTS
- **GPU**: NVIDIA GPU with CUDA 12.4+ support
- **Memory**: 16GB+ RAM recommended
- **Storage**: 100GB+ SSD
- **Network**: Stable internet connection
### Hardware Compatibility
Tested GPUs:
- NVIDIA RTX 3090
- NVIDIA RTX 4090
- NVIDIA RTX 4060 Ti
- NVIDIA A100
- NVIDIA H100
Other NVIDIA GPUs with CUDA 12.4+ support should work but may not be tested.
## Pre-Installation
### 1. Update System
```bash
sudo apt update
sudo apt upgrade -y
sudo apt autoremove -y
```
### 2. Install NVIDIA Drivers
```bash
# Install NVIDIA driver
sudo apt install -y nvidia-driver-full
# Reboot
sudo reboot
```
### 3. Verify GPU
After reboot, verify GPU is detected:
```bash
nvidia-smi
```
Expected output:
```
+-----------------------------------------------------------------------------+
| NVIDIA-SMI 535.0.00 Driver Version: 535.0.00 CUDA Version: 12.4 |
|-------------------------------+----------------------+----------------------+
| GPU Name Persistence-M| Bus-Id Disp.A | Volatile Uncorr. ECC |
| Fan Temp Perf Pwr:Usage/Cap| Memory-Usage | GPU-Util Compute M. |
|===============================+======================+======================|
| 0 NVIDIA GeForce ... On | 00000000:01:00.0 On | N/A |
| 30% 42C P8 13W / 350W | 521MiB / 16384MiB | 0% Default |
+-------------------------------+----------------------+----------------------+
```
### 4. Install CUDA Toolkit
```bash
# Install CUDA Toolkit
sudo apt install -y nvidia-cuda-toolkit
# Verify installation
nvcc --version
```
### 5. Install Ollama (Optional - for Ollama backend)
Ollama is required only if using the Ollama inference backend. The miner includes vLLM for optimized inference, which is recommended.
```bash
# Install Ollama
curl -fsSL https://ollama.com/install.sh | sh
# Start Ollama
ollama serve
# Pull a model (in another terminal)
ollama pull llama2
```
**Note:** vLLM is included in the binary and provides better performance. To use vLLM, set `INFERENCE_BACKEND=vllm` in the configuration.
### 6. Verify Ollama
```bash
# Check Ollama is running
curl http://localhost:11434/api/tags
# Expected output:
# {"models":[{"name":"llama2:7b","modified":"..."}]}
```
## Installation
### Option 1: Using Installation Script (Recommended)
```bash
# Download the release package
wget https://github.com/oib/AITBC/releases/download/v0.1.0/aitbc-miner-debian-package.tar.gz
# Extract
tar -xzf aitbc-miner-debian-package.tar.gz
cd aitbc-miner-debian
# Run installation script
sudo ./install.sh
```
### Option 2: Manual Installation
#### Step 1: Download Binary
```bash
# Download binary
wget https://github.com/oib/AITBC/releases/download/v0.1.0/aitbc-miner-debian
# Download checksums
wget https://github.com/oib/AITBC/releases/download/v0.1.0/SHA256SUMS
# Verify checksum
sha256sum -c SHA256SUMS
# Make executable
chmod +x aitbc-miner-debian
```
#### Step 2: Create User
```bash
sudo useradd -m -s /bin/bash aitbc
```
#### Step 3: Create Installation Directory
```bash
sudo mkdir -p /opt/aitbc/miner
sudo chown aitbc:aitbc /opt/aitbc/miner
```
#### Step 4: Copy Binary
```bash
sudo cp aitbc-miner-debian /opt/aitbc/miner/
sudo chmod +x /opt/aitbc/miner/aitbc-miner-debian
sudo chown aitbc:aitbc /opt/aitbc/miner/aitbc-miner-debian
```
#### Step 5: Create Configuration
```bash
sudo -u aitbc nano /opt/aitbc/miner/miner.env
```
Add the following configuration:
```bash
# Required
MINER_API_KEY=your-miner-api-key
COORDINATOR_URL=http://your-coordinator-url:8011
# Optional
LOG_PATH=/var/log/aitbc/miner.log
HEARTBEAT_INTERVAL=15
MAX_RETRIES=10
RETRY_DELAY=30
```
#### Step 6: Create Log Directory
```bash
sudo mkdir -p /var/log/aitbc
sudo chown aitbc:aitbc /var/log/aitbc
```
#### Step 7: Create Systemd Service
```bash
sudo nano /etc/systemd/system/aitbc-miner.service
```
Add the following:
```ini
[Unit]
Description=AITBC GPU Miner
After=network.target
[Service]
Type=simple
User=aitbc
WorkingDirectory=/opt/aitbc/miner
EnvironmentFile=/opt/aitbc/miner/miner.env
ExecStart=/opt/aitbc/miner/aitbc-miner-debian
Restart=always
RestartSec=10
StandardOutput=journal
StandardError=journal
[Install]
WantedBy=multi-user.target
```
#### Step 8: Enable and Start Service
```bash
sudo systemctl daemon-reload
sudo systemctl enable aitbc-miner
sudo systemctl start aitbc-miner
```
## Configuration
### Get Miner API Key
Register as a miner with the Coordinator API:
```bash
curl -X POST http://your-coordinator-url:8011/v1/miners/register \
-H "Content-Type: application/json" \
-d '{
"miner_id": "your-miner-id",
"gpu_type": "nvidia-rtx-3090",
"gpu_memory": 24
}'
```
The response will include your API key.
### Configure Coordinator URL
Set the Coordinator URL in `/opt/aitbc/miner/miner.env`:
```bash
COORDINATOR_URL=http://your-coordinator-url:8011
```
## Verification
### Run Verification Script
```bash
cd /opt/aitbc/miner
sudo ./verify-install.sh
```
The script will check:
- Binary integrity
- GPU detection
- CUDA installation
- Ollama status
- Configuration
- Systemd service
### Check Service Status
```bash
sudo systemctl status aitbc-miner
```
Expected output:
```
● aitbc-miner.service - AITBC GPU Miner
Loaded: loaded (/etc/systemd/system/aitbc-miner.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2026-05-11 12:00:00 UTC
Main PID: 12345 (aitbc-miner-deb)
Tasks: 1 (limit: 4915)
Memory: 150.0M
CPU: 2.3%
```
### View Logs
```bash
# Real-time logs
sudo journalctl -u aitbc-miner -f
# Last 100 lines
sudo journalctl -u aitbc-miner -n 100
```
Expected log output:
```
2026-05-11 12:00:00 - INFO - Starting Real GPU Miner Client on Host...
2026-05-11 12:00:00 - INFO - GPU detected: NVIDIA GeForce RTX 4060 Ti (16380MB)
2026-05-11 12:00:00 - INFO - Ollama models available: llama2:7b, gemma4:31b-cloud
2026-05-11 12:00:00 - INFO - Coordinator is available!
2026-05-11 12:00:00 - INFO - Successfully registered miner
2026-05-11 12:00:00 - INFO - Miner registered successfully, starting main loop...
```
### Check Miner Registration
```bash
curl -H "X-Api-Key: your-miner-api-key" \
http://your-coordinator-url:8011/v1/miners/your-miner-id
```
## Troubleshooting
### GPU Not Detected
**Problem**: Miner cannot detect GPU
**Solution**:
```bash
# Check GPU
nvidia-smi
# Reinstall drivers
sudo apt install --reinstall nvidia-driver-535
# Check kernel modules
lsmod | grep nvidia
# Reboot
sudo reboot
```
### Ollama Not Available
**Problem**: Miner cannot connect to Ollama
**Solution**:
```bash
# Check Ollama status
systemctl status ollama
# Start Ollama manually
ollama serve
# Check Ollama is listening
netstat -tulpn | grep 11434
```
### Coordinator Connection Failed
**Problem**: Miner cannot connect to Coordinator
**Solution**:
```bash
# Test Coordinator URL
curl http://your-coordinator-url:8011/v1/health
# Check firewall
sudo ufw status
# Allow Coordinator port
sudo ufw allow 8011/tcp
# Check network
ping your-coordinator-url
```
### Registration Failed
**Problem**: Miner registration returns 404 or 401
**Solution**:
```bash
# Check API key
echo $MINER_API_KEY
# Verify API key is valid
curl -H "X-Api-Key: your-miner-api-key" \
http://your-coordinator-url:8011/v1/miners/heartbeat
# Check Coordinator logs
sudo journalctl -u coordinator-api -n 50
```
### Service Won't Start
**Problem**: Systemd service fails to start
**Solution**:
```bash
# Check service logs
sudo journalctl -u aitbc-miner -n 50
# Check configuration
sudo -u aitbc cat /opt/aitbc/miner/miner.env
# Test binary manually
sudo -u aitbc /opt/aitbc/miner/aitbc-miner-debian
```
### Permission Denied
**Problem**: Permission errors accessing files
**Solution**:
```bash
# Fix permissions
sudo chown -R aitbc:aitbc /opt/aitbc/miner
sudo chown -R aitbc:aitbc /var/log/aitbc
# Fix binary permissions
sudo chmod +x /opt/aitbc/miner/aitbc-miner-debian
```
## Upgrading
### Upgrade Binary
```bash
# Stop service
sudo systemctl stop aitbc-miner
# Backup current binary
sudo cp /opt/aitbc/miner/aitbc-miner-debian /opt/aitbc/miner/aitbc-miner-debian.backup
# Download new binary
cd /tmp
wget https://github.com/oib/AITBC/releases/download/v0.2.0/aitbc-miner-debian
# Verify checksum
sha256sum -c SHA256SUMS
# Replace binary
sudo cp aitbc-miner-debian /opt/aitbc/miner/
sudo chmod +x /opt/aitbc/miner/aitbc-miner-debian
sudo chown aitbc:aitbc /opt/aitbc/miner/aitbc-miner-debian
# Start service
sudo systemctl start aitbc-miner
# Verify
sudo systemctl status aitbc-miner
```
## Uninstallation
### Remove Miner
```bash
# Stop service
sudo systemctl stop aitbc-miner
sudo systemctl disable aitbc-miner
# Remove files
sudo rm -rf /opt/aitbc/miner
sudo rm /etc/systemd/system/aitbc-miner.service
# Remove logs (optional)
sudo rm -rf /var/log/aitbc
# Remove user (optional)
sudo userdel aitbc
# Reload systemd
sudo systemctl daemon-reload
```
## Advanced Configuration
### Multiple GPUs
If you have multiple GPUs, run multiple miner instances:
```bash
# Create additional configuration files
sudo -u aitbc cp /opt/aitbc/miner/miner.env /opt/aitbc/miner/miner-gpu0.env
sudo -u aitbc cp /opt/aitbc/miner/miner.env /opt/aitbc/miner/miner-gpu1.env
# Create additional services
sudo cp /etc/systemd/system/aitbc-miner.service \
/etc/systemd/system/aitbc-miner-gpu0.service
# Edit service to use different config and GPU
sudo nano /etc/systemd/system/aitbc-miner-gpu0.service
# Add CUDA_VISIBLE_DEVICES to specify GPU
[Service]
Environment="CUDA_VISIBLE_DEVICES=0"
EnvironmentFile=/opt/aitbc/miner/miner-gpu0.env
```
### Custom Log Location
To use a custom log location:
```bash
# Edit miner.env
sudo -u aitbc nano /opt/aitbc/miner/miner.env
# Add custom log path
LOG_PATH=/custom/path/miner.log
# Create directory
sudo mkdir -p /custom/path
sudo chown aitbc:aitbc /custom/path
```
### Performance Tuning
Adjust heartbeat interval and retry settings:
```bash
# Edit miner.env
sudo -u aitbc nano /opt/aitbc/miner/miner.env
# Reduce heartbeat interval (more frequent updates)
HEARTBEAT_INTERVAL=10
# Increase retries (more resilient)
MAX_RETRIES=20
RETRY_DELAY=30
```
## Security
### Firewall Configuration
```bash
# Allow outgoing connections
sudo ufw allow out 8011/tcp
sudo ufw allow out 11434/tcp
# Allow incoming connections if needed
sudo ufw allow in 8011/tcp
```
### API Key Security
- Never commit API keys to version control
- Use environment variables or secret management
- Rotate API keys regularly
- Use different keys for different environments
### System Hardening
```bash
# Install fail2ban
sudo apt install -y fail2ban
# Configure fail2ban for AITBC
sudo nano /etc/fail2ban/jail.local
```
## Monitoring
### GPU Monitoring
```bash
# Real-time GPU monitoring
watch -n 1 nvidia-smi
```
### Service Monitoring
```bash
# Check service status
sudo systemctl status aitbc-miner
# Monitor logs
sudo journalctl -u aitbc-miner -f
```
### Performance Monitoring
```bash
# Check CPU and memory
htop
# Check disk usage
df -h
# Check network
iftop
```
## Support
- **Documentation**: https://aitbc.bubuit.net/docs/
- **GitHub Issues**: https://github.com/oib/AITBC/issues
- **Community**: https://community.aitbc.dev/
- **Email**: support@aitbc.dev
## Appendix
### Systemd Service Template
```ini
[Unit]
Description=AITBC GPU Miner
After=network.target
[Service]
Type=simple
User=aitbc
WorkingDirectory=/opt/aitbc/miner
EnvironmentFile=/opt/aitbc/miner/miner.env
ExecStart=/opt/aitbc/miner/aitbc-miner-debian
Restart=always
RestartSec=10
StandardOutput=journal
StandardError=journal
[Install]
WantedBy=multi-user.target
```
### Configuration Template
```bash
# Required
MINER_API_KEY=your-miner-api-key
COORDINATOR_URL=http://your-coordinator-url:8011
# Optional
LOG_PATH=/var/log/aitbc/miner.log
HEARTBEAT_INTERVAL=15
MAX_RETRIES=10
RETRY_DELAY=30
```
### Quick Reference
```bash
# Start miner
sudo systemctl start aitbc-miner
# Stop miner
sudo systemctl stop aitbc-miner
# Restart miner
sudo systemctl restart aitbc-miner
# View logs
sudo journalctl -u aitbc-miner -f
# Check status
sudo systemctl status aitbc-miner
# Enable auto-start
sudo systemctl enable aitbc-miner
# Disable auto-start
sudo systemctl disable aitbc-miner
```