151 lines
4.5 KiB
Bash
151 lines
4.5 KiB
Bash
#!/usr/bin/env bash
|
|
# Generate strong dev .env for macOS Docker Compose run
|
|
# Location: uploader-bot/scripts/generate_dev_env.sh
|
|
|
|
set -euo pipefail
|
|
|
|
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
|
|
ENV_FILE="$ROOT_DIR/uploader-bot/.env"
|
|
|
|
# Functions
|
|
rand_hex() { openssl rand -hex "$1"; }
|
|
ensure_dir() { mkdir -p "$1"; }
|
|
abs_path() { python3 - << 'PY'
|
|
import os,sys
|
|
print(os.path.abspath(sys.argv[1]))
|
|
PY
|
|
}
|
|
|
|
# Defaults
|
|
POSTGRES_DB_DEFAULT="mynetwork"
|
|
POSTGRES_USER_DEFAULT="myuser"
|
|
POSTGRES_PASSWORD_DEFAULT="$(rand_hex 16)"
|
|
DB_URL_DEFAULT="postgresql+asyncpg://${POSTGRES_USER_DEFAULT}:${POSTGRES_PASSWORD_DEFAULT}@postgres:5432/${POSTGRES_DB_DEFAULT}"
|
|
|
|
REDIS_URL_DEFAULT="redis://redis:6379/0"
|
|
|
|
NODE_ID_DEFAULT="local-node-$(rand_hex 4)"
|
|
NODE_TYPE_DEFAULT="bootstrap"
|
|
NODE_VERSION_DEFAULT="3.0.0"
|
|
NETWORK_MODE_DEFAULT="bootstrap"
|
|
ALLOW_INCOMING_DEFAULT="true"
|
|
|
|
SECRET_KEY_DEFAULT="$(rand_hex 32)"
|
|
JWT_SECRET_KEY_DEFAULT="$(rand_hex 32)"
|
|
ENCRYPTION_KEY_DEFAULT="$(rand_hex 32)"
|
|
|
|
STORAGE_REL="./uploader-bot/storage"
|
|
LOGS_REL="./uploader-bot/logs"
|
|
KEYS_REL="./uploader-bot/config/keys"
|
|
|
|
API_HOST_DEFAULT="0.0.0.0"
|
|
API_PORT_DEFAULT="8000"
|
|
UVICORN_HOST_DEFAULT="0.0.0.0"
|
|
UVICORN_PORT_DEFAULT="8000"
|
|
DOCKER_SOCK_DEFAULT="/var/run/docker.sock"
|
|
|
|
NODE_PRIV_PATH="/app/keys/node_private_key"
|
|
NODE_PUB_PATH="/app/keys/node_public_key"
|
|
|
|
BOOTSTRAP_CONFIG_DEFAULT="default"
|
|
LOG_LEVEL_DEFAULT="INFO"
|
|
MAX_PEERS_DEFAULT="50"
|
|
SYNC_INTERVAL_DEFAULT="300"
|
|
CONVERT_PAR_DEFAULT="2"
|
|
CONVERT_TIMEOUT_DEFAULT="300"
|
|
|
|
# Prepare folders
|
|
ensure_dir "$ROOT_DIR/uploader-bot/storage"
|
|
ensure_dir "$ROOT_DIR/uploader-bot/logs"
|
|
ensure_dir "$ROOT_DIR/uploader-bot/config/keys"
|
|
|
|
# Generate node keys if missing
|
|
PRIV_KEY_HOST="$ROOT_DIR/uploader-bot/config/keys/node_private_key"
|
|
PUB_KEY_HOST="$ROOT_DIR/uploader-bot/config/keys/node_public_key"
|
|
|
|
if [ ! -f "$PRIV_KEY_HOST" ] || [ ! -f "$PUB_KEY_HOST" ]; then
|
|
echo "[INFO] Generating ed25519 node keypair..."
|
|
openssl genpkey -algorithm ed25519 -out "$PRIV_KEY_HOST"
|
|
openssl pkey -in "$PRIV_KEY_HOST" -pubout -out "$PUB_KEY_HOST"
|
|
chmod 600 "$PRIV_KEY_HOST" && chmod 644 "$PUB_KEY_HOST"
|
|
fi
|
|
|
|
# Try to compute NODE_PUBLIC_KEY_HEX (last 32 bytes of DER pubkey)
|
|
NODE_PUBLIC_KEY_HEX=""
|
|
if command -v xxd >/dev/null 2>&1; then
|
|
NODE_PUBLIC_KEY_HEX="$(openssl pkey -in "$PRIV_KEY_HOST" -pubout -outform DER | tail -c 32 | xxd -p -c 32 || true)"
|
|
fi
|
|
|
|
# Compose content
|
|
cat > "$ENV_FILE" <<EOF
|
|
# Generated by scripts/generate_dev_env.sh on $(date -u +"%Y-%m-%dT%H:%M:%SZ")
|
|
|
|
# Database (PostgreSQL)
|
|
POSTGRES_DB=${POSTGRES_DB_DEFAULT}
|
|
POSTGRES_USER=${POSTGRES_USER_DEFAULT}
|
|
POSTGRES_PASSWORD=${POSTGRES_PASSWORD_DEFAULT}
|
|
DATABASE_URL=${DB_URL_DEFAULT}
|
|
|
|
# Redis
|
|
REDIS_URL=${REDIS_URL_DEFAULT}
|
|
|
|
# Node/network
|
|
NODE_ID=${NODE_ID_DEFAULT}
|
|
NODE_TYPE=${NODE_TYPE_DEFAULT}
|
|
NODE_VERSION=${NODE_VERSION_DEFAULT}
|
|
NETWORK_MODE=${NETWORK_MODE_DEFAULT}
|
|
ALLOW_INCOMING_CONNECTIONS=${ALLOW_INCOMING_DEFAULT}
|
|
|
|
# Security
|
|
SECRET_KEY=${SECRET_KEY_DEFAULT}
|
|
JWT_SECRET_KEY=${JWT_SECRET_KEY_DEFAULT}
|
|
ENCRYPTION_KEY=${ENCRYPTION_KEY_DEFAULT}
|
|
|
|
# API / runtime
|
|
API_HOST=${API_HOST_DEFAULT}
|
|
API_PORT=${API_PORT_DEFAULT}
|
|
UVICORN_HOST=${UVICORN_HOST_DEFAULT}
|
|
UVICORN_PORT=${UVICORN_PORT_DEFAULT}
|
|
DOCKER_SOCK_PATH=${DOCKER_SOCK_DEFAULT}
|
|
|
|
# Node key paths inside container
|
|
NODE_PRIVATE_KEY_PATH=${NODE_PRIV_PATH}
|
|
NODE_PUBLIC_KEY_PATH=${NODE_PUB_PATH}
|
|
NODE_PUBLIC_KEY_HEX=${NODE_PUBLIC_KEY_HEX}
|
|
|
|
# Storage/logs (host paths are mounted by compose)
|
|
STORAGE_PATH=${STORAGE_REL}
|
|
|
|
# Bootstrap
|
|
BOOTSTRAP_CONFIG=${BOOTSTRAP_CONFIG_DEFAULT}
|
|
|
|
# Telegram (optional; leave empty to disable)
|
|
TELEGRAM_API_KEY=
|
|
CLIENT_TELEGRAM_API_KEY=
|
|
|
|
# Logging / network params
|
|
LOG_LEVEL=${LOG_LEVEL_DEFAULT}
|
|
MAX_PEER_CONNECTIONS=${MAX_PEERS_DEFAULT}
|
|
SYNC_INTERVAL=${SYNC_INTERVAL_DEFAULT}
|
|
CONVERT_MAX_PARALLEL=${CONVERT_PAR_DEFAULT}
|
|
CONVERT_TIMEOUT=${CONVERT_TIMEOUT_DEFAULT}
|
|
EOF
|
|
|
|
echo "[OK] .env written to: $ENV_FILE"
|
|
echo
|
|
echo "Summary:"
|
|
echo " POSTGRES_DB=${POSTGRES_DB_DEFAULT}"
|
|
echo " POSTGRES_USER=${POSTGRES_USER_DEFAULT}"
|
|
echo " POSTGRES_PASSWORD=<generated>"
|
|
echo " DATABASE_URL=${DB_URL_DEFAULT}"
|
|
echo " REDIS_URL=${REDIS_URL_DEFAULT}"
|
|
echo " NODE_ID=${NODE_ID_DEFAULT}"
|
|
echo " Keys:"
|
|
echo " Private: $PRIV_KEY_HOST"
|
|
echo " Public : $PUB_KEY_HOST"
|
|
echo " NODE_PUBLIC_KEY_HEX=${NODE_PUBLIC_KEY_HEX:-<not computed>}"
|
|
echo
|
|
echo "Next steps:"
|
|
echo " 1) Open uploader-bot/.env and set TELEGRAM_API_KEY / CLIENT_TELEGRAM_API_KEY if needed."
|
|
echo " 2) Run: docker compose -f uploader-bot/deployment/docker-compose.macos.yml up -d --build"
|
|
echo " 3) Check: curl http://localhost:8000/health" |