d-bis/proxmox
4
0
Fork 0
Code Issues 1 Pull Requests 9 Actions Packages Projects Releases Wiki Activity
Files
deba4f9f006a3c3312cb5c9dda7a5487c58e9faf
proxmox/scripts/fix-validator-permissioning-toml.sh
defiQUG b8613905bd
Some checks failed
Deploy to Phoenix / validate (push) Failing after 15s
Details
Deploy to Phoenix / deploy (push) Has been skipped
Details
chore: sync workspace — configs, docs, scripts, CI, pnpm, submodules 
- Submodule pins: dbis_core, cross-chain-pmm-lps, mcp-proxmox (local, push may be pending), metamask-integration, smom-dbis-138
- Atomic swap + cross-chain-pmm-lops-publish, deploy-portal workflow, phoenix deploy-targets, routing/aggregator matrices
- Docs, token-lists, forge proxy, phoenix API, runbooks, verify scripts

Made-with: Cursor
2026-04-21 22:01:33 -07:00

123 lines
4.9 KiB
Bash
Executable File
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#!/usr/bin/env bash
# Fix validator node lists: deploy BOTH static-nodes.json and permissions-nodes.toml.
# Besu expects TOML for permissions-nodes-config-file (not permissioned-nodes.json).
# Static-nodes = bootstrap peers; permissions-nodes = allowlist. Both are essential.
#
# Run from repo root. Requires SSH to r630-01 (192.168.11.11) and r630-03 (192.168.11.13).
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
cd "$PROJECT_ROOT"
[ -f config/ip-addresses.conf ] && source config/ip-addresses.conf 2>/dev/null || true
SOURCE_TOML="$PROJECT_ROOT/config/besu-node-lists/permissions-nodes.toml"
SOURCE_STATIC="$PROJECT_ROOT/config/besu-node-lists/static-nodes.json"
if [ ! -f "$SOURCE_TOML" ]; then
echo "Missing $SOURCE_TOML"
exit 1
fi
if [ ! -f "$SOURCE_STATIC" ]; then
echo "Missing $SOURCE_STATIC"
exit 1
fi
R630_01="${PROXMOX_HOST_R630_01:-${PROXMOX_R630_01:-192.168.11.11}}"
R630_03="${PROXMOX_HOST_R630_03:-${PROXMOX_R630_03:-192.168.11.13}}"
USER="${PROXMOX_USER:-root}"
PERM_PATH="/var/lib/besu/permissions"
CONFIG_GLOB="/etc/besu/config-validator.toml"
VALIDATORS=(
"1000:$R630_01"
"1001:$R630_01"
"1002:$R630_01"
"1003:$R630_03"
"1004:$R630_03"
)
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_ok() { echo -e "${GREEN}[✓]${NC} $1"; }
log_err() { echo -e "${RED}[✗]${NC} $1"; }
echo ""
echo "=== Fix validator node lists (static-nodes + permissions-nodes) ==="
echo " Both are essential: static-nodes = bootstrap peers, permissions-nodes = allowlist."
echo ""
# Copy both files to each host once
for host in "$R630_01" "$R630_03"; do
log_info "Copying static-nodes.json and permissions-nodes.toml to $host"
scp -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$SOURCE_STATIC" "$SOURCE_TOML" "$USER@$host:/tmp/" 2>/dev/null || { log_err "scp to $host failed"; exit 1; }
log_ok " Copied"
done
FAILED=0
for entry in "${VALIDATORS[@]}"; do
IFS=: read -r vmid host <<< "$entry"
log_info "VMID $vmid @ $host"
status=$(ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$USER@$host" "pct status $vmid 2>/dev/null" | awk '{print $2}' || echo "unknown")
if [ "$status" != "running" ]; then
log_info " Skip (not running)"
continue
fi
# Push static-nodes.json to /var/lib/besu/ and permissions-nodes.toml to permissions/
STATIC_PATH="/var/lib/besu/static-nodes.json"
if ! ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$USER@$host" "pct push $vmid /tmp/static-nodes.json ${STATIC_PATH} && pct push $vmid /tmp/permissions-nodes.toml ${PERM_PATH}/permissions-nodes.toml" 2>/dev/null; then
log_err " pct push failed"
((FAILED++)) || true
continue
fi
# Point config to TOML (not JSON) and ensure static-nodes-file and permissions path are set
if ! ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$USER@$host" "pct exec $vmid -- bash -c '
for f in /etc/besu/config-validator.toml /config/config-validator.toml; do
[ -f \"\$f\" ] || continue
sed -i \"s|permissioned-nodes\\.json|permissions-nodes.toml|g\" \"\$f\"
sed -i \"s|\"/var/lib/besu/permissions/permissioned-nodes.json\"|\"/var/lib/besu/permissions/permissions-nodes.toml\"|g\" \"\$f\"
sed -i \"s|^static-nodes-file=.*|static-nodes-file=\\\"/var/lib/besu/static-nodes.json\\\"|\" \"\$f\"
sed -i \"s|^permissions-nodes-config-file=.*|permissions-nodes-config-file=\\\"/var/lib/besu/permissions/permissions-nodes.toml\\\"|\" \"\$f\"
grep -q \"static-nodes-file\" \"\$f\" || echo \"static-nodes-file=\\\"/var/lib/besu/static-nodes.json\\\"\" >> \"\$f\"
grep -q \"permissions-nodes-config-file\" \"\$f\" || echo \"permissions-nodes-config-file=\\\"/var/lib/besu/permissions/permissions-nodes.toml\\\"\" >> \"\$f\"
break
done
'" 2>/dev/null; then
log_err " sed config failed"
((FAILED++)) || true
continue
fi
ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$USER@$host" "pct exec $vmid -- chown besu:besu ${STATIC_PATH} ${PERM_PATH}/permissions-nodes.toml 2>/dev/null || pct exec $vmid -- chown root:root ${STATIC_PATH} ${PERM_PATH}/permissions-nodes.toml" 2>/dev/null || true
if ! ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$USER@$host" "pct exec $vmid -- systemctl restart besu-validator" 2>/dev/null; then
log_err " restart failed"
((FAILED++)) || true
continue
fi
log_ok " static-nodes + permissions-nodes deployed, config updated, restarted"
echo ""
done
# Cleanup host /tmp
for host in "$R630_01" "$R630_03"; do
ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no "$USER@$host" "rm -f /tmp/permissions-nodes.toml /tmp/static-nodes.json" 2>/dev/null || true
done
echo "=== Summary ==="
if [ "$FAILED" -eq 0 ]; then
log_ok "All validators updated. Wait 12 min then: bash scripts/monitoring/monitor-blockchain-health.sh"
exit 0
else
log_err "$FAILED validator(s) failed."
exit 1
fi
Reference in New Issue View Git Blame Copy Permalink