Reconciles the divergence created by the May-13 nightly history rewrite
(main absorbed pre-rewrite SHAs via PRs #90-92). Content conflicts all
resolve in nightly's favor; nightly is the deployed, verified branch
(v0.122.47 live on devnet).
- refactor(turn): extract decodeTURNConfig for testability
- feat(turn): add stealth domain fields to config
- fix(apns): nest custom data under "body" for expo-notifications compatibility
- Implement `resolveStealthCert` to use existing `*.<baseDomain>` wildcard certificates instead of dynamic Caddyfile provisioning.
- Avoids EROFS errors caused by `ProtectSystem=strict` on the orama-node service.
- Add strict validation to ensure stealth hosts are single-label subdomains covered by the wildcard.
When /VERSION is bumped on the source branch before tagging, the SDK
package.json already matches the release tag. Without --allow-same-version,
npm version errors as 'Version not changed' and the workflow fails on
stable main releases (nightly worked by accident because the bump was
done in the previous commit cycle and package.json was a step behind).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
GoReleaser v2.15.4 rejects the {cmd: ..., dir: ...} map syntax for
before.hooks even though v2 docs show it. Reverting to the simple
string form `go -C core mod tidy` that worked in v1.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Workflow hardening based on the four-cycle release-debugging session:
Centralized versioning
- Add /VERSION at repo root as single source of truth.
- core/Makefile reads VERSION via `$(shell cat ../VERSION)`.
- Add `make bump VER=X.Y.Z` target that updates /VERSION and syncs
sdk/package.json in one shot.
Version mismatch guards
- All three release workflows (release.yaml, release-apt.yml,
publish-sdk.yml) now verify the release tag matches /VERSION at the
very first step. Stale-VERSION releases fail fast with a clear hint
to run `make bump`.
GoReleaser v2 migration
- Upgrade goreleaser-action v5 -> v6 (pinned `~> v2`).
- Add `version: 2` to .goreleaser.yaml.
- Migrate to v2 syntax: `archives.format` -> `formats: [...]`,
`brews.folder` -> `directory`, `snapshot.name_template` ->
`version_template`, `builds`-style references replaced with `ids:`.
- `before.hooks` can use map syntax again (v2 supports it).
Homebrew tap on stable only
- `brews.skip_upload` is now `'{{ if .Prerelease }}true{{ else }}false{{ end }}'`.
- Stops nightly releases from polluting the tap and from hitting 401
on stale HOMEBREW_TAP_TOKEN. Stable main releases still publish.
CI on every push
- New ci.yml runs `go vet` + `go test -race` on the core module and
typecheck/build/unit-tests on the SDK for every push to main/nightly
and every PR. version-sanity job warns when /VERSION and
sdk/package.json drift.
Version bump for next pipeline test
- /VERSION: 0.122.8
- sdk/package.json: 0.122.8
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The repo moved from DeBrosOfficial/network to DeBrosDAO/orama.
GoReleaser was uploading artifacts to the old URL and getting 307
redirects, then retrying until secondary rate limits kicked in.
- release.github.owner/name: DeBrosOfficial/network -> DeBrosDAO/orama
- brews.repository.owner: DeBrosOfficial -> DeBrosDAO
- all homepage URLs updated
- bump VERSION to 0.122.7 for fourth pipeline test
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- goreleaser nfpm contents pointed to ./core/README.md which doesn't
exist; switched to repo-root ./README.md
- bump VERSION to 0.122.6 for third pipeline test
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- goreleaser: 'cd core && go mod tidy' didn't work — hooks run via exec,
not shell. Switched to 'go -C core mod tidy' which is shell-free.
- release-apt: remove redundant mv that renamed file to itself
(PKG_NAME and target name were identical, dpkg-deb already named it
correctly)
- bump VERSION to 0.122.5 for second pipeline test
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- goreleaser: switch hooks to v1 string syntax (was map syntax, caused
yaml unmarshal error on action v1.26.2)
- release-apt: build ./cmd/cli and ./cmd/node as packages (was building
single .go files, missed sibling files → undefined: runCLI)
- publish-sdk: remove main-only guard; nightly releases now publish to
npm with --tag nightly (stable releases still go to @latest)
- bump VERSION to 0.122.4 for first end-to-end release pipeline test
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- add release event trigger to automate publishing
- update versioning logic to support release tags
- conditionally skip git tagging when triggered by release
- Change RQLite consistency level from `none` to `weak` to ensure reads
route to the leader and prevent stale data reads (fixes#235)
- Add `normalizeColumnKey` to allow snake_case SQL columns to map to
CamelCase Go struct fields automatically (fixes#65)
- Add comprehensive unit tests for DSN generation and column mapping
- Add `namespace_push_config` table for per-namespace provider settings
- Introduce `cluster_secret_path` to enable deterministic JWT signing and
AES-256-GCM encryption for push credentials
- Update gateway config to support per-namespace overrides of push
notification providers (ntfy/Expo)
- Bump version to 0.122.3
- bump version to 0.122.2
- document schema migration invariants and push notification configuration
- add serverless host function aliases and v2 database API documentation
- introduce schema roundtrip test to prevent migration drift
- Add "orama" to the list of host module registration names to support
common developer intuition and prevent instantiation errors.
- Add comprehensive regression tests to ensure all aliases ("env",
"host", "orama") remain registered.
- Update SDK documentation to clarify import conventions and alias
support.
- Add `contract.go` to manage and validate embedded SQL migrations
- Introduce `AssertSchema` to verify database version at startup
- Include `SchemaMismatchError` with actionable recovery instructions
- Add comprehensive unit tests for version parsing and validation
- Add migrations for per-namespace publish sequences and persistent WebSocket function settings
- Integrate PersistentWSManager and WSBridge into the gateway dependency graph
- Upgrade serverless engine to use a multi-tier rate limiter
- Update JWT claims to support custom application-defined fields
- Add --fanout flag to push command for server-to-server deployment
- Implement agent forwarding for efficient multi-node distribution
- Update landing page scene heights and section padding for mobile devices
- Replace CLI-based rootwallet calls with agent-based communication
- Update production provisioner to support sudo-based service management
- Add API key-to-wallet resolution for gateway operator handlers
- implement `nodes`, `rollout`, `ssh`, and `status` commands
- add `migrate-conf` utility to register existing nodes with the gateway
- update database schema to support operator wallet tracking for nodes
- support upsert in AddEnvironment, no-op RemoveEnvironment if absent
- fallback active env to devnet on remove, add tests
- integrate with sandbox create/destroy, ignore core/plans/
- add monorepo Makefile delegating to sub-projects
- update CI workflows, GoReleaser, gitignore for new structure
- revise README, CONTRIBUTING.md for monorepo overview
- bump Go to 1.24
- validate agent, API token, archive before provisioning
- auto-build archive via `make build-archive` if missing
- add tests and Makefile install target
- replace `rw vault ssh` calls with `rwagent.Client` in PrepareNodeKeys,
LoadAgentKeys, EnsureVaultEntry, ResolveVaultPublicKey
- add vaultClient interface, newClient func, and wrapAgentError for
testability and improved error messages
- prefer pre-built systemd dir in installNamespaceTemplates
- replace standalone sandbox keys with "sandbox/root" vault entry
- update inspector config to use vault targets (no passwords/keys)
- make sandbox default active environment
- add vault helpers and tests for remotessh
- propagate `--anyone-client` to `orama node upgrade` on all nodes
- prioritize explicit `--anyone-client` over prefs/auto-detect in production
- ensure mutual exclusivity between relay/client modes in prefs
- add WithNoHostKeyCheck option for ephemeral server IPs
- upload binary to genesis then distribute to other nodes (faster)
- improve provisioning error handling for cleanup on partial failure
- new `orama sandbox reset` deletes Hetzner resources (IPs, firewall, SSH key) and local config
- interactive location/server type selection during `setup`
- add Hetzner API methods for listing locations/types, deleting resources
- update defaults to nbg1/cx23
- integrate Zig-built vault-guardian into cross-compile process
- add `orama sandbox` for ephemeral Hetzner Cloud clusters
- update docs for `orama node` subcommands and new guides
Replaces plaintext password-based SSH authentication (sshpass) across
the entire Go CLI with wallet-derived ed25519 keys via RootWallet.
- Add `rw vault ssh agent-load` command to RootWallet CLI for SSH
agent forwarding in push fanout
- Create wallet.go bridge: PrepareNodeKeys resolves keys from `rw
vault ssh get --priv`, writes temp PEMs (0600), zero-overwrites
on cleanup
- Remove Password field from Node struct, update config parser to
new 3-field format (env|user@host|role)
- Remove all sshpass branches from inspector/ssh.go and
remotessh/ssh.go, require SSHKey on all SSH paths
- Add WithAgentForward() option to RunSSHStreaming for hub fanout
- Add PrepareNodeKeys + defer cleanup to all 7 entry points:
inspect, monitor, push, upgrade, clean, recover, install
- Update push fanout to use SSH agent forwarding instead of sshpass
on hub
- Delete install/ssh.go duplicate, replace with remotessh calls
- Create nodes.conf from remote-nodes.conf (topology only, no
secrets)
- Update all config defaults and help text from remote-nodes.conf
to nodes.conf
- Use StrictHostKeyChecking=accept-new consistently everywhere
- Deleted redeploy.sh, which handled redeployment to nodes in devnet/testnet environments.
- Removed upgrade-nodes.sh, responsible for rolling upgrades of nodes.
- Eliminated upload-source-fanout.sh, which uploaded source archives to nodes in parallel.
- Removed upload-source.sh, used for uploading and extracting source archives to VPS nodes.
- Introduced `secrets` command for managing function secrets, including set, list, and delete operations.
- Added `triggers` command for managing PubSub triggers associated with functions, allowing addition, listing, and deletion of triggers.
- Implemented API handlers for secrets management, including setting, listing, and deleting secrets.
- Updated serverless handlers to support new secrets and triggers functionalities.
- Enhanced tests for the new features, ensuring proper functionality and error handling.
- Updated version in Makefile to 0.112.2.
- Enhanced SFU server error handling to ignore http.ErrServerClosed.
- Added TURNS (TURN over TLS) configuration options in TURN server and related components.
- Updated firewall rules to include TURNS ports and modified related tests.
- Implemented self-signed certificate generation for TURNS.
- Adjusted TURN server to support both UDP and TCP listeners.
- Updated WebRTC and SFU components to accommodate new TURNS configurations.
- Add signaling package with message types and structures for SFU communication.
- Implement client and server message serialization/deserialization tests.
- Enhance systemd manager to handle SFU and TURN services, including start/stop logic.
- Create TURN server configuration and main server logic with HMAC-SHA1 authentication.
- Add tests for TURN server credential generation and validation.
- Define systemd service files for SFU and TURN services.
- Added support for "degraded" deployment status in types.
- Updated health checker initialization to include process manager and node ID.
- Refactored health checker tests to accommodate new process manager functionality.
- Implemented logic to handle unhealthy deployments, including restart and failure marking.
- Enhanced deployment reconciliation to manage under-replicated scenarios.
- Updated gateway handlers and middleware to consider "degraded" status in deployment queries.
- Added documentation for wallet-based SSH authentication in WALLET_SSH_AUTH.md.
- Introduced SSH key derivation and management in rootwallet core and CLI.
- Created commands for generating, loading, and unloading SSH keys in the CLI.
- Updated Orama network to support SSH key authentication.
- Added migration steps for nodes to transition from password-based to key-based authentication.
feat: add serverless function management commands
- Implemented function command structure in CLI for managing serverless functions.
- Added commands for initializing, building, deploying, invoking, deleting, and listing functions.
- Created helper functions for handling function configuration and API requests.
- Integrated TinyGo for building functions to WASM.
- Added logging and version management for deployed functions.
- Commented out debug logging statements in the Rqlite MCP server to prevent excessive disk writes during operation.
- Added a new PubSubAdapter method in the client for direct access to the pubsub.ClientAdapter, bypassing authentication checks for serverless functions.
- Integrated the pubsub adapter into the gateway for serverless function support.
- Implemented a new pubsub_publish host function in the serverless engine for publishing messages to topics.
- Commented out debug logging statements in the Rqlite MCP server to prevent excessive disk writes during operation.
- Added a new PubSubAdapter method in the client for direct access to the pubsub.ClientAdapter, bypassing authentication checks for serverless functions.
- Integrated the pubsub adapter into the gateway for serverless function support.
- Implemented a new pubsub_publish host function in the serverless engine for publishing messages to topics.
- Commented out debug logging statements in the Rqlite MCP server to prevent excessive disk writes during operation.
- Added a new PubSubAdapter method in the client for direct access to the pubsub.ClientAdapter, bypassing authentication checks for serverless functions.
- Integrated the pubsub adapter into the gateway for serverless function support.
- Implemented a new pubsub_publish host function in the serverless engine for publishing messages to topics.
- Introduced a new Rqlite MCP server implementation in `cmd/rqlite-mcp`, enabling JSON-RPC communication for database operations.
- Updated the Makefile to include the build command for the Rqlite MCP server.
- Enhanced the WebSocket PubSub client with presence capabilities, allowing members to join and leave topics with notifications.
- Implemented presence management in the gateway, including endpoints for querying current members in a topic.
- Added end-to-end tests for presence functionality, ensuring correct behavior during member join and leave events.
- Modified the Register method to return a function instance and an error, enhancing its functionality.
- Added a new GetLogs method to the mockFunctionRegistry for retrieving log entries, improving test coverage for serverless function logging.
- Updated the serverless functions table schema to remove the version constraint for uniqueness, allowing for more flexible function definitions.
- Enhanced the serverless engine to support HTTP fetch functionality, enabling external API calls from serverless functions.
- Implemented logging capabilities for function invocations, capturing detailed logs for better debugging and monitoring.
- Improved the authentication middleware to handle public endpoints more effectively, ensuring seamless access to serverless functions.
- Added new configuration options for serverless functions, including memory limits, timeout settings, and retry parameters, to optimize performance and reliability.
- Introduced a new `example.http` file containing comprehensive API examples for the Orama Network Gateway, demonstrating various functionalities including health checks, distributed cache operations, decentralized storage interactions, real-time pub/sub messaging, and serverless function management.
- Updated the README to include a section on serverless functions using WebAssembly (WASM), detailing the build, deployment, invocation, and management processes for serverless functions.
- Removed outdated debug configuration file to streamline project structure.
- Introduced comprehensive unit tests for the authentication service in the gateway, covering JWT generation, Base58 decoding, and signature verification for Ethereum and Solana.
- Added tests for RQLite cluster discovery functions, including host replacement logic and public IP validation.
- Implemented tests for RQLite utility functions, focusing on exponential backoff and data directory path resolution.
- Enhanced serverless engine tests to validate timeout handling and memory limits for WASM functions.
- Updated the API gateway documentation to reflect changes in architecture and functionality, emphasizing its role as a multi-functional entry point for decentralized services.
- Refactored CLI commands to utilize utility functions for better code organization and maintainability.
- Introduced new utility functions for handling peer normalization, service management, and port validation, enhancing the overall CLI experience.
- Added a new production installation script to streamline the setup process for users, including detailed dry-run summaries for better visibility.
- Enhanced validation mechanisms for configuration files and swarm keys, ensuring robust error handling and user feedback during setup.
- Updated the API gateway documentation to reflect changes in architecture and functionality, emphasizing its role as a multi-functional entry point for decentralized services.
- Refactored CLI commands to utilize utility functions for better code organization and maintainability.
- Introduced new utility functions for handling peer normalization, service management, and port validation, enhancing the overall CLI experience.
- Added a new production installation script to streamline the setup process for users, including detailed dry-run summaries for better visibility.
- Enhanced validation mechanisms for configuration files and swarm keys, ensuring robust error handling and user feedback during setup.
- Introduced a new `network.mdc` file containing comprehensive guidelines for utilizing the network Model Context Protocol (MCP).
- Documented available MCP tools for code understanding, skill learning, and recommended workflows to enhance developer efficiency.
- Provided detailed instructions on the collaborative skill learning process and user override commands for better interaction with the MCP.
- Introduced a new `network.mdc` file containing comprehensive guidelines for utilizing the network Model Context Protocol (MCP).
- Documented available MCP tools for code understanding, skill learning, and recommended workflows to enhance developer efficiency.
- Provided detailed instructions on the collaborative skill learning process and user override commands for better interaction with the MCP.
- Removed outdated feature list from README for a more concise overview.
- Updated health check instructions and command references in the README.
- Changed `make down` to `make stop` for consistency in stopping the development environment.
- Enhanced the configuration in `config.go` to include additional RQLite and Raft addresses for better node communication.
- Adjusted the build process in the release workflow to ensure all necessary gateway files are included.
- Renamed the node executable from `node` to `orama-node` in the Makefile and various scripts to reflect the new naming convention.
- Updated the gateway command to `orama-gateway` for consistency.
- Modified service configurations and systemd templates to ensure proper execution of the renamed binaries.
- Enhanced the interactive installer to prompt for the gateway URL, allowing users to select between local and remote nodes.
- Added functionality to extract domain information for TLS configuration, improving security for remote connections.
- Modified the RQLite node configuration to use direct TLS on port 7002 when HTTPS is enabled, bypassing SNI gateway conflicts.
- Updated the join address logic to reflect the new direct RQLite TLS connection method.
- Enhanced documentation comments to clarify the changes in TLS handling and port usage for Raft communication.
- Added a certificate ready signal to coordinate RQLite node-to-node TLS startup with certificate provisioning.
- Updated the RQLite service generation to include a log file path for better logging management.
- Implemented a timeout mechanism for waiting on TLS certificates, improving error handling during RQLite startup.
- Introduced IPFS peer information handling for improved network discovery and configuration.
- Added validation for the 64-hex swarm key, ensuring proper input during installation.
- Updated the installer to collect and store IPFS peer details, enhancing the setup experience for private networks.
- Enhanced the production setup to configure IPFS peering for better node discovery in private environments.
- Improved documentation to reflect new IPFS-related configuration options and swarm key requirements.
- Added a new CertificateManager for managing self-signed certificates, ensuring secure communication within the network.
- Updated the configuration to support self-signed certificates and Let's Encrypt integration for HTTPS.
- Enhanced the installer to generate and manage certificates automatically, improving the setup experience.
- Introduced a centralized TLS configuration for HTTP clients, ensuring consistent security practices across the application.
- Updated documentation to reflect new port requirements and HTTPS setup instructions.
- Added a new CertificateManager for managing self-signed certificates, ensuring secure communication within the network.
- Updated the configuration to support self-signed certificates and Let's Encrypt integration for HTTPS.
- Enhanced the installer to generate and manage certificates automatically, improving the setup experience.
- Introduced a centralized TLS configuration for HTTP clients, ensuring consistent security practices across the application.
- Updated documentation to reflect new port requirements and HTTPS setup instructions.
- Added a new CertificateManager for managing self-signed certificates, ensuring secure communication within the network.
- Updated the configuration to support self-signed certificates and Let's Encrypt integration for HTTPS.
- Enhanced the installer to generate and manage certificates automatically, improving the setup experience.
- Introduced a centralized TLS configuration for HTTP clients, ensuring consistent security practices across the application.
- Updated documentation to reflect new port requirements and HTTPS setup instructions.
- Replaced all instances of DeBros with Orama throughout the codebase, including CLI commands and configuration paths.
- Updated documentation to reflect the new naming convention and paths for configuration files.
- Removed the outdated PRODUCTION_INSTALL.md file and added new scripts for local domain setup and testing.
- Introduced a new interactive TUI installer for Orama Network, enhancing the installation experience.
- Improved logging and error handling across various components to provide clearer feedback during operations.
- Replaced all instances of DeBros with Orama throughout the codebase, including CLI commands and configuration paths.
- Updated documentation to reflect the new naming convention and paths for configuration files.
- Removed the outdated PRODUCTION_INSTALL.md file and added new scripts for local domain setup and testing.
- Introduced a new interactive TUI installer for Orama Network, enhancing the installation experience.
- Improved logging and error handling across various components to provide clearer feedback during operations.
- Replaced all instances of DeBros with Orama throughout the codebase, including CLI commands and configuration paths.
- Updated documentation to reflect the new naming convention and paths for configuration files.
- Removed the outdated PRODUCTION_INSTALL.md file and added new scripts for local domain setup and testing.
- Introduced a new interactive TUI installer for Orama Network, enhancing the installation experience.
- Improved logging and error handling across various components to provide clearer feedback during operations.
- Added a new method to verify the cluster secret in the service.json file, ensuring the correct secret is used during configuration updates.
- Updated the anyone-client installation process to utilize `npx` for improved reliability and added verification steps to confirm successful installation.
- Enhanced logging to provide clearer feedback on cluster secret verification and anyone-client installation status.
- Changed the npm installation command for anyone-client to use the scoped package name `@anyone-protocol/anyone-client`, ensuring correct package retrieval during installation.
- Introduced a new `PortChecker` type to verify port availability, enhancing service management during startup.
- Updated the `BinaryInstaller` to install the `anyone-client` npm package globally, ensuring its availability for SOCKS5 proxy functionality.
- Enhanced the `ProductionSetup` to include checks for port usage before starting the `anyone-client` service, improving conflict resolution.
- Added logging for the installation and service creation of `anyone-client`, providing clearer feedback during the setup process.
- Improved the `stop` target in the Makefile to ensure graceful shutdown of development services, allowing for a more reliable process termination.
- Updated the `StopAll` method in the ProcessManager to provide clearer logging during service shutdown, including progress updates and error handling.
- Added a new `PushNotificationService` to handle sending push notifications via Expo, including bulk notification capabilities and improved error handling.
- Refactored RQLite management to streamline node identification and logging, ensuring consistent behavior across node types during startup and recovery.
- Introduced a new `stop` target in the Makefile for graceful shutdown of development services, improving user experience during service management.
- Updated the `stopProcess` method in the ProcessManager to check if a process is running before attempting to stop it, enhancing reliability.
- Improved the shutdown logic to wait for a graceful shutdown before forcefully killing processes, providing clearer logging on the shutdown status.
- Enhanced the `dev-kill-all.sh` script to specifically target debros-related processes and improve the cleanup of PID files, ensuring a more thorough shutdown process.
- Updated nonce handling in challenge, verify, and issue API key handlers to normalize wallet addresses to lowercase for case-insensitive comparison.
- Enhanced SQL queries to use LOWER() function for wallet address checks, improving consistency and reliability in nonce validation.
- Eliminated the RQLite service management functions from the ProcessManager, streamlining the service startup and shutdown processes.
- Updated the Gateway to utilize a mutex for thread-safe access to the Olric client, enhancing concurrency handling.
- Refactored cache handler methods to consistently retrieve the Olric client, improving code clarity and maintainability.
- Added a reconnect loop for the Olric client to ensure resilience during connection failures, enhancing overall system reliability.
- Enhanced the DefaultPath function to remember the preferred data path for gateway.yaml, allowing for better error messaging and fallback options.
- Introduced a new function to initialize the Olric client with retry logic, improving resilience during client setup and providing clearer logging for connection attempts.
- Updated logging to provide detailed feedback on Olric client initialization attempts, enhancing troubleshooting capabilities.
- Added documentation for joining additional nodes, specifying the need for the same IPFS Cluster secret as the bootstrap host.
- Updated the production command to require the `--cluster-secret` flag for non-bootstrap nodes, ensuring consistent cluster PSKs during deployment.
- Enhanced error handling to validate the cluster secret format and provide user feedback if the secret is missing or invalid.
- Modified the configuration setup to accommodate the cluster secret, improving security and deployment integrity.
- Updated the `Phase2cInitializeServices` function to accept bootstrap peers and VPS IP, improving service configuration for non-bootstrap nodes.
- Refactored the `handleProdInstall` and `handleProdUpgrade` functions to ensure proper initialization of services with the new parameters.
- Improved logging to provide clearer feedback during service initialization and configuration, enhancing user experience and troubleshooting capabilities.
- Introduced new functions to check if a service is enabled and to enable or disable services as needed during production command execution.
- Enhanced the `handleProdStart` and `handleProdStop` functions to manage service states more effectively, ensuring services are re-enabled after being stopped and disabled when stopped.
- Improved logging to provide clear feedback on service status changes, enhancing user experience during service management.
- Introduced new functions to check if a service is enabled and to enable or disable services as needed during production command execution.
- Enhanced the `handleProdStart` and `handleProdStop` functions to manage service states more effectively, ensuring services are re-enabled after being stopped and disabled when stopped.
- Improved logging to provide clear feedback on service status changes, enhancing user experience during service management.
- Introduced new functions to check if a service is enabled and to enable or disable services as needed during production command execution.
- Enhanced the `handleProdStart` and `handleProdStop` functions to manage service states more effectively, ensuring services are re-enabled after being stopped and disabled when stopped.
- Improved logging to provide clear feedback on service status changes, enhancing user experience during service management.
- Updated the logic for determining Olric server addresses in the gateway configuration, differentiating between bootstrap and non-bootstrap nodes for better connectivity.
- Introduced a new function to parse bootstrap host and port from the API URL, improving clarity and flexibility in handling different network configurations.
- Enhanced the handling of IP protocols (IPv4 and IPv6) when constructing bootstrap peer addresses, ensuring compatibility across various network environments.
- Updated the production command to support dynamic IP address extraction from bootstrap peer multiaddrs, improving node connectivity.
- Refactored the configuration generation to include advertised HTTP and Raft addresses based on the node type and bootstrap peers.
- Enhanced error handling and logging for service management commands, ensuring better feedback during installation and upgrades.
- Improved the README documentation with new command examples and clarified usage instructions for production deployment.
- Changed the default configuration path for gateway.yaml to prioritize the ~/.debros/data/ directory, ensuring better organization and clarity.
- Updated related functions to reflect the new path structure, maintaining backward compatibility with existing configurations.
- Adjusted service execution commands to align with the new configuration path, enhancing deployment consistency.
- Updated production command handling to reflect that RQLite is now managed internally by the node process, eliminating the need for separate service definitions and binary paths.
- Adjusted logging and service management functions to streamline operations and improve clarity regarding RQLite's integration.
- Enhanced log file creation to be node-type specific, ensuring only relevant logs are generated based on the node type being installed.
- Introduced a new command-line option `--ignore-resource-checks` to skip prerequisite validation for disk, RAM, and CPU during installation and upgrades.
- Updated the `ProductionSetup` struct to include a flag for skipping resource checks, enhancing flexibility for users with specific deployment needs.
- Enhanced logging to inform users when resource checks are skipped, improving transparency during the setup process.
- Bumped the version number in the Makefile to 0.69.2.
- Removed deprecated environment commands from the CLI main.go file to streamline user experience.
- Enhanced help output for development and production commands, adding new options and clarifying usage instructions.
- Introduced a `--no-pull` option in production commands to skip repository updates during installation and upgrades, improving flexibility for users.
- Added functionality to stop services before upgrading binaries, ensuring a smoother upgrade process.
- Implemented a helper function to extract existing configuration settings from node and gateway config files, preserving critical parameters like bootstrap peers and domain.
- Enhanced logging to provide feedback on preserved configurations during the upgrade process.
- Improved the binary installation process by adding checks for the existence and contents of the source binary directory, ensuring a successful build.
- Implemented individual file copying to avoid issues with wildcard expansion, enhancing reliability during the installation.
- Added ownership correction for directories and files created during service initialization, ensuring proper permissions for the debros user.
- Enhanced error handling for ownership changes, providing detailed output in case of failures.
- Improved the binary installation process by adding checks for the existence and contents of the source binary directory, ensuring a successful build.
- Implemented individual file copying to avoid issues with wildcard expansion, enhancing reliability during the installation.
- Added ownership correction for directories and files created during service initialization, ensuring proper permissions for the debros user.
- Enhanced error handling for ownership changes, providing detailed output in case of failures.
- Introduced a new section in the README for Production Deployment, detailing prerequisites, installation steps, and service management commands.
- Added commands for starting, stopping, and restarting production services in the CLI, enhancing user control over service management.
- Updated IPFS initialization to configure API, Gateway, and Swarm addresses to avoid port conflicts, improving deployment reliability.
- Enhanced error handling and logging for service management operations, ensuring better feedback during execution.
- Introduced `--branch` flag for specifying Git branches (main or nightly) during installation and upgrade processes.
- Implemented validation for branch input and defaulted to 'main' if not specified.
- Enhanced help output to include examples for using the new branch feature.
- Added functionality to save and read branch preferences for future upgrades, improving user experience and flexibility.
- Improved the binary installation process by checking if the git repository is already initialized, allowing for updates instead of re-cloning.
- Added error handling for fetching and resetting the repository to ensure the latest changes are applied.
- Enhanced IPFS configuration management by clearing AutoConf placeholders to prevent startup errors, with detailed logging for each cleanup step.
- Added support for a `--config` flag in the gateway configuration parser to allow absolute or relative paths for the config file.
- Improved error handling for determining the config path, ensuring robust loading of `gateway.yaml` from specified locations.
- Updated related functions to maintain backward compatibility while enhancing flexibility in configuration management.
- Updated `select_data_dir_check` to handle both absolute and relative config paths, improving flexibility in configuration file management.
- Enhanced `DefaultPath` to check for config files in both legacy and production directories, ensuring backward compatibility.
- Modified `InitializeIPFSClusterConfig` to include cluster secret management and improve error handling during initialization.
- Added functionality to update the cluster secret in the service.json configuration file, enhancing security and configurability.
- Added error handling for copying the RQLite binary to ensure successful installation.
- Updated IPFS installation to follow official steps, including downloading, extracting, and verifying the installation of Kubo.
- Improved logging for each installation step and ensured the PATH is updated for the current process.
- Added checks to verify the existence of downloaded files and installation scripts, enhancing robustness.
- Added a new method `ResolveBinaryPath` to locate required executables in the system PATH and specified extra paths.
- Updated `InitializeIPFSRepo` and `Phase5CreateSystemdServices` methods to utilize the new binary resolution logic for IPFS, IPFS Cluster, RQLite, and Olric services.
- Modified service generation functions to accept binary paths as parameters, ensuring correct executable paths are used in systemd unit files.
- Updated CheckDiskSpace method to validate disk space against the parent directory if the specified path does not exist.
- Enhanced error handling to ensure accurate reporting of disk space validation failures.
- Removed unused `--force` and `--domain` flags from the test case to streamline the flag parsing logic.
- Updated the test to focus on essential flags, enhancing clarity and maintainability.
- Added comprehensive tests for production command flag parsing to ensure correct handling of bootstrap, VPS IP, and peer configurations.
- Updated production command help output to clarify the usage of new flags, including `--vps-ip` and `--bootstrap-join`.
- Modified the configuration generation logic to incorporate the new `bootstrapJoin` parameter for secondary bootstrap nodes.
- Enhanced systemd service generation to include the correct advertise IP and join address for non-bootstrap nodes.
- Implemented tests for RQLite service generation to verify the inclusion of join addresses and advertise IPs in the generated units.
- Added a new ResourceChecker type to validate system resources including disk space, RAM, and CPU cores.
- Implemented CheckDiskSpace, CheckRAM, and CheckCPU methods to ensure minimum requirements are met for production deployment.
- Integrated resource checks into the ProductionSetup's Phase1CheckPrerequisites method to enhance deployment reliability.
- Updated systemd service generation to log output to specific log files instead of the journal for better log management.
- Added a new ResourceChecker type to validate system resources including disk space, RAM, and CPU cores.
- Implemented CheckDiskSpace, CheckRAM, and CheckCPU methods to ensure minimum requirements are met for production deployment.
- Integrated resource checks into the ProductionSetup's Phase1CheckPrerequisites method to enhance deployment reliability.
- Updated systemd service generation to log output to specific log files instead of the journal for better log management.
- Introduced a new topology structure to manage multiple bootstrap and node configurations, allowing for a more flexible development environment.
- Updated Makefile and help commands to reflect the addition of a second bootstrap and fourth node.
- Enhanced health checks to require a minimum of three healthy nodes for RQLite and LibP2P connectivity.
- Refactored service management to dynamically handle multiple nodes and their respective configurations.
- Improved logging and configuration file generation for better clarity and maintainability.
- Improved the `getRaftLogIndex` method to accurately report the Raft log index by incorporating fallback logic to read persisted snapshot metadata when the RQLite status is unavailable or returns zero.
- Added a new method `getPersistedRaftLogIndex` to read the highest Raft log index from snapshot metadata files, ensuring accurate reporting even before RQLite starts.
- Centralized the data directory path resolution logic in `rqliteDataDirPath`, simplifying the codebase and enhancing maintainability.
- Added new E2E tests for authentication, cache operations, and IPFS interactions to improve coverage and reliability.
- Introduced concurrency tests for cache operations to validate performance under load.
- Updated `go.mod` to include `github.com/mattn/go-sqlite3` as a dependency for database interactions.
- Refined Makefile to simplify E2E test execution and configuration discovery.
- Removed outdated client E2E tests and consolidated related functionality for better maintainability.
- Added methods to check for existing Raft state and clear it if necessary, allowing for a clean join to the cluster.
- Enhanced automatic recovery logic to detect stale Raft state and clear it when peers have higher log indexes.
- Improved logging for Raft state operations to provide better visibility during cluster management.
- Introduced a new script `dev-kill-all.sh` to handle graceful shutdown of development processes and cleanup of stale PID files.
- Updated Makefile to include a `kill` command that utilizes the new script for improved process management.
- Enhanced the shutdown process to verify that required ports are free after termination of processes.
- Introduced a new script `dev-kill-all.sh` to handle graceful shutdown of development processes and cleanup of stale PID files.
- Updated Makefile to include a `kill` command that utilizes the new script for improved process management.
- Enhanced the shutdown process to verify that required ports are free after termination of processes.
- Introduced a new script `dev-kill-all.sh` to handle graceful shutdown of development processes and cleanup of stale PID files.
- Updated Makefile to include a `kill` command that utilizes the new script for improved process management.
- Enhanced the shutdown process to verify that required ports are free after termination of processes.
- Adjusted the installation sequence to generate secrets before initializing services, ensuring necessary keys are in place.
- Updated service initialization to account for both bootstrap and node variants, improving service status reporting.
- Enhanced error handling during IPFS repo and cluster path initialization, providing clearer feedback on failures.
- Captured the node peer ID for logging after secret generation, improving visibility during production setup.
- Consolidated development commands into a new `dev` command group for better organization.
- Introduced a `prod` command group to manage production environment operations.
- Updated Makefile to simplify the development environment setup and improve logging.
- Enhanced README to clarify the development process and health check requirements.
- Removed deprecated configuration and service management commands to streamline the CLI interface.
- Consolidated development commands into a new `dev` command group for better organization.
- Introduced a `prod` command group to manage production environment operations.
- Updated Makefile to simplify the development environment setup and improve logging.
- Enhanced README to clarify the development process and health check requirements.
- Removed deprecated configuration and service management commands to streamline the CLI interface.
- Changed default IPFS API URL to port 5001 for better compatibility.
- Enhanced the initialization process for IPFS and Cluster by adding support for bootstrap peers.
- Introduced user prompts for cluster secret and swarm key generation, improving user experience during setup.
- Updated service configuration to dynamically determine paths based on existing configuration files.
- Changed default IPFS API URL to port 5001 for better compatibility.
- Enhanced the initialization process for IPFS and Cluster by adding support for bootstrap peers.
- Introduced user prompts for cluster secret and swarm key generation, improving user experience during setup.
- Updated service configuration to dynamically determine paths based on existing configuration files.
- Added IPFS cluster API and HTTP API configuration options to node and bootstrap configurations.
- Improved the generation of IPFS-related URLs and parameters for better integration.
- Enhanced error logging in cache handlers to provide more context on failures during cache operations.
- Added IPFS cluster API and HTTP API configuration options to node and bootstrap configurations.
- Improved the generation of IPFS-related URLs and parameters for better integration.
- Enhanced error logging in cache handlers to provide more context on failures during cache operations.
- Implemented a new cacheMultiGetHandler to retrieve multiple keys from the Olric cache in a single request.
- Enhanced the extractAPIKey function to prioritize the X-API-Key header and improve handling of non-JWT Bearer tokens.
- Updated routes to include the new multi-get endpoint for cache operations.
- Added automatic setup for IPFS and IPFS Cluster during the network setup process.
- Implemented initialization of IPFS repositories and Cluster configurations for each node.
- Enhanced Makefile to support starting IPFS and Cluster daemons with improved logging.
- Introduced a new documentation guide for IPFS Cluster setup, detailing configuration and verification steps.
- Updated changelog to reflect the new features and improvements.
- Added automatic setup for IPFS and IPFS Cluster during the network setup process.
- Implemented initialization of IPFS repositories and Cluster configurations for each node.
- Enhanced Makefile to support starting IPFS and Cluster daemons with improved logging.
- Introduced a new documentation guide for IPFS Cluster setup, detailing configuration and verification steps.
- Updated changelog to reflect the new features and improvements.
- Added automatic setup for IPFS and IPFS Cluster during the network setup process.
- Implemented initialization of IPFS repositories and Cluster configurations for each node.
- Enhanced Makefile to support starting IPFS and Cluster daemons with improved logging.
- Introduced a new documentation guide for IPFS Cluster setup, detailing configuration and verification steps.
- Updated changelog to reflect the new features and improvements.
- Added automatic setup for IPFS and IPFS Cluster during the network setup process.
- Implemented initialization of IPFS repositories and Cluster configurations for each node.
- Enhanced Makefile to support starting IPFS and Cluster daemons with improved logging.
- Introduced a new documentation guide for IPFS Cluster setup, detailing configuration and verification steps.
- Updated changelog to reflect the new features and improvements.
- Added Olric cache server integration, including configuration options for Olric servers and timeout settings.
- Implemented HTTP handlers for cache operations: health check, get, put, delete, and scan.
- Enhanced Makefile with commands to run the Olric server and manage its configuration.
- Updated README and setup scripts to include Olric installation and configuration instructions.
- Introduced tests for cache handlers to ensure proper functionality and error handling.
- Added Olric cache server integration, including configuration options for Olric servers and timeout settings.
- Implemented HTTP handlers for cache operations: health check, get, put, delete, and scan.
- Enhanced Makefile with commands to run the Olric server and manage its configuration.
- Updated README and setup scripts to include Olric installation and configuration instructions.
- Introduced tests for cache handlers to ensure proper functionality and error handling.
- Increased the connection timeout from 15 seconds to 20 seconds for improved reliability during peer connections.
- Removed debug logging that filtered out ephemeral port addresses to streamline the logging process.
- Introduced a pre-commit hook that updates the changelog if there are code changes, excluding commits that only modify the changelog or Makefile.
- Added user confirmation for proceeding with the commit after displaying the changelog preview.
- Enhanced the update_changelog.sh script to differentiate between pre-commit and pre-push contexts for better change analysis.
- Added checks to skip changelog updates if the only unpushed commit is a changelog update commit.
- Improved handling of multiple unpushed commits by excluding the latest changelog commit from the diff analysis.
- Cleaned up temporary changelog preview files when no other changes are detected.
- Updated DefaultBootstrapPeers function to prioritize environment variable settings for bootstrap peers, allowing for dynamic configuration.
- Added tests to ensure non-empty default bootstrap peers and validate the correct handling of bootstrap peer configurations.
- Introduced a helper function to generate valid configurations for different node types, improving test clarity and maintainability.
- Enhanced the isPrivateOrLocalHost function to properly handle IPv6 addresses, ensuring accurate host validation.
- Updated the pre-push hook to change the directory to the repository root before staging CHANGELOG.md and Makefile, ensuring the commands execute in the correct context.
- Enhanced the pre-push hook to automatically stage and commit changes to CHANGELOG.md and Makefile, streamlining the version update process.
- Added error handling to ensure the push proceeds even if the commit fails due to no changes.
- Replaced the static date field in the changelog entry with a programmatically generated date, improving accuracy and reducing manual errors.
- Removed the date validation step, streamlining the script's functionality and ensuring consistency in date formatting.
- Updated the pre-push hook to read user confirmation directly from /dev/tty, ensuring it works correctly in all terminal contexts.
- This change enhances the reliability of the push confirmation process, preventing potential issues with user input in non-interactive environments.
- Added functionality to count and log the number of unstaged, staged, and unpushed changes for better visibility of the git state.
- Improved logging to provide clearer feedback on the current status of changes before generating the changelog.
- Removed hardcoded API key assignment and implemented loading from a .env file for better security and flexibility.
- Added error handling to guide users on setting the API key through environment variables or a .env file.
- Improved API response handling and error reporting for clearer feedback on potential issues with the API key.
- Improved the construction of the JSON request body for the OpenRouter API by using a here-document for better readability and maintainability.
- Ensured proper escaping of the prompt content to prevent issues with special characters in the API request.
- Changed the assignment of OPENROUTER_API_KEY to a hardcoded value for immediate use, removing the environment variable fallback.
- This change simplifies the script's usage for users who may not have the environment variable set.
- Updated the script to allow setting the OpenRouter API key via an environment variable, improving flexibility.
- Added HTTP headers for better API request context.
- Enhanced error reporting to provide clearer feedback on API errors and potential key issues.
- Introduced a new script `install-hooks.sh` to automate the installation of git hooks from the `.githooks` directory to the `.git/hooks` directory.
- Updated the Makefile to include a new `install-hooks` target for easy execution of the hook installation process.
- Modified the pre-push hook to correctly reference the repository root directory.
- Updated the pre-push hook to display a preview of the changelog and the new version before proceeding with the push.
- Added color-coded output for better visibility and user experience.
- Implemented user confirmation to abort the push if the changelog preview is not approved.
- Cleaned up temporary files created during the changelog update process.
- Introduced a new script `update_changelog.sh` that automates the process of generating and updating the changelog based on git diffs.
- The script checks for necessary dependencies, validates the current git state, and interacts with the OpenRouter API to generate changelog entries.
- It updates the version in the Makefile and inserts the new changelog entry into `CHANGELOG.md` while ensuring proper formatting and error handling.
- Introduced a new RQLite command in the CLI to handle RQLite-related operations.
- Implemented the 'fix' subcommand to automatically repair common RQLite cluster issues, including correcting misconfigured join addresses and cleaning stale raft state.
- Updated help documentation to include RQLite commands and their usage.
- Changed the RQLite join address from "localhost:7001" to "localhost:5001" in multiple locations, including node configuration and test cases.
- Ensured consistency across configuration generation and validation tests to reflect the updated join address.
- Updated the repository removal process to always use root, with a fallback to the 'debros' user if necessary.
- Added error handling for ensuring the 'debros' home directory exists and setting its ownership.
- Improved clarity in error messages for directory setup failures.
- Changed the repository removal process to use the 'debros' user to avoid permission issues, with a fallback to root if necessary.
- Added a delay to ensure filesystem sync after removing the repository.
- Ensured the parent directory exists and has the correct permissions, including setting ownership to the 'debros' user.
- Removed existing repository if it exists to ensure a fresh start.
- Simplified the cloning process by directly cloning the repository without checking for existing branches.
- Enhanced error handling for cloning, copying binaries, and setting permissions, providing clearer feedback on failures.
- Updated the version number in the Makefile to 0.53.9.
- Improved the interactive prompts for domain name input and DNS verification in the setup.go file, streamlining the process for enabling HTTPS configuration.
- Introduced new configuration fields for enabling HTTPS, specifying a domain name, and setting a TLS cache directory in the gateway configuration.
- Enhanced the main server logic to support HTTPS with ACME integration, including automatic HTTP to HTTPS redirection and error handling for server startup.
- Added validation for HTTPS settings to ensure proper domain and cache directory configuration.
- Implemented interactive prompts in the CLI for domain and HTTPS setup, including DNS verification and port availability checks.
- Deleted basic usage example in Go, TypeScript package.json, README.md, tsconfig.json, and client.ts to streamline the examples directory and remove outdated content.
- Updated service startup logic to include a helper function for starting or restarting services, improving reliability and clarity in service management.
- Added new configuration options for cluster synchronization, peer inactivity limits, and minimum cluster size in the config_commands.go file, enhancing cluster management capabilities.
- Added Go module cache directory to the setupDirectories function for improved Go environment configuration.
- Updated cloneAndBuild function to set HOME environment variable, ensuring proper module cache creation during build process.
- Added structured logging for RQLite components, including cluster discovery and leadership processes.
- Introduced methods for preparing the data directory and launching the RQLite process, improving code organization.
- Implemented exponential backoff for leadership checks to reduce log noise and improve reliability.
- Enhanced peer health tracking and membership update logic to streamline cluster synchronization and recovery.
- Introduced TriggerPeerExchange method to facilitate manual peer exchange for RQLite metadata.
- Implemented performPreStartClusterDiscovery to ensure coordinated recovery by building peers.json before RQLite startup.
- Added validation for node ID consistency with raft address during RQLite startup.
- Enhanced logging for cluster recovery processes and peer discovery progress.
- Updated cluster synchronization logic to improve reliability during node recovery scenarios.
- Added ClusterDiscoveryService to manage peer discovery and synchronization for RQLite nodes.
- Introduced new configuration options for cluster synchronization intervals, peer inactivity limits, and minimum cluster size.
- Enhanced validation logic to ensure proper configuration of cluster parameters.
- Implemented metrics collection for cluster health and peer status, improving monitoring capabilities.
- Updated RQLiteManager to integrate with the new discovery service, allowing for dynamic leadership and cluster joining logic.
- Updated the installation process to rely on debconf preseed and file-based acceptance methods, reducing the need for interactive prompts.
- Limited the number of "yes" responses piped during installation to enhance reliability and prevent infinite loops.
- Streamlined the command execution for fetching and running the installation script from GitHub.
- Implemented pre-acceptance of Anon terms in both the setup and installation scripts to eliminate interactive prompts.
- Enhanced the installation process by creating necessary directories and files to ensure terms are accepted before installation.
- Updated the installation command to use a non-interactive frontend, improving reliability during package installation.
- Added automatic acceptance of terms in the Anon configuration file to streamline the setup process.
- Updated the installation script to pre-accept terms, eliminating interactive prompts during installation.
- Enhanced output messages to reflect the auto-accepted terms for better user awareness.
- Added a check for unsupported Ubuntu version 25.04, providing informative messages if installation is skipped.
- Updated the installation method to use the official script from GitHub, ensuring a cleaner installation process.
- Implemented cleanup of old APT repository files and GPG keys before installation.
- Enhanced error handling for enabling and starting the Anon service, including output of command errors for better debugging.
- Introduced a new promptBranch function to allow users to select between 'main' and 'nightly' branches during the setup.
- Updated cloneAndBuild function to use the selected branch for cloning and pulling updates, enhancing flexibility in repository management.
- Implemented logic to switch branches if the current branch differs from the selected one, ensuring the correct branch is used.
- Bumped version from 0.52.15 to 0.52.16 in the Makefile.
- Added connection pool configuration with timeouts and limits in the RQLite adapter and gateway, improving database connection management.
- Added checks to prevent overwriting existing node.yaml and gateway.yaml files during configuration generation.
- Enhanced error handling for bootstrap.yaml creation, providing informative messages based on the existence of files.
- Implemented conditional renaming of bootstrap.yaml to node.yaml, ensuring it only occurs if node.yaml does not already exist.
- Updated output messages for clarity on configuration readiness and existing file usage.
- Added Base64 encoding for the response body in the anonProxyHandler to prevent corruption of binary data when returned in JSON format.
- Updated the response structure to include the encoded body, ensuring compatibility with various data types.
- Added support for installing and configuring the Anyone Relay (Anon) for anonymous networking in the setup process.
- Updated the Makefile to include the Anon client in the development stack, allowing it to run alongside other services.
- Implemented a new HTTP proxy handler for the Anon service, enabling proxied requests through the Anyone network.
- Enhanced the installation script to manage Anon installation, configuration, and firewall settings.
- Introduced tests for the Anon proxy handler to ensure proper request validation and error handling.
- Updated documentation to reflect the new Anon service and its usage in the development environment.
- Implemented logic to ensure an API key is created or retrieved for each wallet during the verification process.
- Added best-effort recording of ownership for both API keys and wallets in the namespace ownership database.
- Improved error handling and logging for better traceability of ownership checks and API key operations.
- Cleaned up unnecessary comments and whitespace in the auth_handlers.go file for better code readability.
- Added support for verifying signatures from both Ethereum (ETH) and Solana (SOL) blockchains in the verifyHandler.
- Introduced a new ChainType field in the request to specify the blockchain type, defaulting to ETH for backward compatibility.
- Implemented Ed25519 signature verification for Solana, including base64 decoding of signatures and base58 decoding of public keys.
- Enhanced error handling for unsupported chain types and invalid signature formats, improving robustness of the verification process.
- Updated the pubsubPublishHandler to publish messages to libp2p asynchronously, preventing HTTP response blocking.
- Introduced context with timeout for libp2p publishing to enhance reliability and logging for success and failure cases.
- Maintained immediate response for local delivery to WebSocket subscribers, improving overall message handling efficiency.
- Added local subscriber management to the Gateway for direct message delivery to WebSocket clients.
- Introduced synchronization mechanisms to handle concurrent access to local subscribers.
- Enhanced pubsub handlers to register and unregister local subscribers, improving message delivery efficiency.
- Updated message publishing logic to prioritize local delivery before forwarding to libp2p, ensuring faster response times for local clients.
- Implemented namespace isolation in pubsub handlers to ensure message segregation.
- Refactored subscription management to support multiple handlers per topic, allowing independent lifecycles for each handler.
- Introduced a unique HandlerID for each subscription, enabling better management of handler registrations and unsubscriptions.
- Updated message handling to broadcast to all registered handlers, improving message delivery efficiency.
- Added steps to generate node2.yaml, node3.yaml, and gateway.yaml configurations during the full stack initialization process.
- Implemented checks to prevent overwriting existing configuration files unless the --force flag is used.
- Improved output messages to provide clear feedback on generated configurations and bootstrap information.
- Added a new step to configure the UFW firewall during the setup process, ensuring necessary ports are opened for SSH, P2P, and Gateway API.
- Updated the setup command output to reflect the new firewall configuration step.
- Refactored the setup logic to maintain proper sequence and clarity in the setup steps.
- Modified the installation script to update the documentation link for better user guidance.
- Added functionality to create the 'debros' user if it does not exist during setup.
- Implemented a mechanism to configure passwordless sudo access for the 'debros' user, including validation of the sudoers rule.
- Updated setup command output to guide users on accessing the 'debros' user.
- Added Ubuntu 25.04 to the list of supported operating systems in the setup command.
- Modified the binary copy command to use a shell command for improved compatibility and functionality.
- Incremented version in Makefile to 0.52.7.
- Refactored the `generateConfigsInteractive` function to streamline the setup for single-node VPS configurations.
- Removed user prompts for bootstrap peers and join address, simplifying the configuration process.
- Added explicit commands for generating bootstrap and gateway configurations with improved error handling and output messages.
- Added validation functions for multiaddr and host:port formats to improve user input handling during setup.
- Refactored the setup command steps for clarity and consistency, ensuring proper sequence in the setup process.
- Removed the `initializeEnvironments` function and its related logic to streamline the setup flow.
- Updated the cloning process to use a shallow clone for efficiency.
- Enhanced service configuration to use environment variables for better management.
- Added validation functions for multiaddr and host:port formats to improve user input handling during setup.
- Refactored the setup command steps for clarity and consistency, ensuring proper sequence in the setup process.
- Removed the `initializeEnvironments` function and its related logic to streamline the setup flow.
- Updated the cloning process to use a shallow clone for efficiency.
- Enhanced service configuration to use environment variables for better management.
- Updated `setup.go` to add Go binary path to the current process and the `debros` user's `.bashrc` for persistent availability.
- Implemented error handling for updating `.bashrc` and ensured proper ownership of the file.
- Refined `install-debros-network.sh` to improve OS detection, dependency checks, and installation flow, including downloading the latest release of `network-cli` from GitHub.
- Streamlined the installation process with clearer logging and error messages, enhancing user experience.
- Updated `.goreleaser.yaml` to focus solely on building the `network-cli` binary, removing configurations for other binaries (node, gateway, identity).
- Adjusted archive settings to reflect changes in the build process, resulting in cleaner and smaller release packages.
- Updated version in `Makefile` to 0.52.3-beta and documented changes in `CHANGELOG.md`.
- Upgraded `actions/upload-artifact` and `actions/download-artifact` to version 4 in the release workflow for improved functionality.
- Introduced a new `release.sh` script to manage the complete release workflow, including versioning, branch checks, and tagging for both stable and nightly releases.
- Updated `.goreleaser.yaml` to reflect the new project name and added multi-platform binary builds for `network-cli`, `node`, `gateway`, and `identity`.
- Enhanced the CLI by modularizing commands into separate packages for better maintainability and clarity.
- Introduced a comprehensive environment management system, allowing users to switch between local, devnet, and testnet environments seamlessly.
- Added interactive setup commands for VPS installation, improving user experience and installation flow.
- Updated the installation script to be APT-ready, providing clear instructions for users and ensuring a smooth setup process.
- Enhanced documentation and changelog to reflect the new features and improvements.
- Added a check to ensure the script is run in an interactive terminal, providing clear error messages and instructions if not.
- Removed non-interactive mode handling for user creation, streamlining the user experience and ensuring necessary prompts are displayed.
- Updated instructions for re-running the script after user creation to enhance clarity.
- Added a check to skip re-execution of the script as the 'debros' user when running in non-interactive mode.
- Ensured that the installation can proceed as root without switching users in non-interactive scenarios, improving usability.
- Added support for non-interactive mode to automatically create the 'debros' user without user prompts.
- Implemented passwordless login for the 'debros' user in non-interactive mode.
- Retained interactive prompts for user creation when not in non-interactive mode, improving user experience and flexibility.
- Updated the user creation prompt to use `read -rp` for better user experience by allowing inline input without a newline.
- Ensured clarity in the prompt message for creating the 'debros' user.
- Removed the `Domain` field from the gateway configuration to simplify setup.
- Eliminated related logic for domain validation and ACME certificate management.
- Updated installation script to remove references to ACME certificate storage and HTTP/HTTPS port configurations.
- Bumped version in Makefile to 0.52.0-beta to reflect changes.
- Added functionality to check and create the 'debros' user if it does not exist, with options for password setup or passwordless login.
- Enhanced user switching logic to ensure the script runs as the 'debros' user or prompts for necessary actions.
- Updated the installation script to provide clearer instructions for user switching and installation continuation.
- Refined existing checks and improved error handling for a smoother installation experience.
- Updated the installation directory to a specific path (`/home/debros`) for better organization.
- Added a function to check and switch to the 'debros' user if not already running as that user.
- Improved user creation logic to ensure the 'debros' user is set up correctly with the appropriate home directory.
- Enhanced directory setup to create necessary subdirectories and set permissions accordingly.
- Changed the installation directory from `/opt/debros` to the user's home directory for improved flexibility.
- Updated systemd service configurations to reflect the new installation path for both node and gateway services.
- Ensured that read/write paths are aligned with the new installation directory.
- Added logic to check for the presence of essential configuration files during update mode.
- If missing, the script now generates the necessary `bootstrap.yaml` and `gateway.yaml` files to ensure proper setup.
- Introduced a new `Domain` field in the gateway configuration to support HTTPS and ACME certificate provisioning.
- Implemented domain validation to ensure proper format.
- Enhanced the main gateway logic to handle ACME challenges and manage TLS certificates using CertMagic.
- Updated installation script to create necessary directories for ACME certificate storage and configure firewall rules for HTTP/HTTPS ports.
- Added new entries to CHANGELOG.md for the one-command `make dev` target and full stack initialization features.
- Updated version in Makefile from 0.51.7-beta to 0.51.9-beta to reflect the latest changes.
- Updated script to support a complete DeBros network node installation with gateway.
- Improved user management by introducing a variable for the debros user.
- Added support for idempotent updates and secure systemd service management for both node and gateway services.
- Replaced the configuration wizard with automated configuration file generation using network-cli.
- Enhanced firewall configuration instructions and service management commands for better usability.
- Added .dev/ directory to .gitignore to exclude development process files.
- Updated CHANGELOG.md with new entries for the one-command `make dev` target, full stack initialization, and improved configuration management.
- Simplified README instructions for generating configuration files and starting the complete network stack.
- Added entry for LibP2P NAT support under version 0.51.6
- Created new unreleased section at top of changelog for future updates
- Maintained Keep a Changelog format with standard sections (Added, Changed, Deprecated, etc.)
- Added LibP2P support for NAT traversal to improve peer connectivity
- Updated version from 0.51.5-beta to 0.51.6-beta
- Updated CHANGELOG.md to document the new NAT support feature
- Changed the configuration file for run-node3 to use node3.yaml.
- Modified select_data_dir function to require a hasConfigFile parameter and added error handling for missing configuration.
- Updated main function to pass the config path to select_data_dir.
- Introduced a peer exchange protocol in the discovery package, allowing nodes to request and exchange peer information.
- Refactored peer discovery logic in the node package to utilize the new discovery manager for active peer exchange.
- Cleaned up unused code related to previous peer discovery methods.
- Added encryption module identity.go for reusable identity create, save etc funtions
- Updated make file to support identity/main.go
- Updated node/node.go on loadOrCreateIdentity to use encryption.identity
- Updated cli/main.go to remove fallbacks for identity
- Updated install-debros-network.sh script to use new ./cmd/identity and fixed port order on print
- Updated makefile and changelog
- Removed old pkg/gatway storage and migrated to new rqlite
- Updated readme
- Created new rqlite implementation
- Updated changelog
- Fixed migration error on migrations.go applySQL
- Created new rqlite folder
- Created rqlite adapter, client, gateway, migrations and rqlite init
- Updated node.go to support new rqlite architecture
- Updated readme
- Updated version
return"","",fmt.Errorf("stealth cert: %q is not a single-label subdomain of %q (the *.%s wildcard cert would not cover it)",stealthDomain,baseDomain,baseDomain)
return"","",fmt.Errorf("stealth cert: Caddy wildcard cert for *.%s not found at %s (is the gateway HTTPS wildcard provisioned on this node?): %w",baseDomain,certPath,err)
}
if_,err:=os.Stat(keyPath);err!=nil{
return"","",fmt.Errorf("stealth cert: Caddy wildcard key for *.%s not found at %s: %w",baseDomain,keyPath,err)
}
s.logger.Info("Using Caddy wildcard cert for stealth TURNS",
zap.String("stealth_domain",stealthDomain),
zap.String("cert_path",certPath))
returncertPath,keyPath,nil
}
// isSingleLabelSubdomain reports whether host is exactly one DNS label below
// base (e.g. "cdn-x.example.com" under "example.com"), which is the set a
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
