Merge pull request #75 from DeBrosOfficial/nightly

chore: update README and configuration for improved clarity and funct…

.github/workflows/release-apt.yml

@@ -58,7 +58,8 @@ jobs:
           mkdir -p build/usr/local/bin
           go build -ldflags "$LDFLAGS" -o build/usr/local/bin/orama cmd/cli/main.go
           go build -ldflags "$LDFLAGS" -o build/usr/local/bin/debros-node cmd/node/main.go
-          go build -ldflags "$LDFLAGS" -o build/usr/local/bin/debros-gateway cmd/gateway/main.go
+          # Build the entire gateway package so helper files (e.g., config parsing) are included
+          go build -ldflags "$LDFLAGS" -o build/usr/local/bin/debros-gateway ./cmd/gateway
 
       - name: Create Debian package structure
         run: |

CHANGELOG.md

@@ -18,9 +18,9 @@ The format is based on [Keep a Changelog][keepachangelog] and adheres to [Semant
 ### Added
 \n
 ### Changed
-- Switched Let's Encrypt automatic certificate management to use the production environment instead of staging.
+- Cleaned up the README by removing outdated feature lists and complex examples, focusing on the Quick Start guide.
-- Updated development environment configuration to explicitly set HTTP and Raft advertise addresses for RQLite.
+- Updated development configuration to correctly set advertised addresses for RQLite, improving internal cluster communication.
-- Updated README to reflect the change from `make down` to `make stop` for stopping the development environment.
+- Simplified the build process for the `debros-gateway` binary in the Debian release workflow.
 
 ### Deprecated
 

README.md

@@ -2,14 +2,6 @@
 
 A decentralized peer-to-peer data platform built in Go. Combines distributed SQL (RQLite), pub/sub messaging, and resilient peer discovery so applications can share state without central infrastructure.
 
-## Features
-
-- **Distributed SQL** - RQLite with Raft consensus
-- **Pub/Sub Messaging** - Topic-based with automatic cleanup
-- **Namespace Isolation** - Multi-tenant support
-- **Secure Transport** - LibP2P + Noise/TLS encryption
-- **Unified Gateway** - Single port access to all node services
-
 ## Quick Start
 
 ### Local Development
@@ -22,13 +14,7 @@ make build
 make dev
 ```
 
-The cluster automatically performs health checks before declaring success. Check the output for:
+The cluster automatically performs health checks before declaring success.
-
-- Node unified gateway ports (6001-6005)
-- IPFS API endpoints
-- Olric cache server
-- Peer connection status
-- Example curl commands
 
 ### Stop Development Environment
 
@@ -49,13 +35,9 @@ Each node is accessible via a single unified gateway port:
 ```bash
 # Node-1 (port 6001)
 curl http://node-1.local:6001/health
-curl http://node-1.local:6001/rqlite/http/db/execute -H "Content-Type: application/json" -d '{"sql":"SELECT 1"}'
-curl http://node-1.local:6001/cluster/health
-curl http://node-1.local:6001/ipfs/api/v0/version
 
 # Node-2 (port 6002)
 curl http://node-2.local:6002/health
-curl http://node-2.local:6002/rqlite/http/db/execute -H "Content-Type: application/json" -d '{"sql":"SELECT 1"}'
 
 # Node-3 (port 6003)
 curl http://node-3.local:6003/health
@@ -67,46 +49,6 @@ curl http://node-4.local:6004/health
 curl http://node-5.local:6005/health
 ```
 
-### Main Gateway
-
-The main gateway provides `/v1/*` routes for RQLite, pub/sub, and storage:
-
-```bash
-# Gateway health
-curl http://node-1.local:6001/health
-
-# Gateway status
-curl http://node-1.local:6001/v1/status
-
-# Network peers
-curl http://node-1.local:6001/v1/network/status
-
-# Database query
-curl http://node-1.local:6001/v1/rqlite/query \
-  -H "Content-Type: application/json" \
-  -d '{"sql":"SELECT 1"}'
-
-# Pub/Sub topics
-curl http://node-1.local:6001/v1/pubsub/topics
-```
-
-### Direct Service Access (Debugging)
-
-Direct access to individual service ports without unified gateway:
-
-```bash
-# RQLite HTTP (each node on its own port)
-curl http://localhost:5001/db/execute -H "Content-Type: application/json" -d '{"sql":"SELECT 1"}'  # Bootstrap
-curl http://localhost:5002/db/execute -H "Content-Type: application/json" -d '{"sql":"SELECT 1"}'  # Node2
-
-# IPFS API
-curl http://localhost:4501/api/v0/version  # Bootstrap IPFS
-curl http://localhost:4502/api/v0/version  # Node2 IPFS
-
-# Olric Cache
-curl http://localhost:3320/stats
-```
-
 ## Network Architecture
 
 ### Unified Gateway Ports
@@ -147,7 +89,7 @@ orama dev logs node-1 --follow  # Follow logs in real-time
 orama dev logs gateway --follow # Gateway logs
 
 # Stop all services
-orama dev down
+orama stop
 
 # Build binaries
 make build
@@ -222,16 +164,7 @@ echo "deb https://debrosficial.github.io/network/apt stable main" | sudo tee /et
 
 sudo apt update && sudo apt install orama
 
-# Interactive installation (recommended)
+sudo orama install --interactive
-sudo orama install
-
-# Or with flags - First node (creates new cluster)
-sudo orama install --vps-ip <public_ip> --domain node-1.example.com
-
-# Joining existing cluster
-sudo orama install --vps-ip <public_ip> --domain node-2.example.com \
-  --peers /ip4/<first_node_ip>/tcp/4001/p2p/<peer_id> \
-  --cluster-secret <64-hex-secret>
 ```
 
 ### Service Management
@@ -255,7 +188,7 @@ orama logs ipfs --follow
 
 ```bash
 # Upgrade to latest version
-sudo orama upgrade --restart [--branch nightly]
+sudo orama upgrade --interactive
 ```
 
 ## Configuration

pkg/environments/development/config.go

@@ -153,9 +153,9 @@ func (ce *ConfigEnsurer) ensureNodeConfig(nodeSpec NodeSpec, peerAddrs []string)
 		BootstrapPeers:     peerAddrs,
 		ClusterAPIPort:     nodeSpec.ClusterAPIPort,
 		IPFSAPIPort:        nodeSpec.IPFSAPIPort,
-		UnifiedGatewayPort:     nodeSpec.UnifiedGatewayPort,
 		HTTPAdvAddress:     fmt.Sprintf("localhost:%d", nodeSpec.RQLiteHTTPPort),
 		RaftAdvAddress:     fmt.Sprintf("localhost:%d", nodeSpec.RQLiteRaftPort),
+		UnifiedGatewayPort: nodeSpec.UnifiedGatewayPort,
 	}
 
 	config, err := templates.RenderNodeConfig(data)

pkg/gateway/https.go

@@ -9,6 +9,7 @@ import (
 	"time"
 
 	"go.uber.org/zap"
+	"golang.org/x/crypto/acme"
 	"golang.org/x/crypto/acme/autocert"
 
 	"github.com/DeBrosOfficial/network/pkg/config"
@@ -55,22 +56,33 @@ func NewHTTPSGateway(logger *logging.ColoredLogger, cfg *config.HTTPGatewayConfi
 		)
 		// Don't set certManager - will use CertFile/KeyFile from config
 	} else if cfg.HTTPS.AutoCert {
-		// Use Let's Encrypt PRODUCTION (default when Client is nil)
+		// Use Let's Encrypt STAGING (consistent with SNI gateway)
 		cacheDir := cfg.HTTPS.CacheDir
 		if cacheDir == "" {
 			cacheDir = "/home/debros/.orama/tls-cache"
 		}
 
+		// Use Let's Encrypt STAGING - provides higher rate limits for testing/development
+		directoryURL := "https://acme-staging-v02.api.letsencrypt.org/directory"
+		logger.ComponentWarn(logging.ComponentGeneral,
+			"Using Let's Encrypt STAGING - certificates will not be trusted by production clients",
+			zap.String("domain", cfg.HTTPS.Domain),
+		)
+
 		gateway.certManager = &autocert.Manager{
 			Prompt:     autocert.AcceptTOS,
 			HostPolicy: autocert.HostWhitelist(cfg.HTTPS.Domain),
 			Cache:      autocert.DirCache(cacheDir),
 			Email:      cfg.HTTPS.Email,
+			Client: &acme.Client{
+				DirectoryURL: directoryURL,
+			},
 		}
 
-		logger.ComponentInfo(logging.ComponentGeneral, "Let's Encrypt autocert configured (production)",
+		logger.ComponentInfo(logging.ComponentGeneral, "Let's Encrypt autocert configured",
 			zap.String("domain", cfg.HTTPS.Domain),
 			zap.String("cache_dir", cacheDir),
+			zap.String("acme_environment", "staging"),
 		)
 	}
 

pkg/node/node.go

@@ -23,6 +23,7 @@ import (
 	noise "github.com/libp2p/go-libp2p/p2p/security/noise"
 	"github.com/multiformats/go-multiaddr"
 	"go.uber.org/zap"
+	"golang.org/x/crypto/acme"
 	"golang.org/x/crypto/acme/autocert"
 
 	"github.com/DeBrosOfficial/network/pkg/config"
@@ -808,12 +809,16 @@ func (n *Node) startHTTPGateway(ctx context.Context) error {
 		}
 
 		// Create TLS configuration with Let's Encrypt autocert
-		// Using PRODUCTION Let's Encrypt (default when Client is nil)
+		// Using STAGING environment to avoid rate limits during development/testing
+		// TODO: Switch to production when ready (remove Client field)
 		certManager = &autocert.Manager{
 			Prompt:     autocert.AcceptTOS,
 			HostPolicy: autocert.HostWhitelist(gwCfg.DomainName),
 			Cache:      autocert.DirCache(tlsCacheDir),
 			Email:      fmt.Sprintf("admin@%s", gwCfg.DomainName),
+			Client: &acme.Client{
+				DirectoryURL: "https://acme-staging-v02.api.letsencrypt.org/directory",
+			},
 		}
 
 		// Store certificate manager for use by SNI gateway