-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathfystack-ignite.sh
More file actions
executable file
·511 lines (421 loc) · 17.9 KB
/
fystack-ignite.sh
File metadata and controls
executable file
·511 lines (421 loc) · 17.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
#!/bin/bash
# ==================================================================================
# Complete Setup and Startup Script
#
# This script orchestrates the entire setup and startup process:
# 1. Run setup-nodes.sh to generate MPCIUM node configurations
# 2. Start docker-compose.yaml services
# 3. Restart apex service with updated configuration
#
# SECURITY: This script includes comprehensive sensitive data masking to prevent
# exposure of encryption keys, passwords, API keys, and other sensitive information
# in logs and output. All sensitive data is masked with "***MASKED***" before
# being displayed or logged.
# ==================================================================================
set -e # Exit on any error
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# Script directory and paths
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
DEV_DIR="$SCRIPT_DIR/dev"
SETUP_SCRIPT="$DEV_DIR/setup-nodes.sh"
DOCKER_COMPOSE_FILE="$DEV_DIR/docker-compose.yaml"
# Configuration
WAIT_FOR_SERVICES=${WAIT_FOR_SERVICES:-5} # Time to wait for services to start
declare -a MPCIUM_NODE_INDEXES=()
# Sensitive data masking function
mask_sensitive_data() {
local text="$1"
# Mask badger passwords (32 character strings)
text=$(echo "$text" | sed 's/badger_password: "[^"]*"/badger_password: "***MASKED***"/g')
text=$(echo "$text" | sed 's/Generated BadgerDB password: [^[:space:]]*/Generated BadgerDB password: ***MASKED***/g')
text=$(echo "$text" | sed 's/Password: [^[:space:]]*/Password: ***MASKED***/g')
# Mask encryption keys (32 character hex strings)
text=$(echo "$text" | sed 's/encryption_key: [a-f0-9]\{32\}/encryption_key: ***MASKED***/g')
text=$(echo "$text" | sed 's/Found encryption key: [a-f0-9]\{32\}/Found encryption key: ***MASKED***/g')
text=$(echo "$text" | sed 's/ENCRYPTION_KEY=[a-f0-9]\{32\}/ENCRYPTION_KEY=***MASKED***/g')
# Mask event initiator public keys (64 character hex strings)
text=$(echo "$text" | sed 's/event_initiator_pubkey: "[a-f0-9]\{64\}"/event_initiator_pubkey: "***MASKED***"/g')
text=$(echo "$text" | sed 's/Event initiator public key: [a-f0-9]\{64\}/Event initiator public key: ***MASKED***/g')
# Mask event initiator private keys (64 character hex strings)
text=$(echo "$text" | sed 's/event_initiator_pk_raw: "[a-f0-9]\{64\}"/event_initiator_pk_raw: "***MASKED***"/g')
text=$(echo "$text" | sed 's/Event initiator private key length: [0-9]* characters/Event initiator private key length: ***MASKED*** characters/g')
# Mask JWT secrets
text=$(echo "$text" | sed 's/jwt_secret: [a-f0-9]\{32\}/jwt_secret: ***MASKED***/g')
# Mask API keys and secrets
text=$(echo "$text" | sed 's/api_key: "[^"]*"/api_key: "***MASKED***"/g')
text=$(echo "$text" | sed 's/api_secret: "[^"]*"/api_secret: "***MASKED***"/g')
text=$(echo "$text" | sed 's/client_secret: "[^"]*"/client_secret: "***MASKED***"/g')
# Mask database passwords
text=$(echo "$text" | sed 's/password: "[^"]*"/password: "***MASKED***"/g')
# Mask Redis passwords
text=$(echo "$text" | sed 's/redis_password: "[^"]*"/redis_password: "***MASKED***"/g')
# Mask private keys in general (64 character hex strings)
text=$(echo "$text" | sed 's/private_key: "[a-f0-9]\{64\}"/private_key: "***MASKED***"/g')
# Mask integrity signer keys (64 character hex strings for ed25519 seeds)
text=$(echo "$text" | sed 's/Generated integrity signer.*key.*/Generated integrity signer key: ***MASKED***/g')
text=$(echo "$text" | sed 's/Integrity signer key.*:/Integrity signer key: ***MASKED***/g')
# Mask peer IDs (if they contain sensitive information)
text=$(echo "$text" | sed 's/peer_id: "[^"]*"/peer_id: "***MASKED***"/g')
echo "$text"
}
# Logging functions with sensitive data masking
log_info() {
local masked_message=$(mask_sensitive_data "$1")
echo -e "${BLUE}[INFO]${NC} $masked_message"
}
log_success() {
local masked_message=$(mask_sensitive_data "$1")
echo -e "${GREEN}[SUCCESS]${NC} $masked_message"
}
log_warning() {
local masked_message=$(mask_sensitive_data "$1")
echo -e "${YELLOW}[WARNING]${NC} $masked_message"
}
log_error() {
local masked_message=$(mask_sensitive_data "$1")
echo -e "${RED}[ERROR]${NC} $masked_message"
}
# Function to mask sensitive data in command output
mask_output() {
local output="$1"
mask_sensitive_data "$output"
}
# Generic function to execute commands with masking and error handling
execute_command() {
local description="$1"
local command="$2"
local success_message="$3"
local error_message="$4"
log_info "$description"
local output=$($command 2>&1)
local exit_code=$?
# Mask any sensitive data in the output before logging
local masked_output=$(mask_output "$output")
if [ -n "$masked_output" ]; then
echo "$masked_output"
fi
if [ $exit_code -eq 0 ]; then
log_success "$success_message"
else
log_error "$error_message (exit code: $exit_code)"
exit 1
fi
}
# Function to check if a service is running
check_service_running() {
local service_name="$1"
local success_message="$2"
local warning_message="$3"
if docker ps --format "table {{.Names}}" | grep -q "$service_name"; then
log_success "$success_message"
else
log_warning "$warning_message"
fi
}
# Function to check if a service has completed (for one-time jobs)
check_service_completed() {
local service_name="$1"
local success_message="$2"
local warning_message="$3"
if docker ps -a --format "table {{.Names}}" | grep -q "$service_name"; then
local exit_code=$(docker inspect "$service_name" --format='{{.State.ExitCode}}' 2>/dev/null || echo "1")
if [ "$exit_code" = "0" ]; then
log_success "$success_message"
else
log_warning "$warning_message (exit code: $exit_code)"
fi
else
log_warning "$service_name service not found"
fi
}
# Function to make script executable if needed
make_executable() {
local script_path="$1"
local script_name="$2"
if [ ! -x "$script_path" ]; then
log_warning "Making $script_name executable..."
chmod +x "$script_path"
fi
}
discover_mpcium_nodes() {
local nodes_dir="$DEV_DIR/node-configs"
if [ ! -d "$nodes_dir" ]; then
log_error "node-configs directory not found at: $nodes_dir"
exit 1
fi
local dirs=()
while IFS= read -r dir; do
dirs+=("$dir")
done < <(find "$nodes_dir" -maxdepth 1 -type d -name 'node*' -print | sort -t 'e' -k2 -n)
if [ ${#dirs[@]} -eq 0 ]; then
log_error "No MPCIUM node directories found in $nodes_dir"
exit 1
fi
for dir in "${dirs[@]}"; do
local base_name
base_name=$(basename "$dir")
local index="${base_name#node}"
if [[ "$index" =~ ^[0-9]+$ ]]; then
echo "$index"
fi
done
}
show_service_logs() {
local service="$1"
local logs
logs="$( (cd "$DEV_DIR" && docker compose logs --tail=50 "$service" 2>&1) || true )"
if [ -n "$logs" ]; then
log_info "Recent logs for $service:"
mask_output "$logs"
else
log_warning "No logs available for $service"
fi
}
check_mpcium_node() {
local index="$1"
local container_name="mpcium-node$index"
local service_name="mpcium$index"
if docker ps --format "{{.Names}}" | grep -qw "$container_name"; then
log_success "$container_name is running"
return 0
fi
local status exit_code
status=$(docker inspect "$container_name" --format='{{.State.Status}}' 2>/dev/null || echo "unknown")
exit_code=$(docker inspect "$container_name" --format='{{.State.ExitCode}}' 2>/dev/null || echo "unknown")
log_error "$container_name failed to start (status: $status, exit code: $exit_code)"
show_service_logs "$service_name"
return 1
}
print_banner() {
echo -e "${BLUE}"
echo "╔══════════════════════════════════════════════════════════════════════════════════╗"
echo "║ Complete Setup and Startup Script ║"
echo "║ ║"
echo "║ This script orchestrates the entire setup and startup process: ║"
echo "║ 1. Generate MPCIUM node configurations ║"
echo "║ 2. Start Docker Compose services ║"
echo "║ 3. Start MPCIUM nodes (peers auto-registered on startup) ║"
echo "╚══════════════════════════════════════════════════════════════════════════════════╝"
echo -e "${NC}"
echo
}
check_prerequisites() {
log_info "Checking prerequisites..."
# Check if required scripts exist
local required_files=(
"$SETUP_SCRIPT:setup-nodes.sh"
"$DOCKER_COMPOSE_FILE:docker-compose.yaml"
)
for file_info in "${required_files[@]}"; do
local file_path="${file_info%:*}"
local file_name="${file_info#*:}"
if [ ! -f "$file_path" ]; then
log_error "$file_name not found at: $file_path"
exit 1
fi
done
# Check if required tools are available
for tool in docker jq; do
if ! command -v $tool &> /dev/null; then
log_error "$tool is required but not installed or not in PATH."
exit 1
fi
done
# Check if docker compose is available
if ! docker compose version &> /dev/null; then
log_error "docker compose is required but not available. Please install Docker Compose v2."
exit 1
fi
# Make scripts executable
make_executable "$SETUP_SCRIPT" "setup-nodes.sh"
log_success "Prerequisites check passed"
}
run_setup_nodes() {
log_info "Step 1: Generating MPCIUM node configurations..."
cd "$DEV_DIR"
if [ -d "node-configs" ] && [ "$(ls -A node-configs 2>/dev/null)" ]; then
log_warning "Existing node-configs directory found. Overwriting existing configurations."
fi
execute_command \
"Running setup-nodes.sh..." \
"$SETUP_SCRIPT" \
"MPCIUM node configurations generated successfully" \
"Failed to generate MPCIUM node configurations"
}
start_docker_services() {
log_info "Step 2: Starting Docker Compose services (excluding MPCIUM nodes)..."
cd "$DEV_DIR"
log_info "Starting infrastructure services with docker compose..."
log_warning "This may take a few minutes if Docker images need to be pulled. Please wait..."
local output
output=$(docker compose up -d migrate apex rescanner postgres redis mongo nats-server consul multichain-indexer fystack-ui-community 2>&1)
local exit_code=$?
local masked_output=$(mask_output "$output")
if [ -n "$masked_output" ]; then
echo "$masked_output"
fi
if [ $exit_code -eq 0 ]; then
log_success "Infrastructure services started successfully"
else
log_error "Failed to start infrastructure services (exit code: $exit_code)"
exit 1
fi
log_info "Waiting $WAIT_FOR_SERVICES seconds for services to initialize..."
sleep "$WAIT_FOR_SERVICES"
# Check if key services are running
log_info "Checking service status..."
check_service_running "apex" "apex service is running" "apex service is not running yet"
check_service_running "consul" "consul service is running" "consul service is not running yet"
}
start_mpcium_nodes() {
log_info "Step 3: Starting MPCIUM nodes (peers auto-registered via --peers flag)..."
cd "$DEV_DIR"
MPCIUM_NODE_INDEXES=()
while IFS= read -r line; do
MPCIUM_NODE_INDEXES+=("$line")
done < <(discover_mpcium_nodes)
local mpcium_services=()
for index in "${MPCIUM_NODE_INDEXES[@]}"; do
mpcium_services+=("mpcium$index")
done
execute_command \
"Starting MPCIUM nodes..." \
"docker compose up -d ${mpcium_services[*]}" \
"MPCIUM nodes started successfully" \
"Failed to start MPCIUM nodes"
log_info "Waiting for MPCIUM nodes to initialize..."
sleep 10
# Check MPCIUM nodes status with diagnostics
local failed_nodes=0
for index in "${MPCIUM_NODE_INDEXES[@]}"; do
if ! check_mpcium_node "$index"; then
failed_nodes=$((failed_nodes + 1))
fi
done
if [ $failed_nodes -gt 0 ]; then
log_error "$failed_nodes MPCIUM node(s) failed to start. See logs above for details."
exit 1
fi
}
restart_apex_service() {
log_info "Step 4: Restarting apex service with updated configuration..."
cd "$DEV_DIR"
execute_command \
"Stopping apex service..." \
"docker compose stop apex" \
"Apex service stopped successfully" \
"Failed to stop apex service"
execute_command \
"Starting apex service..." \
"docker compose up -d apex" \
"Apex service restarted successfully" \
"Failed to restart apex service"
log_info "Waiting for apex service to be healthy..."
sleep 10
# Check apex service status
check_service_running "apex" "Apex service is running with updated configuration" "Apex service failed to start"
}
print_summary() {
if [ ${#MPCIUM_NODE_INDEXES[@]} -eq 0 ]; then
MPCIUM_NODE_INDEXES=()
while IFS= read -r line; do
MPCIUM_NODE_INDEXES+=("$line")
done < <(discover_mpcium_nodes)
fi
echo
echo -e "${GREEN}╔══════════════════════════════════════════════════════════════════════════════════╗${NC}"
echo -e "${GREEN}║ 🎉 SETUP COMPLETE! 🎉 ║${NC}"
echo -e "${GREEN}╚══════════════════════════════════════════════════════════════════════════════════╝${NC}"
echo
log_success "All services have been set up and started successfully!"
echo
log_info "📋 Summary of completed steps:"
echo " ✅ 1. MPCIUM node configurations generated"
echo " ✅ 2. Infrastructure services started"
echo " ✅ 3. MPCIUM nodes started with auto-peer registration (${#MPCIUM_NODE_INDEXES[@]} nodes)"
echo
log_info "🌐 Services available:"
echo " - Apex API: http://localhost:8150"
echo " - FyStack UI: http://localhost:8015"
echo " - Consul UI: http://localhost:8500"
echo " - NATS Monitoring: http://localhost:8222"
for index in "${MPCIUM_NODE_INDEXES[@]}"; do
local port=$((8080 + index))
echo " - MPCIUM Node $index: http://localhost:$port"
done
echo " - Redis: localhost:6379"
echo " - PostgreSQL: localhost:5432"
echo " - MongoDB: localhost:27017"
echo
log_info "📊 Service status:"
local docker_status=$(docker compose ps)
mask_output "$docker_status"
echo
log_warning "🔐 Important: Make sure to backup your configurations!"
echo
log_info "📝 Useful commands:"
echo " - View logs: docker compose logs -f [service_name]"
echo " - Stop services: docker compose down"
echo " - Restart services: docker compose restart"
echo " - Update configs: ./dev/setup-nodes.sh"
echo
}
# ==================================================================================
# MAIN EXECUTION
# ==================================================================================
main() {
print_banner
# Parse command line arguments
while [[ $# -gt 0 ]]; do
case $1 in
--skip-setup)
SKIP_SETUP=true
shift
;;
--wait-time)
WAIT_FOR_SERVICES="$2"
shift 2
;;
-h|--help)
echo "Usage: $0 [OPTIONS]"
echo
echo "Options:"
echo " --skip-setup Skip MPCIUM node setup (use existing configs)"
echo " --wait-time SECONDS Time to wait for services to start (default: 5)"
echo " -h, --help Show this help message"
echo
echo "Examples:"
echo " $0 # Complete setup and startup"
echo " $0 --skip-setup # Use existing configs, skip setup"
echo " $0 --wait-time 60 # Wait 60 seconds for services"
echo
echo "This script will:"
echo " 1. Generate MPCIUM node configurations (unless --skip-setup)"
echo " 2. Start infrastructure services (excluding MPCIUM nodes)"
echo " 3. Start MPCIUM nodes (peers auto-registered on startup)"
exit 0
;;
*)
log_error "Unknown option: $1"
exit 1
;;
esac
done
# Execute setup steps
check_prerequisites
if [ "$SKIP_SETUP" != "true" ]; then
run_setup_nodes
else
log_info "Skipping MPCIUM node setup (using existing configurations)"
fi
start_docker_services
start_mpcium_nodes
print_summary
}
# Run main function with all arguments
main "$@"