2025-12-15 01:28:50 +00:00
6 changed files with 32 additions and 33 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -13,21 +13,6 @@ The format is based on [Keep a Changelog][keepachangelog] and adheres to [Semant
 ### Deprecated

 ### Fixed
-## [0.72.1] - 2025-12-09
-
-### Added
-\n
-### Changed
- Switched Let's Encrypt automatic certificate management to use the production environment instead of staging.
- Updated development environment configuration to explicitly set HTTP and Raft advertise addresses for RQLite.
- Updated README to reflect the change from `make down` to `make stop` for stopping the development environment.
-
-### Deprecated
-
-### Removed
-
-### Fixed
-\n
 ## [0.72.0] - 2025-11-28

 ### Added
--- a/2
+++ b/2
@ -19,7 +19,7 @@ test-e2e:

 .PHONY: build clean test run-node run-node2 run-node3 run-example deps tidy fmt vet lint clear-ports install-hooks kill

-VERSION := 0.72.1
+VERSION := 0.72.0
 COMMIT  ?= $(shell git rev-parse --short HEAD 2>/dev/null || echo unknown)
 DATE    ?= $(shell date -u +%Y-%m-%dT%H:%M:%SZ)
 LDFLAGS := -X 'main.version=$(VERSION)' -X 'main.commit=$(COMMIT)' -X 'main.date=$(DATE)'
--- a/README.md
+++ b/README.md
@ -33,7 +33,7 @@ The cluster automatically performs health checks before declaring success. Check
 ### Stop Development Environment

 ```bash
-make stop
+make down
 ```

 ## Testing Services
--- a/pkg/environments/development/config.go
+++ b/pkg/environments/development/config.go
@ -143,19 +143,16 @@ func (ce *ConfigEnsurer) ensureNodeConfig(nodeSpec NodeSpec, peerAddrs []string)

 	// Generate node config (all nodes are unified)
 	data := templates.NodeConfigData{
-		NodeID:                 nodeSpec.Name,
-		P2PPort:                nodeSpec.P2PPort,
-		DataDir:                nodeDir,
-		RQLiteHTTPPort:         nodeSpec.RQLiteHTTPPort,
-		RQLiteRaftPort:         nodeSpec.RQLiteRaftPort,
-		RQLiteRaftInternalPort: nodeSpec.RQLiteRaftPort,
-		RQLiteJoinAddress:      nodeSpec.RQLiteJoinTarget,
-		BootstrapPeers:         peerAddrs,
-		ClusterAPIPort:         nodeSpec.ClusterAPIPort,
-		IPFSAPIPort:            nodeSpec.IPFSAPIPort,
-		UnifiedGatewayPort:     nodeSpec.UnifiedGatewayPort,
-		HTTPAdvAddress:         fmt.Sprintf("localhost:%d", nodeSpec.RQLiteHTTPPort),
-		RaftAdvAddress:         fmt.Sprintf("localhost:%d", nodeSpec.RQLiteRaftPort),
+		NodeID:             nodeSpec.Name,
+		P2PPort:            nodeSpec.P2PPort,
+		DataDir:            nodeDir,
+		RQLiteHTTPPort:     nodeSpec.RQLiteHTTPPort,
+		RQLiteRaftPort:     nodeSpec.RQLiteRaftPort,
+		RQLiteJoinAddress:  nodeSpec.RQLiteJoinTarget,
+		BootstrapPeers:     peerAddrs,
+		ClusterAPIPort:     nodeSpec.ClusterAPIPort,
+		IPFSAPIPort:        nodeSpec.IPFSAPIPort,
+		UnifiedGatewayPort: nodeSpec.UnifiedGatewayPort,
 	}

 	config, err := templates.RenderNodeConfig(data)
--- a/pkg/gateway/https.go
+++ b/pkg/gateway/https.go
@ -9,6 +9,7 @@ import (
 	"time"

 	"go.uber.org/zap"
+	"golang.org/x/crypto/acme"
 	"golang.org/x/crypto/acme/autocert"

 	"github.com/DeBrosOfficial/network/pkg/config"
@ -55,22 +56,33 @@ func NewHTTPSGateway(logger *logging.ColoredLogger, cfg *config.HTTPGatewayConfi
 		)
 		// Don't set certManager - will use CertFile/KeyFile from config
 	} else if cfg.HTTPS.AutoCert {
-		// Use Let's Encrypt PRODUCTION (default when Client is nil)
+		// Use Let's Encrypt STAGING (consistent with SNI gateway)
 		cacheDir := cfg.HTTPS.CacheDir
 		if cacheDir == "" {
 			cacheDir = "/home/debros/.orama/tls-cache"
 		}

+		// Use Let's Encrypt STAGING - provides higher rate limits for testing/development
+		directoryURL := "https://acme-staging-v02.api.letsencrypt.org/directory"
+		logger.ComponentWarn(logging.ComponentGeneral,
+			"Using Let's Encrypt STAGING - certificates will not be trusted by production clients",
+			zap.String("domain", cfg.HTTPS.Domain),
+		)
+
 		gateway.certManager = &autocert.Manager{
 			Prompt:     autocert.AcceptTOS,
 			HostPolicy: autocert.HostWhitelist(cfg.HTTPS.Domain),
 			Cache:      autocert.DirCache(cacheDir),
 			Email:      cfg.HTTPS.Email,
+			Client: &acme.Client{
+				DirectoryURL: directoryURL,
+			},
 		}

-		logger.ComponentInfo(logging.ComponentGeneral, "Let's Encrypt autocert configured (production)",
+		logger.ComponentInfo(logging.ComponentGeneral, "Let's Encrypt autocert configured",
 			zap.String("domain", cfg.HTTPS.Domain),
 			zap.String("cache_dir", cacheDir),
+			zap.String("acme_environment", "staging"),
 		)
 	}

--- a/pkg/node/node.go
+++ b/pkg/node/node.go
@ -23,6 +23,7 @@ import (
 	noise "github.com/libp2p/go-libp2p/p2p/security/noise"
 	"github.com/multiformats/go-multiaddr"
 	"go.uber.org/zap"
+	"golang.org/x/crypto/acme"
 	"golang.org/x/crypto/acme/autocert"

 	"github.com/DeBrosOfficial/network/pkg/config"
@ -808,12 +809,16 @@ func (n *Node) startHTTPGateway(ctx context.Context) error {
 		}

 		// Create TLS configuration with Let's Encrypt autocert
-		// Using PRODUCTION Let's Encrypt (default when Client is nil)
+		// Using STAGING environment to avoid rate limits during development/testing
+		// TODO: Switch to production when ready (remove Client field)
 		certManager = &autocert.Manager{
 			Prompt:     autocert.AcceptTOS,
 			HostPolicy: autocert.HostWhitelist(gwCfg.DomainName),
 			Cache:      autocert.DirCache(tlsCacheDir),
 			Email:      fmt.Sprintf("admin@%s", gwCfg.DomainName),
+			Client: &acme.Client{
+				DirectoryURL: "https://acme-staging-v02.api.letsencrypt.org/directory",
+			},
 		}

 		// Store certificate manager for use by SNI gateway