hailin
/
rwadurian
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore(mpc-system): update Dockerfiles to Go 1.24 and fix line endings 

- Update all Dockerfiles from Go 1.21 to Go 1.24 (required by go.mod)
- Fix line endings in deploy.sh and .env.example for Unix compatibility

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
hailin 2025-12-05 16:40:32 -08:00
parent c52b6aa980
commit 34f0f7b897
7 changed files with 341 additions and 341 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

186
backend/mpc-system/.env.example
View File

@ -1,93 +1,93 @@
# =============================================================================
# MPC System - Environment Configuration
# =============================================================================
# This file contains all environment variables needed for MPC System deployment.
#
# Setup Instructions:
# 1. Copy this file: cp .env.example .env
# 2. Update ALL values according to your production environment
# 3. Generate secure random keys for secrets (see instructions below)
# 4. Start services: ./deploy.sh up
#
# IMPORTANT: This file contains examples only!
# In production, you MUST:
# - Change ALL passwords and keys to secure random values
# - Update ALLOWED_IPS to match your actual backend server IP
# - Keep the .env file secure and NEVER commit it to version control
# =============================================================================
# =============================================================================
# Environment Identifier
# =============================================================================
# Options: development, staging, production
ENVIRONMENT=production
# =============================================================================
# PostgreSQL Database Configuration
# =============================================================================
# Database user (can keep default or customize)
POSTGRES_USER=mpc_user
# Database password
# SECURITY: Generate a strong password in production!
# Example command: openssl rand -base64 32
POSTGRES_PASSWORD=change_this_to_secure_postgres_password
# =============================================================================
# Redis Cache Configuration
# =============================================================================
# Redis password (leave empty if Redis is only accessible within Docker network)
# For production, consider setting a password for defense in depth
# Example command: openssl rand -base64 24
REDIS_PASSWORD=
# =============================================================================
# RabbitMQ Message Broker Configuration
# =============================================================================
# RabbitMQ user (can keep default or customize)
RABBITMQ_USER=mpc_user
# RabbitMQ password
# SECURITY: Generate a strong password in production!
# Example command: openssl rand -base64 32
RABBITMQ_PASSWORD=change_this_to_secure_rabbitmq_password
# =============================================================================
# JWT Configuration
# =============================================================================
# JWT signing secret key (minimum 32 characters)
# SECURITY: Generate a strong random key in production!
# Example command: openssl rand -base64 48
JWT_SECRET_KEY=change_this_jwt_secret_key_to_random_value_min_32_chars
# =============================================================================
# Cryptography Configuration
# =============================================================================
# Master encryption key for encrypting stored key shares
# MUST be exactly 64 hexadecimal characters (256-bit key)
# SECURITY: Generate a secure random key in production!
# Example command: openssl rand -hex 32
# WARNING: If you lose this key, encrypted shares cannot be recovered!
CRYPTO_MASTER_KEY=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
# =============================================================================
# API Security Configuration
# =============================================================================
# API authentication key for server-to-server communication
# This key must match the MPC_API_KEY in your backend mpc-service configuration
# SECURITY: Generate a strong random key and keep it synchronized!
# Example command: openssl rand -base64 48
MPC_API_KEY=change_this_api_key_to_match_your_mpc_service_config
# Allowed IP addresses (comma-separated list)
# Only these IPs can access the MPC system APIs
# IMPORTANT: In production, restrict this to your actual backend server IP(s)!
# Examples:
# Single IP: ALLOWED_IPS=192.168.1.111
# Multiple IPs: ALLOWED_IPS=192.168.1.111,192.168.1.112
# Local only: ALLOWED_IPS=127.0.0.1
# Allow all: ALLOWED_IPS= (empty, relies on API_KEY auth only - NOT RECOMMENDED for production)
#
# Default allows all IPs (protected by API_KEY authentication)
# SECURITY WARNING: Change this in production to specific backend server IP(s)!
ALLOWED_IPS=
# =============================================================================
# MPC System - Environment Configuration
# =============================================================================
# This file contains all environment variables needed for MPC System deployment.
#
# Setup Instructions:
# 1. Copy this file: cp .env.example .env
# 2. Update ALL values according to your production environment
# 3. Generate secure random keys for secrets (see instructions below)
# 4. Start services: ./deploy.sh up
#
# IMPORTANT: This file contains examples only!
# In production, you MUST:
# - Change ALL passwords and keys to secure random values
# - Update ALLOWED_IPS to match your actual backend server IP
# - Keep the .env file secure and NEVER commit it to version control
# =============================================================================
# =============================================================================
# Environment Identifier
# =============================================================================
# Options: development, staging, production
ENVIRONMENT=production
# =============================================================================
# PostgreSQL Database Configuration
# =============================================================================
# Database user (can keep default or customize)
POSTGRES_USER=mpc_user
# Database password
# SECURITY: Generate a strong password in production!
# Example command: openssl rand -base64 32
POSTGRES_PASSWORD=change_this_to_secure_postgres_password
# =============================================================================
# Redis Cache Configuration
# =============================================================================
# Redis password (leave empty if Redis is only accessible within Docker network)
# For production, consider setting a password for defense in depth
# Example command: openssl rand -base64 24
REDIS_PASSWORD=
# =============================================================================
# RabbitMQ Message Broker Configuration
# =============================================================================
# RabbitMQ user (can keep default or customize)
RABBITMQ_USER=mpc_user
# RabbitMQ password
# SECURITY: Generate a strong password in production!
# Example command: openssl rand -base64 32
RABBITMQ_PASSWORD=change_this_to_secure_rabbitmq_password
# =============================================================================
# JWT Configuration
# =============================================================================
# JWT signing secret key (minimum 32 characters)
# SECURITY: Generate a strong random key in production!
# Example command: openssl rand -base64 48
JWT_SECRET_KEY=change_this_jwt_secret_key_to_random_value_min_32_chars
# =============================================================================
# Cryptography Configuration
# =============================================================================
# Master encryption key for encrypting stored key shares
# MUST be exactly 64 hexadecimal characters (256-bit key)
# SECURITY: Generate a secure random key in production!
# Example command: openssl rand -hex 32
# WARNING: If you lose this key, encrypted shares cannot be recovered!
CRYPTO_MASTER_KEY=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
# =============================================================================
# API Security Configuration
# =============================================================================
# API authentication key for server-to-server communication
# This key must match the MPC_API_KEY in your backend mpc-service configuration
# SECURITY: Generate a strong random key and keep it synchronized!
# Example command: openssl rand -base64 48
MPC_API_KEY=change_this_api_key_to_match_your_mpc_service_config
# Allowed IP addresses (comma-separated list)
# Only these IPs can access the MPC system APIs
# IMPORTANT: In production, restrict this to your actual backend server IP(s)!
# Examples:
# Single IP: ALLOWED_IPS=192.168.1.111
# Multiple IPs: ALLOWED_IPS=192.168.1.111,192.168.1.112
# Local only: ALLOWED_IPS=127.0.0.1
# Allow all: ALLOWED_IPS= (empty, relies on API_KEY auth only - NOT RECOMMENDED for production)
#
# Default allows all IPs (protected by API_KEY authentication)
# SECURITY WARNING: Change this in production to specific backend server IP(s)!
ALLOWED_IPS=

486
backend/mpc-system/deploy.sh
View File

@ -1,243 +1,243 @@
#!/bin/bash
# =============================================================================
# MPC System - Deployment Script
# =============================================================================
# This script manages the MPC System Docker services
#
# External Ports:
# 4000 - Account Service HTTP API
# 8081 - Session Coordinator API
# 8082 - Message Router WebSocket
# 8083 - Server Party API (user share generation)
# =============================================================================
set -e
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_success() { echo -e "${GREEN}[OK]${NC} $1"; }
log_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
cd "$SCRIPT_DIR"
# Load environment
if [ -f ".env" ]; then
log_info "Loading environment from .env file"
set -a
source .env
set +a
elif [ ! -f ".env" ] && [ -f ".env.example" ]; then
log_warn ".env file not found. Creating from .env.example"
log_warn "Please edit .env and configure for your environment!"
cp .env.example .env
log_error "Please configure .env file and run again"
exit 1
fi
# Core services list
CORE_SERVICES="postgres redis rabbitmq"
MPC_SERVICES="session-coordinator message-router server-party-1 server-party-2 server-party-3 server-party-api account-service"
ALL_SERVICES="$CORE_SERVICES $MPC_SERVICES"
case "$1" in
build)
log_info "Building MPC System services..."
docker compose build
log_success "MPC System built successfully"
;;
build-no-cache)
log_info "Building MPC System (no cache)..."
docker compose build --no-cache
log_success "MPC System built successfully"
;;
up|start)
log_info "Starting MPC System..."
docker compose up -d
log_success "MPC System started"
echo ""
log_info "Services status:"
docker compose ps
;;
down|stop)
log_info "Stopping MPC System..."
docker compose down
log_success "MPC System stopped"
;;
restart)
log_info "Restarting MPC System..."
docker compose down
docker compose up -d
log_success "MPC System restarted"
;;
logs)
if [ -n "$2" ]; then
docker compose logs -f "$2"
else
docker compose logs -f
fi
;;
logs-tail)
if [ -n "$2" ]; then
docker compose logs --tail 100 "$2"
else
docker compose logs --tail 100
fi
;;
status|ps)
log_info "MPC System status:"
docker compose ps
;;
health)
log_info "Checking MPC System health..."
# Check infrastructure
echo ""
echo "=== Infrastructure ==="
for svc in $CORE_SERVICES; do
if docker compose ps "$svc" --format json 2>/dev/null | grep -q '"Health":"healthy"'; then
log_success "$svc is healthy"
else
log_warn "$svc is not healthy"
fi
done
# Check MPC services
echo ""
echo "=== MPC Services ==="
for svc in $MPC_SERVICES; do
if docker compose ps "$svc" --format json 2>/dev/null | grep -q '"Health":"healthy"'; then
log_success "$svc is healthy"
else
log_warn "$svc is not healthy"
fi
done
# Check external API
echo ""
echo "=== External API ==="
if curl -sf "http://localhost:4000/health" > /dev/null 2>&1; then
log_success "Account Service API (port 4000) is accessible"
else
log_error "Account Service API (port 4000) is not accessible"
fi
;;
infra)
case "$2" in
up)
log_info "Starting infrastructure services..."
docker compose up -d $CORE_SERVICES
log_success "Infrastructure started"
;;
down)
log_info "Stopping infrastructure services..."
docker compose stop $CORE_SERVICES
log_success "Infrastructure stopped"
;;
*)
echo "Usage: $0 infra {up|down}"
exit 1
;;
esac
;;
mpc)
case "$2" in
up)
log_info "Starting MPC services..."
docker compose up -d $MPC_SERVICES
log_success "MPC services started"
;;
down)
log_info "Stopping MPC services..."
docker compose stop $MPC_SERVICES
log_success "MPC services stopped"
;;
restart)
log_info "Restarting MPC services..."
docker compose stop $MPC_SERVICES
docker compose up -d $MPC_SERVICES
log_success "MPC services restarted"
;;
*)
echo "Usage: $0 mpc {up|down|restart}"
exit 1
;;
esac
;;
clean)
log_warn "This will remove all containers and volumes!"
read -p "Are you sure? (y/N) " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
docker compose down -v
log_success "MPC System cleaned"
else
log_info "Cancelled"
fi
;;
shell)
if [ -n "$2" ]; then
log_info "Opening shell in $2..."
docker compose exec "$2" sh
else
log_info "Opening shell in account-service..."
docker compose exec account-service sh
fi
;;
test-api)
log_info "Testing Account Service API..."
echo ""
echo "Health check:"
curl -s "http://localhost:4000/health" | jq . 2>/dev/null || curl -s "http://localhost:4000/health"
echo ""
;;
*)
echo "MPC System Deployment Script"
echo ""
echo "Usage: $0 <command> [options]"
echo ""
echo "Commands:"
echo " build - Build all Docker images"
echo " build-no-cache - Build images without cache"
echo " up|start - Start all services"
echo " down|stop - Stop all services"
echo " restart - Restart all services"
echo " logs [service] - Follow logs (all or specific service)"
echo " logs-tail [svc] - Show last 100 log lines"
echo " status|ps - Show services status"
echo " health - Check all services health"
echo ""
echo " infra up|down - Start/stop infrastructure only"
echo " mpc up|down|restart - Start/stop/restart MPC services only"
echo ""
echo " shell [service] - Open shell in container"
echo " test-api - Test Account Service API"
echo " clean - Remove all containers and volumes"
echo ""
echo "Services:"
echo " Infrastructure: $CORE_SERVICES"
echo " MPC Services: $MPC_SERVICES"
exit 1
;;
esac
#!/bin/bash
# =============================================================================
# MPC System - Deployment Script
# =============================================================================
# This script manages the MPC System Docker services
#
# External Ports:
# 4000 - Account Service HTTP API
# 8081 - Session Coordinator API
# 8082 - Message Router WebSocket
# 8083 - Server Party API (user share generation)
# =============================================================================
set -e
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_success() { echo -e "${GREEN}[OK]${NC} $1"; }
log_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
cd "$SCRIPT_DIR"
# Load environment
if [ -f ".env" ]; then
log_info "Loading environment from .env file"
set -a
source .env
set +a
elif [ ! -f ".env" ] && [ -f ".env.example" ]; then
log_warn ".env file not found. Creating from .env.example"
log_warn "Please edit .env and configure for your environment!"
cp .env.example .env
log_error "Please configure .env file and run again"
exit 1
fi
# Core services list
CORE_SERVICES="postgres redis rabbitmq"
MPC_SERVICES="session-coordinator message-router server-party-1 server-party-2 server-party-3 server-party-api account-service"
ALL_SERVICES="$CORE_SERVICES $MPC_SERVICES"
case "$1" in
build)
log_info "Building MPC System services..."
docker compose build
log_success "MPC System built successfully"
;;
build-no-cache)
log_info "Building MPC System (no cache)..."
docker compose build --no-cache
log_success "MPC System built successfully"
;;
up|start)
log_info "Starting MPC System..."
docker compose up -d
log_success "MPC System started"
echo ""
log_info "Services status:"
docker compose ps
;;
down|stop)
log_info "Stopping MPC System..."
docker compose down
log_success "MPC System stopped"
;;
restart)
log_info "Restarting MPC System..."
docker compose down
docker compose up -d
log_success "MPC System restarted"
;;
logs)
if [ -n "$2" ]; then
docker compose logs -f "$2"
else
docker compose logs -f
fi
;;
logs-tail)
if [ -n "$2" ]; then
docker compose logs --tail 100 "$2"
else
docker compose logs --tail 100
fi
;;
status|ps)
log_info "MPC System status:"
docker compose ps
;;
health)
log_info "Checking MPC System health..."
# Check infrastructure
echo ""
echo "=== Infrastructure ==="
for svc in $CORE_SERVICES; do
if docker compose ps "$svc" --format json 2>/dev/null | grep -q '"Health":"healthy"'; then
log_success "$svc is healthy"
else
log_warn "$svc is not healthy"
fi
done
# Check MPC services
echo ""
echo "=== MPC Services ==="
for svc in $MPC_SERVICES; do
if docker compose ps "$svc" --format json 2>/dev/null | grep -q '"Health":"healthy"'; then
log_success "$svc is healthy"
else
log_warn "$svc is not healthy"
fi
done
# Check external API
echo ""
echo "=== External API ==="
if curl -sf "http://localhost:4000/health" > /dev/null 2>&1; then
log_success "Account Service API (port 4000) is accessible"
else
log_error "Account Service API (port 4000) is not accessible"
fi
;;
infra)
case "$2" in
up)
log_info "Starting infrastructure services..."
docker compose up -d $CORE_SERVICES
log_success "Infrastructure started"
;;
down)
log_info "Stopping infrastructure services..."
docker compose stop $CORE_SERVICES
log_success "Infrastructure stopped"
;;
*)
echo "Usage: $0 infra {up|down}"
exit 1
;;
esac
;;
mpc)
case "$2" in
up)
log_info "Starting MPC services..."
docker compose up -d $MPC_SERVICES
log_success "MPC services started"
;;
down)
log_info "Stopping MPC services..."
docker compose stop $MPC_SERVICES
log_success "MPC services stopped"
;;
restart)
log_info "Restarting MPC services..."
docker compose stop $MPC_SERVICES
docker compose up -d $MPC_SERVICES
log_success "MPC services restarted"
;;
*)
echo "Usage: $0 mpc {up|down|restart}"
exit 1
;;
esac
;;
clean)
log_warn "This will remove all containers and volumes!"
read -p "Are you sure? (y/N) " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
docker compose down -v
log_success "MPC System cleaned"
else
log_info "Cancelled"
fi
;;
shell)
if [ -n "$2" ]; then
log_info "Opening shell in $2..."
docker compose exec "$2" sh
else
log_info "Opening shell in account-service..."
docker compose exec account-service sh
fi
;;
test-api)
log_info "Testing Account Service API..."
echo ""
echo "Health check:"
curl -s "http://localhost:4000/health" | jq . 2>/dev/null || curl -s "http://localhost:4000/health"
echo ""
;;
*)
echo "MPC System Deployment Script"
echo ""
echo "Usage: $0 <command> [options]"
echo ""
echo "Commands:"
echo " build - Build all Docker images"
echo " build-no-cache - Build images without cache"
echo " up|start - Start all services"
echo " down|stop - Stop all services"
echo " restart - Restart all services"
echo " logs [service] - Follow logs (all or specific service)"
echo " logs-tail [svc] - Show last 100 log lines"
echo " status|ps - Show services status"
echo " health - Check all services health"
echo ""
echo " infra up|down - Start/stop infrastructure only"
echo " mpc up|down|restart - Start/stop/restart MPC services only"
echo ""
echo " shell [service] - Open shell in container"
echo " test-api - Test Account Service API"
echo " clean - Remove all containers and volumes"
echo ""
echo "Services:"
echo " Infrastructure: $CORE_SERVICES"
echo " MPC Services: $MPC_SERVICES"
exit 1
;;
esac

2
backend/mpc-system/services/account/Dockerfile
View File

@ -1,5 +1,5 @@
# Build stage
FROM golang:1.21-alpine AS builder
FROM golang:1.24-alpine AS builder
RUN apk add --no-cache git ca-certificates

2
backend/mpc-system/services/message-router/Dockerfile
View File

@ -1,5 +1,5 @@
# Build stage
FROM golang:1.21-alpine AS builder
FROM golang:1.24-alpine AS builder
RUN apk add --no-cache git ca-certificates

2
backend/mpc-system/services/server-party-api/Dockerfile
View File

@ -1,5 +1,5 @@
# Build stage
FROM golang:1.21-alpine AS builder
FROM golang:1.24-alpine AS builder
RUN apk add --no-cache git ca-certificates

2
backend/mpc-system/services/server-party/Dockerfile
View File

@ -1,5 +1,5 @@
# Build stage
FROM golang:1.21-alpine AS builder
FROM golang:1.24-alpine AS builder
RUN apk add --no-cache git ca-certificates

2
backend/mpc-system/services/session-coordinator/Dockerfile
View File

@ -1,5 +1,5 @@
# Build stage
FROM golang:1.21-alpine AS builder
FROM golang:1.24-alpine AS builder
# Install dependencies
RUN apk add --no-cache git ca-certificates