3352d63f36
All checks were successful
AITBC CLI Level 1 Commands Test / test-cli-level1 (push) Successful in 16s
api-endpoint-tests / test-api-endpoints (push) Successful in 35s
integration-tests / test-service-integration (push) Successful in 1m25s
package-tests / test-python-packages (map[name:aitbc-agent-sdk path:packages/py/aitbc-agent-sdk python_version:3.13]) (push) Successful in 16s
package-tests / test-python-packages (map[name:aitbc-cli path:. python_version:3.13]) (push) Successful in 14s
package-tests / test-python-packages (map[name:aitbc-core path:packages/py/aitbc-core python_version:3.13]) (push) Successful in 13s
package-tests / test-python-packages (map[name:aitbc-crypto path:packages/py/aitbc-crypto python_version:3.13]) (push) Successful in 10s
package-tests / test-python-packages (map[name:aitbc-sdk path:packages/py/aitbc-sdk python_version:3.13]) (push) Successful in 12s
package-tests / test-javascript-packages (map[name:aitbc-sdk node_version:24 path:packages/js/aitbc-sdk]) (push) Successful in 18s
python-tests / test-specific (push) Has been skipped
security-scanning / audit (push) Successful in 14s
systemd-sync / sync-systemd (push) Successful in 4s
package-tests / cross-language-compatibility (push) Successful in 2s
package-tests / package-integration-tests (push) Successful in 3s
Documentation Validation / validate-docs (push) Successful in 6m13s
python-tests / test (push) Successful in 14s
## 🚀 Central Virtual Environment Implementation - Created central venv at /opt/aitbc/venv for all services - Updated 34+ systemd services to use central python interpreter - Fixed PYTHONPATH configurations for proper module imports - Created aitbc-env wrapper script for environment management ## 📦 Requirements Management Overhaul - Consolidated 8 separate requirements.txt files into central requirements.txt - Added web3>=6.11.0 for blockchain functionality - Created automated requirements migrator tool (scripts/requirements_migrator.py) - Established modular requirements structure (requirements-modules/) - Generated comprehensive migration reports and documentation ## 🔧 Service Configuration Fixes - Fixed Adaptive Learning service domain imports (AgentStatus) - Resolved logging conflicts in zk_proofs and adaptive_learning_health - Created missing data modules (consumer_gpu_profiles.py) - Updated CLI to version 0.2.2 with proper import handling - Fixed infinite loop in CLI alias configuration ## 📡 Port Mapping and Service Updates - Updated blockchain node port from 8545 to 8005 - Added Adaptive Learning service on port 8010 - Consolidated P2P/sync into blockchain-node service - All 5 core services now operational and responding ## 📚 Documentation Enhancements - Updated SYSTEMD_SERVICES.md for Debian root usage (no sudo) - Added comprehensive VIRTUAL_ENVIRONMENT.md guide - Created REQUIREMENTS_MERGE_SUMMARY.md with migration details - Updated RUNTIME_DIRECTORIES.md for standard Linux paths - Fixed service port mappings and dependencies ## 🛠️ CLI Improvements - Fixed import errors and version display (0.2.2) - Resolved infinite loop in bashrc alias - Added proper error handling for missing command modules - Created aitbc-cli wrapper for clean execution ## ✅ Operational Status - 5/5 AITBC services running successfully - All health checks passing - Central virtual environment fully functional - Requirements management streamlined - Documentation accurate and up-to-date ## 🎯 Technical Achievements - Eliminated 7 redundant requirements.txt files - Reduced service startup failures from 34+ to 0 - Established modular dependency management - Created reusable migration tooling - Standardized Debian root deployment practices This represents a complete infrastructure modernization with improved reliability, maintainability, and operational efficiency.
135 lines
4.4 KiB
Python
135 lines
4.4 KiB
Python
#!/usr/bin/env python3
|
|
"""
|
|
Full production setup:
|
|
- Generate keystore password file
|
|
- Generate encrypted keystores for aitbc1genesis and aitbc1treasury
|
|
- Initialize production database with allocations
|
|
- Configure blockchain node .env for ait-mainnet
|
|
- Restart services
|
|
"""
|
|
|
|
import os
|
|
import subprocess
|
|
import sys
|
|
from pathlib import Path
|
|
|
|
# Configuration
|
|
CHAIN_ID = "ait-mainnet"
|
|
DATA_DIR = Path("/var/lib/aitbc/data/ait-mainnet")
|
|
DB_PATH = DATA_DIR / "chain.db"
|
|
KEYS_DIR = Path("/var/lib/aitbc/keystore")
|
|
PASSWORD_FILE = KEYS_DIR / ".password"
|
|
NODE_VENV = Path("/opt/aitbc/apps/blockchain-node/.venv/bin/python")
|
|
NODE_ENV = Path("/opt/aitbc/apps/blockchain-node/.env")
|
|
SERVICE_NODE = "aitbc-blockchain-node"
|
|
SERVICE_RPC = "aitbc-blockchain-rpc"
|
|
|
|
def run(cmd, check=True, capture_output=False):
|
|
print(f"+ {cmd}")
|
|
if capture_output:
|
|
result = subprocess.run(cmd, shell=True, check=check, capture_output=True, text=True)
|
|
else:
|
|
result = subprocess.run(cmd, shell=True, check=check)
|
|
return result
|
|
|
|
def main():
|
|
if os.geteuid() != 0:
|
|
print("Run as root (sudo)")
|
|
sys.exit(1)
|
|
|
|
# 1. Keystore directory and password
|
|
run(f"mkdir -p {KEYS_DIR}")
|
|
run(f"chown -R aitbc:aitbc {KEYS_DIR}")
|
|
|
|
# SECURITY FIX: Use environment variable instead of hardcoded password
|
|
if not PASSWORD_FILE.exists():
|
|
password = os.environ.get("AITBC_KEYSTORE_PASSWORD")
|
|
if not password:
|
|
# Generate secure random password if not provided
|
|
run(f"openssl rand -hex 32 > {PASSWORD_FILE}")
|
|
run(f"chmod 600 {PASSWORD_FILE}")
|
|
else:
|
|
# Use provided password from environment
|
|
PASSWORD_FILE.write_text(password)
|
|
run(f"chmod 600 {PASSWORD_FILE}")
|
|
|
|
os.environ["KEYSTORE_PASSWORD"] = PASSWORD_FILE.read_text().strip()
|
|
|
|
# 2. Generate keystores
|
|
print("\n=== Generating keystore for aitbc1genesis ===")
|
|
result = run(
|
|
f"{NODE_VENV} /opt/aitbc/scripts/keystore.py aitbc1genesis --output-dir {KEYS_DIR} --force",
|
|
capture_output=True
|
|
)
|
|
print(result.stdout)
|
|
genesis_priv = None
|
|
for line in result.stdout.splitlines():
|
|
if "Private key (hex):" in line:
|
|
genesis_priv = line.split(":",1)[1].strip()
|
|
break
|
|
if not genesis_priv:
|
|
print("ERROR: Could not extract genesis private key")
|
|
sys.exit(1)
|
|
(KEYS_DIR / "genesis_private_key.txt").write_text(genesis_priv)
|
|
os.chmod(KEYS_DIR / "genesis_private_key.txt", 0o600)
|
|
|
|
print("\n=== Generating keystore for aitbc1treasury ===")
|
|
result = run(
|
|
f"{NODE_VENV} /opt/aitbc/scripts/keystore.py aitbc1treasury --output-dir {KEYS_DIR} --force",
|
|
capture_output=True
|
|
)
|
|
print(result.stdout)
|
|
treasury_priv = None
|
|
for line in result.stdout.splitlines():
|
|
if "Private key (hex):" in line:
|
|
treasury_priv = line.split(":",1)[1].strip()
|
|
break
|
|
if not treasury_priv:
|
|
print("ERROR: Could not extract treasury private key")
|
|
sys.exit(1)
|
|
(KEYS_DIR / "treasury_private_key.txt").write_text(treasury_priv)
|
|
os.chmod(KEYS_DIR / "treasury_private_key.txt", 0o600)
|
|
|
|
# 3. Data directory
|
|
run(f"mkdir -p {DATA_DIR}")
|
|
run(f"chown -R root:root {DATA_DIR}")
|
|
|
|
# 4. Initialize DB
|
|
os.environ["DB_PATH"] = str(DB_PATH)
|
|
os.environ["CHAIN_ID"] = CHAIN_ID
|
|
run(f"sudo -E {NODE_VENV} /opt/aitbc/scripts/init_production_genesis.py --chain-id {CHAIN_ID} --db-path {DB_PATH}")
|
|
|
|
# 5. Write .env for blockchain node
|
|
env_content = f"""CHAIN_ID={CHAIN_ID}
|
|
SUPPORTED_CHAINS={CHAIN_ID}
|
|
DB_PATH=./data/ait-mainnet/chain.db
|
|
PROPOSER_ID=aitbc1genesis
|
|
PROPOSER_KEY=0x{genesis_priv}
|
|
PROPOSER_INTERVAL_SECONDS=5
|
|
BLOCK_TIME_SECONDS=2
|
|
|
|
RPC_BIND_HOST=127.0.0.1
|
|
RPC_BIND_PORT=8006
|
|
P2P_BIND_HOST=127.0.0.2
|
|
P2P_BIND_PORT=8005
|
|
|
|
MEMPOOL_BACKEND=database
|
|
MIN_FEE=0
|
|
GOSSIP_BACKEND=memory
|
|
"""
|
|
NODE_ENV.write_text(env_content)
|
|
os.chmod(NODE_ENV, 0o644)
|
|
print(f"[+] Updated {NODE_ENV}")
|
|
|
|
# 6. Restart services
|
|
run("systemctl daemon-reload")
|
|
run(f"systemctl restart {SERVICE_NODE} {SERVICE_RPC}")
|
|
|
|
print("\n[+] Production setup complete!")
|
|
print(f"[+] Verify with: curl 'http://127.0.0.1:8006/head?chain_id={CHAIN_ID}' | jq")
|
|
print(f"[+] Keystore files in {KEYS_DIR} (encrypted, 600)")
|
|
print(f"[+] Private keys saved in {KEYS_DIR}/genesis_private_key.txt and treasury_private_key.txt (keep secure!)")
|
|
|
|
if __name__ == "__main__":
|
|
main()
|