feat: update README and configuration for HTTPS and node settings

- Renamed the `make down` command to `make stop` in the README for clarity.
- Enhanced the node configuration to include additional parameters for RQLite, specifically `RQLiteRaftInternalPort`, `HTTPAdvAddress`, and `RaftAdvAddress`.
- Updated the HTTPS gateway to use Let's Encrypt in production mode by default, removing references to the staging environment and improving logging for certificate management.

CHANGELOG.md

@@ -13,6 +13,21 @@ The format is based on [Keep a Changelog][keepachangelog] and adheres to [Semant
 ### Deprecated
 
 ### Fixed
+## [0.72.1] - 2025-12-09
+
+### Added
+\n
+### Changed
+- Switched Let's Encrypt automatic certificate management to use the production environment instead of staging.
+- Updated development environment configuration to explicitly set HTTP and Raft advertise addresses for RQLite.
+- Updated README to reflect the change from `make down` to `make stop` for stopping the development environment.
+
+### Deprecated
+
+### Removed
+
+### Fixed
+\n
 ## [0.72.0] - 2025-11-28
 
 ### Added

Makefile

@@ -19,7 +19,7 @@ test-e2e:
 
 .PHONY: build clean test run-node run-node2 run-node3 run-example deps tidy fmt vet lint clear-ports install-hooks kill
 
-VERSION := 0.72.0
+VERSION := 0.72.1
 COMMIT  ?= $(shell git rev-parse --short HEAD 2>/dev/null || echo unknown)
 DATE    ?= $(shell date -u +%Y-%m-%dT%H:%M:%SZ)
 LDFLAGS := -X 'main.version=$(VERSION)' -X 'main.commit=$(COMMIT)' -X 'main.date=$(DATE)'

README.md

@@ -33,7 +33,7 @@ The cluster automatically performs health checks before declaring success. Check
 ### Stop Development Environment
 
 ```bash
-make down
+make stop
 ```
 
 ## Testing Services

pkg/environments/development/config.go

@@ -143,16 +143,19 @@ func (ce *ConfigEnsurer) ensureNodeConfig(nodeSpec NodeSpec, peerAddrs []string)
 
 	// Generate node config (all nodes are unified)
 	data := templates.NodeConfigData{
-		NodeID:             nodeSpec.Name,
-		P2PPort:            nodeSpec.P2PPort,
-		DataDir:            nodeDir,
-		RQLiteHTTPPort:     nodeSpec.RQLiteHTTPPort,
-		RQLiteRaftPort:     nodeSpec.RQLiteRaftPort,
-		RQLiteJoinAddress:  nodeSpec.RQLiteJoinTarget,
-		BootstrapPeers:     peerAddrs,
-		ClusterAPIPort:     nodeSpec.ClusterAPIPort,
-		IPFSAPIPort:        nodeSpec.IPFSAPIPort,
-		UnifiedGatewayPort: nodeSpec.UnifiedGatewayPort,
+		NodeID:                 nodeSpec.Name,
+		P2PPort:                nodeSpec.P2PPort,
+		DataDir:                nodeDir,
+		RQLiteHTTPPort:         nodeSpec.RQLiteHTTPPort,
+		RQLiteRaftPort:         nodeSpec.RQLiteRaftPort,
+		RQLiteRaftInternalPort: nodeSpec.RQLiteRaftPort,
+		RQLiteJoinAddress:      nodeSpec.RQLiteJoinTarget,
+		BootstrapPeers:         peerAddrs,
+		ClusterAPIPort:         nodeSpec.ClusterAPIPort,
+		IPFSAPIPort:            nodeSpec.IPFSAPIPort,
+		UnifiedGatewayPort:     nodeSpec.UnifiedGatewayPort,
+		HTTPAdvAddress:         fmt.Sprintf("localhost:%d", nodeSpec.RQLiteHTTPPort),
+		RaftAdvAddress:         fmt.Sprintf("localhost:%d", nodeSpec.RQLiteRaftPort),
 	}
 
 	config, err := templates.RenderNodeConfig(data)

pkg/gateway/https.go

@@ -9,7 +9,6 @@ import (
 	"time"
 
 	"go.uber.org/zap"
-	"golang.org/x/crypto/acme"
 	"golang.org/x/crypto/acme/autocert"
 
 	"github.com/DeBrosOfficial/network/pkg/config"
@@ -56,33 +55,22 @@ func NewHTTPSGateway(logger *logging.ColoredLogger, cfg *config.HTTPGatewayConfi
 		)
 		// Don't set certManager - will use CertFile/KeyFile from config
 	} else if cfg.HTTPS.AutoCert {
-		// Use Let's Encrypt STAGING (consistent with SNI gateway)
+		// Use Let's Encrypt PRODUCTION (default when Client is nil)
 		cacheDir := cfg.HTTPS.CacheDir
 		if cacheDir == "" {
 			cacheDir = "/home/debros/.orama/tls-cache"
 		}
 
-		// Use Let's Encrypt STAGING - provides higher rate limits for testing/development
-		directoryURL := "https://acme-staging-v02.api.letsencrypt.org/directory"
-		logger.ComponentWarn(logging.ComponentGeneral,
-			"Using Let's Encrypt STAGING - certificates will not be trusted by production clients",
-			zap.String("domain", cfg.HTTPS.Domain),
-		)
-
 		gateway.certManager = &autocert.Manager{
 			Prompt:     autocert.AcceptTOS,
 			HostPolicy: autocert.HostWhitelist(cfg.HTTPS.Domain),
 			Cache:      autocert.DirCache(cacheDir),
 			Email:      cfg.HTTPS.Email,
-			Client: &acme.Client{
-				DirectoryURL: directoryURL,
-			},
 		}
 
-		logger.ComponentInfo(logging.ComponentGeneral, "Let's Encrypt autocert configured",
+		logger.ComponentInfo(logging.ComponentGeneral, "Let's Encrypt autocert configured (production)",
 			zap.String("domain", cfg.HTTPS.Domain),
 			zap.String("cache_dir", cacheDir),
-			zap.String("acme_environment", "staging"),
 		)
 	}
 

pkg/node/node.go

@@ -23,7 +23,6 @@ import (
 	noise "github.com/libp2p/go-libp2p/p2p/security/noise"
 	"github.com/multiformats/go-multiaddr"
 	"go.uber.org/zap"
-	"golang.org/x/crypto/acme"
 	"golang.org/x/crypto/acme/autocert"
 
 	"github.com/DeBrosOfficial/network/pkg/config"
@@ -809,16 +808,12 @@ func (n *Node) startHTTPGateway(ctx context.Context) error {
 		}
 
 		// Create TLS configuration with Let's Encrypt autocert
-		// Using STAGING environment to avoid rate limits during development/testing
-		// TODO: Switch to production when ready (remove Client field)
+		// Using PRODUCTION Let's Encrypt (default when Client is nil)
 		certManager = &autocert.Manager{
 			Prompt:     autocert.AcceptTOS,
 			HostPolicy: autocert.HostWhitelist(gwCfg.DomainName),
 			Cache:      autocert.DirCache(tlsCacheDir),
 			Email:      fmt.Sprintf("admin@%s", gwCfg.DomainName),
-			Client: &acme.Client{
-				DirectoryURL: "https://acme-staging-v02.api.letsencrypt.org/directory",
-			},
 		}
 
 		// Store certificate manager for use by SNI gateway