hailin
/
rwadurian
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore(mpc-system): update Dockerfiles to Go 1.24 and fix line endings 

- Update all Dockerfiles from Go 1.21 to Go 1.24 (required by go.mod)
- Fix line endings in deploy.sh and .env.example for Unix compatibility

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
hailin 2025-12-05 16:40:32 -08:00
parent c52b6aa980
commit 34f0f7b897
7 changed files with 341 additions and 341 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

186
backend/mpc-system/.env.example
View File

@ -1,93 +1,93 @@
# ============================================================================= # =============================================================================
# MPC System - Environment Configuration # MPC System - Environment Configuration
# ============================================================================= # =============================================================================
# This file contains all environment variables needed for MPC System deployment. # This file contains all environment variables needed for MPC System deployment.
# #
# Setup Instructions: # Setup Instructions:
# 1. Copy this file: cp .env.example .env # 1. Copy this file: cp .env.example .env
# 2. Update ALL values according to your production environment # 2. Update ALL values according to your production environment
# 3. Generate secure random keys for secrets (see instructions below) # 3. Generate secure random keys for secrets (see instructions below)
# 4. Start services: ./deploy.sh up # 4. Start services: ./deploy.sh up
# #
# IMPORTANT: This file contains examples only! # IMPORTANT: This file contains examples only!
# In production, you MUST: # In production, you MUST:
# - Change ALL passwords and keys to secure random values # - Change ALL passwords and keys to secure random values
# - Update ALLOWED_IPS to match your actual backend server IP # - Update ALLOWED_IPS to match your actual backend server IP
# - Keep the .env file secure and NEVER commit it to version control # - Keep the .env file secure and NEVER commit it to version control
# ============================================================================= # =============================================================================
# ============================================================================= # =============================================================================
# Environment Identifier # Environment Identifier
# ============================================================================= # =============================================================================
# Options: development, staging, production # Options: development, staging, production
ENVIRONMENT=production ENVIRONMENT=production
# ============================================================================= # =============================================================================
# PostgreSQL Database Configuration # PostgreSQL Database Configuration
# ============================================================================= # =============================================================================
# Database user (can keep default or customize) # Database user (can keep default or customize)
POSTGRES_USER=mpc_user POSTGRES_USER=mpc_user
# Database password # Database password
# SECURITY: Generate a strong password in production! # SECURITY: Generate a strong password in production!
# Example command: openssl rand -base64 32 # Example command: openssl rand -base64 32
POSTGRES_PASSWORD=change_this_to_secure_postgres_password POSTGRES_PASSWORD=change_this_to_secure_postgres_password
# ============================================================================= # =============================================================================
# Redis Cache Configuration # Redis Cache Configuration
# ============================================================================= # =============================================================================
# Redis password (leave empty if Redis is only accessible within Docker network) # Redis password (leave empty if Redis is only accessible within Docker network)
# For production, consider setting a password for defense in depth # For production, consider setting a password for defense in depth
# Example command: openssl rand -base64 24 # Example command: openssl rand -base64 24
REDIS_PASSWORD= REDIS_PASSWORD=
# ============================================================================= # =============================================================================
# RabbitMQ Message Broker Configuration # RabbitMQ Message Broker Configuration
# ============================================================================= # =============================================================================
# RabbitMQ user (can keep default or customize) # RabbitMQ user (can keep default or customize)
RABBITMQ_USER=mpc_user RABBITMQ_USER=mpc_user
# RabbitMQ password # RabbitMQ password
# SECURITY: Generate a strong password in production! # SECURITY: Generate a strong password in production!
# Example command: openssl rand -base64 32 # Example command: openssl rand -base64 32
RABBITMQ_PASSWORD=change_this_to_secure_rabbitmq_password RABBITMQ_PASSWORD=change_this_to_secure_rabbitmq_password
# ============================================================================= # =============================================================================
# JWT Configuration # JWT Configuration
# ============================================================================= # =============================================================================
# JWT signing secret key (minimum 32 characters) # JWT signing secret key (minimum 32 characters)
# SECURITY: Generate a strong random key in production! # SECURITY: Generate a strong random key in production!
# Example command: openssl rand -base64 48 # Example command: openssl rand -base64 48
JWT_SECRET_KEY=change_this_jwt_secret_key_to_random_value_min_32_chars JWT_SECRET_KEY=change_this_jwt_secret_key_to_random_value_min_32_chars
# ============================================================================= # =============================================================================
# Cryptography Configuration # Cryptography Configuration
# ============================================================================= # =============================================================================
# Master encryption key for encrypting stored key shares # Master encryption key for encrypting stored key shares
# MUST be exactly 64 hexadecimal characters (256-bit key) # MUST be exactly 64 hexadecimal characters (256-bit key)
# SECURITY: Generate a secure random key in production! # SECURITY: Generate a secure random key in production!
# Example command: openssl rand -hex 32 # Example command: openssl rand -hex 32
# WARNING: If you lose this key, encrypted shares cannot be recovered! # WARNING: If you lose this key, encrypted shares cannot be recovered!
CRYPTO_MASTER_KEY=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef CRYPTO_MASTER_KEY=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
# ============================================================================= # =============================================================================
# API Security Configuration # API Security Configuration
# ============================================================================= # =============================================================================
# API authentication key for server-to-server communication # API authentication key for server-to-server communication
# This key must match the MPC_API_KEY in your backend mpc-service configuration # This key must match the MPC_API_KEY in your backend mpc-service configuration
# SECURITY: Generate a strong random key and keep it synchronized! # SECURITY: Generate a strong random key and keep it synchronized!
# Example command: openssl rand -base64 48 # Example command: openssl rand -base64 48
MPC_API_KEY=change_this_api_key_to_match_your_mpc_service_config MPC_API_KEY=change_this_api_key_to_match_your_mpc_service_config
# Allowed IP addresses (comma-separated list) # Allowed IP addresses (comma-separated list)
# Only these IPs can access the MPC system APIs # Only these IPs can access the MPC system APIs
# IMPORTANT: In production, restrict this to your actual backend server IP(s)! # IMPORTANT: In production, restrict this to your actual backend server IP(s)!
# Examples: # Examples:
# Single IP: ALLOWED_IPS=192.168.1.111 # Single IP: ALLOWED_IPS=192.168.1.111
# Multiple IPs: ALLOWED_IPS=192.168.1.111,192.168.1.112 # Multiple IPs: ALLOWED_IPS=192.168.1.111,192.168.1.112
# Local only: ALLOWED_IPS=127.0.0.1 # Local only: ALLOWED_IPS=127.0.0.1
# Allow all: ALLOWED_IPS= (empty, relies on API_KEY auth only - NOT RECOMMENDED for production) # Allow all: ALLOWED_IPS= (empty, relies on API_KEY auth only - NOT RECOMMENDED for production)
# #
# Default allows all IPs (protected by API_KEY authentication) # Default allows all IPs (protected by API_KEY authentication)
# SECURITY WARNING: Change this in production to specific backend server IP(s)! # SECURITY WARNING: Change this in production to specific backend server IP(s)!
ALLOWED_IPS= ALLOWED_IPS=

486
backend/mpc-system/deploy.sh
View File

@ -1,243 +1,243 @@
#!/bin/bash #!/bin/bash
# ============================================================================= # =============================================================================
# MPC System - Deployment Script # MPC System - Deployment Script
# ============================================================================= # =============================================================================
# This script manages the MPC System Docker services # This script manages the MPC System Docker services
# #
# External Ports: # External Ports:
# 4000 - Account Service HTTP API # 4000 - Account Service HTTP API
# 8081 - Session Coordinator API # 8081 - Session Coordinator API
# 8082 - Message Router WebSocket # 8082 - Message Router WebSocket
# 8083 - Server Party API (user share generation) # 8083 - Server Party API (user share generation)
# ============================================================================= # =============================================================================
set -e set -e
# Colors # Colors
RED='\033[0;31m' RED='\033[0;31m'
GREEN='\033[0;32m' GREEN='\033[0;32m'
YELLOW='\033[1;33m' YELLOW='\033[1;33m'
BLUE='\033[0;34m' BLUE='\033[0;34m'
NC='\033[0m' NC='\033[0m'
log_info() { echo -e "${BLUE}[INFO]${NC} $1"; } log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_success() { echo -e "${GREEN}[OK]${NC} $1"; } log_success() { echo -e "${GREEN}[OK]${NC} $1"; }
log_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; } log_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
log_error() { echo -e "${RED}[ERROR]${NC} $1"; } log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
cd "$SCRIPT_DIR" cd "$SCRIPT_DIR"
# Load environment # Load environment
if [ -f ".env" ]; then if [ -f ".env" ]; then
log_info "Loading environment from .env file" log_info "Loading environment from .env file"
set -a set -a
source .env source .env
set +a set +a
elif [ ! -f ".env" ] && [ -f ".env.example" ]; then elif [ ! -f ".env" ] && [ -f ".env.example" ]; then
log_warn ".env file not found. Creating from .env.example" log_warn ".env file not found. Creating from .env.example"
log_warn "Please edit .env and configure for your environment!" log_warn "Please edit .env and configure for your environment!"
cp .env.example .env cp .env.example .env
log_error "Please configure .env file and run again" log_error "Please configure .env file and run again"
exit 1 exit 1
fi fi
# Core services list # Core services list
CORE_SERVICES="postgres redis rabbitmq" CORE_SERVICES="postgres redis rabbitmq"
MPC_SERVICES="session-coordinator message-router server-party-1 server-party-2 server-party-3 server-party-api account-service" MPC_SERVICES="session-coordinator message-router server-party-1 server-party-2 server-party-3 server-party-api account-service"
ALL_SERVICES="$CORE_SERVICES $MPC_SERVICES" ALL_SERVICES="$CORE_SERVICES $MPC_SERVICES"
case "$1" in case "$1" in
build) build)
log_info "Building MPC System services..." log_info "Building MPC System services..."
docker compose build docker compose build
log_success "MPC System built successfully" log_success "MPC System built successfully"
;; ;;
build-no-cache) build-no-cache)
log_info "Building MPC System (no cache)..." log_info "Building MPC System (no cache)..."
docker compose build --no-cache docker compose build --no-cache
log_success "MPC System built successfully" log_success "MPC System built successfully"
;; ;;
up|start) up|start)
log_info "Starting MPC System..." log_info "Starting MPC System..."
docker compose up -d docker compose up -d
log_success "MPC System started" log_success "MPC System started"
echo "" echo ""
log_info "Services status:" log_info "Services status:"
docker compose ps docker compose ps
;; ;;
down|stop) down|stop)
log_info "Stopping MPC System..." log_info "Stopping MPC System..."
docker compose down docker compose down
log_success "MPC System stopped" log_success "MPC System stopped"
;; ;;
restart) restart)
log_info "Restarting MPC System..." log_info "Restarting MPC System..."
docker compose down docker compose down
docker compose up -d docker compose up -d
log_success "MPC System restarted" log_success "MPC System restarted"
;; ;;
logs) logs)
if [ -n "$2" ]; then if [ -n "$2" ]; then
docker compose logs -f "$2" docker compose logs -f "$2"
else else
docker compose logs -f docker compose logs -f
fi fi
;; ;;
logs-tail) logs-tail)
if [ -n "$2" ]; then if [ -n "$2" ]; then
docker compose logs --tail 100 "$2" docker compose logs --tail 100 "$2"
else else
docker compose logs --tail 100 docker compose logs --tail 100
fi fi
;; ;;
status|ps) status|ps)
log_info "MPC System status:" log_info "MPC System status:"
docker compose ps docker compose ps
;; ;;
health) health)
log_info "Checking MPC System health..." log_info "Checking MPC System health..."
# Check infrastructure # Check infrastructure
echo "" echo ""
echo "=== Infrastructure ===" echo "=== Infrastructure ==="
for svc in $CORE_SERVICES; do for svc in $CORE_SERVICES; do
if docker compose ps "$svc" --format json 2>/dev/null | grep -q '"Health":"healthy"'; then if docker compose ps "$svc" --format json 2>/dev/null | grep -q '"Health":"healthy"'; then
log_success "$svc is healthy" log_success "$svc is healthy"
else else
log_warn "$svc is not healthy" log_warn "$svc is not healthy"
fi fi
done done
# Check MPC services # Check MPC services
echo "" echo ""
echo "=== MPC Services ===" echo "=== MPC Services ==="
for svc in $MPC_SERVICES; do for svc in $MPC_SERVICES; do
if docker compose ps "$svc" --format json 2>/dev/null | grep -q '"Health":"healthy"'; then if docker compose ps "$svc" --format json 2>/dev/null | grep -q '"Health":"healthy"'; then
log_success "$svc is healthy" log_success "$svc is healthy"
else else
log_warn "$svc is not healthy" log_warn "$svc is not healthy"
fi fi
done done
# Check external API # Check external API
echo "" echo ""
echo "=== External API ===" echo "=== External API ==="
if curl -sf "http://localhost:4000/health" > /dev/null 2>&1; then if curl -sf "http://localhost:4000/health" > /dev/null 2>&1; then
log_success "Account Service API (port 4000) is accessible" log_success "Account Service API (port 4000) is accessible"
else else
log_error "Account Service API (port 4000) is not accessible" log_error "Account Service API (port 4000) is not accessible"
fi fi
;; ;;
infra) infra)
case "$2" in case "$2" in
up) up)
log_info "Starting infrastructure services..." log_info "Starting infrastructure services..."
docker compose up -d $CORE_SERVICES docker compose up -d $CORE_SERVICES
log_success "Infrastructure started" log_success "Infrastructure started"
;; ;;
down) down)
log_info "Stopping infrastructure services..." log_info "Stopping infrastructure services..."
docker compose stop $CORE_SERVICES docker compose stop $CORE_SERVICES
log_success "Infrastructure stopped" log_success "Infrastructure stopped"
;; ;;
*) *)
echo "Usage: $0 infra {up|down}" echo "Usage: $0 infra {up|down}"
exit 1 exit 1
;; ;;
esac esac
;; ;;
mpc) mpc)
case "$2" in case "$2" in
up) up)
log_info "Starting MPC services..." log_info "Starting MPC services..."
docker compose up -d $MPC_SERVICES docker compose up -d $MPC_SERVICES
log_success "MPC services started" log_success "MPC services started"
;; ;;
down) down)
log_info "Stopping MPC services..." log_info "Stopping MPC services..."
docker compose stop $MPC_SERVICES docker compose stop $MPC_SERVICES
log_success "MPC services stopped" log_success "MPC services stopped"
;; ;;
restart) restart)
log_info "Restarting MPC services..." log_info "Restarting MPC services..."
docker compose stop $MPC_SERVICES docker compose stop $MPC_SERVICES
docker compose up -d $MPC_SERVICES docker compose up -d $MPC_SERVICES
log_success "MPC services restarted" log_success "MPC services restarted"
;; ;;
*) *)
echo "Usage: $0 mpc {up|down|restart}" echo "Usage: $0 mpc {up|down|restart}"
exit 1 exit 1
;; ;;
esac esac
;; ;;
clean) clean)
log_warn "This will remove all containers and volumes!" log_warn "This will remove all containers and volumes!"
read -p "Are you sure? (y/N) " -n 1 -r read -p "Are you sure? (y/N) " -n 1 -r
echo echo
if [[ $REPLY =~ ^[Yy]$ ]]; then if [[ $REPLY =~ ^[Yy]$ ]]; then
docker compose down -v docker compose down -v
log_success "MPC System cleaned" log_success "MPC System cleaned"
else else
log_info "Cancelled" log_info "Cancelled"
fi fi
;; ;;
shell) shell)
if [ -n "$2" ]; then if [ -n "$2" ]; then
log_info "Opening shell in $2..." log_info "Opening shell in $2..."
docker compose exec "$2" sh docker compose exec "$2" sh
else else
log_info "Opening shell in account-service..." log_info "Opening shell in account-service..."
docker compose exec account-service sh docker compose exec account-service sh
fi fi
;; ;;
test-api) test-api)
log_info "Testing Account Service API..." log_info "Testing Account Service API..."
echo "" echo ""
echo "Health check:" echo "Health check:"
curl -s "http://localhost:4000/health" | jq . 2>/dev/null || curl -s "http://localhost:4000/health" curl -s "http://localhost:4000/health" | jq . 2>/dev/null || curl -s "http://localhost:4000/health"
echo "" echo ""
;; ;;
*) *)
echo "MPC System Deployment Script" echo "MPC System Deployment Script"
echo "" echo ""
echo "Usage: $0 <command> [options]" echo "Usage: $0 <command> [options]"
echo "" echo ""
echo "Commands:" echo "Commands:"
echo " build - Build all Docker images" echo " build - Build all Docker images"
echo " build-no-cache - Build images without cache" echo " build-no-cache - Build images without cache"
echo " up|start - Start all services" echo " up|start - Start all services"
echo " down|stop - Stop all services" echo " down|stop - Stop all services"
echo " restart - Restart all services" echo " restart - Restart all services"
echo " logs [service] - Follow logs (all or specific service)" echo " logs [service] - Follow logs (all or specific service)"
echo " logs-tail [svc] - Show last 100 log lines" echo " logs-tail [svc] - Show last 100 log lines"
echo " status|ps - Show services status" echo " status|ps - Show services status"
echo " health - Check all services health" echo " health - Check all services health"
echo "" echo ""
echo " infra up|down - Start/stop infrastructure only" echo " infra up|down - Start/stop infrastructure only"
echo " mpc up|down|restart - Start/stop/restart MPC services only" echo " mpc up|down|restart - Start/stop/restart MPC services only"
echo "" echo ""
echo " shell [service] - Open shell in container" echo " shell [service] - Open shell in container"
echo " test-api - Test Account Service API" echo " test-api - Test Account Service API"
echo " clean - Remove all containers and volumes" echo " clean - Remove all containers and volumes"
echo "" echo ""
echo "Services:" echo "Services:"
echo " Infrastructure: $CORE_SERVICES" echo " Infrastructure: $CORE_SERVICES"
echo " MPC Services: $MPC_SERVICES" echo " MPC Services: $MPC_SERVICES"
exit 1 exit 1
;; ;;
esac esac

2
backend/mpc-system/services/account/Dockerfile
View File

@ -1,5 +1,5 @@
# Build stage # Build stage
FROM golang:1.21-alpine AS builder FROM golang:1.24-alpine AS builder
RUN apk add --no-cache git ca-certificates RUN apk add --no-cache git ca-certificates

2
backend/mpc-system/services/message-router/Dockerfile
View File

@ -1,5 +1,5 @@
# Build stage # Build stage
FROM golang:1.21-alpine AS builder FROM golang:1.24-alpine AS builder
RUN apk add --no-cache git ca-certificates RUN apk add --no-cache git ca-certificates

2
backend/mpc-system/services/server-party-api/Dockerfile
View File

@ -1,5 +1,5 @@
# Build stage # Build stage
FROM golang:1.21-alpine AS builder FROM golang:1.24-alpine AS builder
RUN apk add --no-cache git ca-certificates RUN apk add --no-cache git ca-certificates

2
backend/mpc-system/services/server-party/Dockerfile
View File

@ -1,5 +1,5 @@
# Build stage # Build stage
FROM golang:1.21-alpine AS builder FROM golang:1.24-alpine AS builder
RUN apk add --no-cache git ca-certificates RUN apk add --no-cache git ca-certificates

2
backend/mpc-system/services/session-coordinator/Dockerfile
View File

@ -1,5 +1,5 @@
# Build stage # Build stage
FROM golang:1.21-alpine AS builder FROM golang:1.24-alpine AS builder
# Install dependencies # Install dependencies
RUN apk add --no-cache git ca-certificates RUN apk add --no-cache git ca-certificates