d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
proxmox/scripts/fix-validator-permissioning-toml.sh

123 lines
4.8 KiB
Bash
Raw Permalink Normal View History

docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates - ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands - CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround - CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check - NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere - MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates - LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00
#!/usr/bin/env bash
# Fix validator node lists: deploy BOTH static-nodes.json and permissions-nodes.toml.
# Besu expects TOML for permissions-nodes-config-file (not permissioned-nodes.json).
# Static-nodes = bootstrap peers; permissions-nodes = allowlist. Both are essential.
#
# Run from repo root. Requires SSH to r630-01 (192.168.11.11) and ml110 (192.168.11.10).
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
cd "$PROJECT_ROOT"
[ -f config/ip-addresses.conf ] && source config/ip-addresses.conf 2>/dev/null || true
SOURCE_TOML="$PROJECT_ROOT/config/besu-node-lists/permissions-nodes.toml"
SOURCE_STATIC="$PROJECT_ROOT/config/besu-node-lists/static-nodes.json"
if [ ! -f "$SOURCE_TOML" ]; then
echo "Missing $SOURCE_TOML"
exit 1
fi
if [ ! -f "$SOURCE_STATIC" ]; then
echo "Missing $SOURCE_STATIC"
exit 1
fi
R630_01="${PROXMOX_R630_01:-192.168.11.11}"
ML110="${PROXMOX_ML110:-192.168.11.10}"
USER="${PROXMOX_USER:-root}"
PERM_PATH="/var/lib/besu/permissions"
CONFIG_GLOB="/etc/besu/config-validator.toml"
VALIDATORS=(
"1000:$R630_01"
"1001:$R630_01"
"1002:$R630_01"
"1003:$ML110"
"1004:$ML110"
)
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_ok() { echo -e "${GREEN}[✓]${NC} $1"; }
log_err() { echo -e "${RED}[✗]${NC} $1"; }
echo ""
echo "=== Fix validator node lists (static-nodes + permissions-nodes) ==="
echo " Both are essential: static-nodes = bootstrap peers, permissions-nodes = allowlist."
echo ""
# Copy both files to each host once
for host in "$R630_01" "$ML110"; do
log_info "Copying static-nodes.json and permissions-nodes.toml to $host"
scp -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$SOURCE_STATIC" "$SOURCE_TOML" "$USER@$host:/tmp/" 2>/dev/null || { log_err "scp to $host failed"; exit 1; }
log_ok " Copied"
done
FAILED=0
for entry in "${VALIDATORS[@]}"; do
IFS=: read -r vmid host <<< "$entry"
log_info "VMID $vmid @ $host"
status=$(ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$USER@$host" "pct status $vmid 2>/dev/null" | awk '{print $2}' || echo "unknown")
if [ "$status" != "running" ]; then
log_info " Skip (not running)"
continue
fi
# Push static-nodes.json to /var/lib/besu/ and permissions-nodes.toml to permissions/
STATIC_PATH="/var/lib/besu/static-nodes.json"
if ! ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$USER@$host" "pct push $vmid /tmp/static-nodes.json ${STATIC_PATH} && pct push $vmid /tmp/permissions-nodes.toml ${PERM_PATH}/permissions-nodes.toml" 2>/dev/null; then
log_err " pct push failed"
((FAILED++)) || true
continue
fi
# Point config to TOML (not JSON) and ensure static-nodes-file and permissions path are set
if ! ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$USER@$host" "pct exec $vmid -- bash -c '
for f in /etc/besu/config-validator.toml /config/config-validator.toml; do
[ -f \"\$f\" ] || continue
sed -i \"s|permissioned-nodes\\.json|permissions-nodes.toml|g\" \"\$f\"
sed -i \"s|\"/var/lib/besu/permissions/permissioned-nodes.json\"|\"/var/lib/besu/permissions/permissions-nodes.toml\"|g\" \"\$f\"
sed -i \"s|^static-nodes-file=.*|static-nodes-file=\\\"/var/lib/besu/static-nodes.json\\\"|\" \"\$f\"
sed -i \"s|^permissions-nodes-config-file=.*|permissions-nodes-config-file=\\\"/var/lib/besu/permissions/permissions-nodes.toml\\\"|\" \"\$f\"
grep -q \"static-nodes-file\" \"\$f\" || echo \"static-nodes-file=\\\"/var/lib/besu/static-nodes.json\\\"\" >> \"\$f\"
grep -q \"permissions-nodes-config-file\" \"\$f\" || echo \"permissions-nodes-config-file=\\\"/var/lib/besu/permissions/permissions-nodes.toml\\\"\" >> \"\$f\"
break
done
'" 2>/dev/null; then
log_err " sed config failed"
((FAILED++)) || true
continue
fi
ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$USER@$host" "pct exec $vmid -- chown besu:besu ${STATIC_PATH} ${PERM_PATH}/permissions-nodes.toml 2>/dev/null || pct exec $vmid -- chown root:root ${STATIC_PATH} ${PERM_PATH}/permissions-nodes.toml" 2>/dev/null || true
if ! ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$USER@$host" "pct exec $vmid -- systemctl restart besu-validator" 2>/dev/null; then
log_err " restart failed"
((FAILED++)) || true
continue
fi
log_ok " static-nodes + permissions-nodes deployed, config updated, restarted"
echo ""
done
# Cleanup host /tmp
for host in "$R630_01" "$ML110"; do
ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$USER@$host" "rm -f /tmp/permissions-nodes.toml /tmp/static-nodes.json" 2>/dev/null || true
done
echo "=== Summary ==="
if [ "$FAILED" -eq 0 ]; then
log_ok "All validators updated. Wait 12 min then: bash scripts/monitoring/monitor-blockchain-health.sh"
exit 0
else
log_err "$FAILED validator(s) failed."
exit 1
fi
Reference in New Issue Copy Permalink