Refactor code for improved readability and performance

2025-12-21 22:32:09 -08:00
parent 79e3c02f50
commit b45c2006be
2259 changed files with 380318 additions and 2 deletions
--- a/scripts/secure-validator-keys.sh
+++ b/scripts/secure-validator-keys.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+# Secure Validator Key Permissions
+# Run on Proxmox host after validator keys are deployed
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+
+# Colors
+GREEN='\033[0;32m'
+BLUE='\033[0;34m'
+YELLOW='\033[1;33m'
+NC='\033[0m'
+
+log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
+log_success() { echo -e "${GREEN}[✓]${NC} $1"; }
+log_warn() { echo -e "${YELLOW}[WARNING]${NC} $1"; }
+
+if ! command -v pct >/dev/null 2>&1; then
+    echo "Error: pct command not found. This script must be run on Proxmox host."
+    exit 1
+fi
+
+if [[ $EUID -ne 0 ]]; then
+    echo "Error: This script must be run as root"
+    exit 1
+fi
+
+# Secure keys in validator containers
+for vmid in 1000 1001 1002 1003 1004; do
+    if pct status "$vmid" 2>/dev/null | grep -q running; then
+        log_info "Securing keys in container $vmid..."
+        
+        # Set file permissions to 600 for key files
+        pct exec "$vmid" -- find /keys/validators -type f \( -name "*.pem" -o -name "*.priv" -o -name "key" \) -exec chmod 600 {} \; 2>/dev/null || true
+        
+        # Set directory permissions
+        pct exec "$vmid" -- find /keys/validators -type d -exec chmod 700 {} \; 2>/dev/null || true
+        
+        # Set ownership to besu:besu
+        pct exec "$vmid" -- chown -R besu:besu /keys/validators 2>/dev/null || true
+        
+        log_success "Container $vmid secured"
+    else
+        log_warn "Container $vmid is not running, skipping"
+    fi
+done
+
+log_success "Validator key security check complete!"