Merge pull request #2 from MayurWitsLab/fix/setup_process
fix: setup process
This commit is contained in:
3
.gitignore
vendored
3
.gitignore
vendored
@@ -139,3 +139,6 @@ coverage.html
|
|||||||
|
|
||||||
# Ignore the schema directory used for testing
|
# Ignore the schema directory used for testing
|
||||||
/schemas/
|
/schemas/
|
||||||
|
# Generated files
|
||||||
|
.env.vault
|
||||||
|
server
|
||||||
|
|||||||
215
SETUP.md
215
SETUP.md
@@ -59,7 +59,45 @@ redis-cli --version
|
|||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
## Development Setup
|
## Quick Start (Recommended)
|
||||||
|
|
||||||
|
For a complete Beckn network setup with all services, use our automated setup:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Clone the repository
|
||||||
|
git clone https://github.com/beckn/beckn-onix.git
|
||||||
|
cd beckn-onix
|
||||||
|
|
||||||
|
# Run the complete setup (includes all services)
|
||||||
|
chmod +x setup.sh
|
||||||
|
./setup.sh
|
||||||
|
|
||||||
|
# Start the Beckn-ONIX server
|
||||||
|
source .env.vault && ./server --config=config/local-dev.yaml
|
||||||
|
```
|
||||||
|
|
||||||
|
This will automatically:
|
||||||
|
- Start all Beckn network services (Registry, Gateway, BAP, BPP)
|
||||||
|
- Configure Redis and Vault
|
||||||
|
- Build all plugins
|
||||||
|
- Set up authentication
|
||||||
|
- Create environment variables
|
||||||
|
|
||||||
|
**Services Started:**
|
||||||
|
- Registry: http://localhost:3000
|
||||||
|
- Gateway: http://localhost:4000
|
||||||
|
- BAP Client: http://localhost:5001
|
||||||
|
- BPP Client: http://localhost:6001
|
||||||
|
- Vault: http://localhost:8200
|
||||||
|
- Redis: localhost:6379
|
||||||
|
- Beckn-ONIX: http://localhost:8081
|
||||||
|
|
||||||
|
**To stop all services:** `docker compose down`
|
||||||
|
**To view logs:** `docker compose logs -f [service-name]`
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Development Setup (Manual)
|
||||||
|
|
||||||
### Step 1: Clone the Repository
|
### Step 1: Clone the Repository
|
||||||
|
|
||||||
@@ -184,6 +222,13 @@ modules:
|
|||||||
role: bap
|
role: bap
|
||||||
registryUrl: http://localhost:8080/reg
|
registryUrl: http://localhost:8080/reg
|
||||||
plugins:
|
plugins:
|
||||||
|
keyManager:
|
||||||
|
id: keymanager
|
||||||
|
config:
|
||||||
|
projectID: beckn-onix-local
|
||||||
|
vaultAddr: http://localhost:8200
|
||||||
|
kvVersion: v2
|
||||||
|
mountPath: beckn
|
||||||
cache:
|
cache:
|
||||||
id: cache
|
id: cache
|
||||||
config:
|
config:
|
||||||
@@ -194,6 +239,8 @@ modules:
|
|||||||
schemaDir: ./schemas
|
schemaDir: ./schemas
|
||||||
signValidator:
|
signValidator:
|
||||||
id: signvalidator
|
id: signvalidator
|
||||||
|
config:
|
||||||
|
publicKeyPath: beckn/keys
|
||||||
router:
|
router:
|
||||||
id: router
|
id: router
|
||||||
config:
|
config:
|
||||||
@@ -204,6 +251,7 @@ modules:
|
|||||||
uuidKeys: transaction_id,message_id
|
uuidKeys: transaction_id,message_id
|
||||||
role: bap
|
role: bap
|
||||||
steps:
|
steps:
|
||||||
|
- validateSign
|
||||||
- addRoute
|
- addRoute
|
||||||
- validateSchema
|
- validateSchema
|
||||||
|
|
||||||
@@ -214,6 +262,13 @@ modules:
|
|||||||
role: bap
|
role: bap
|
||||||
registryUrl: http://localhost:8080/reg
|
registryUrl: http://localhost:8080/reg
|
||||||
plugins:
|
plugins:
|
||||||
|
keyManager:
|
||||||
|
id: keymanager
|
||||||
|
config:
|
||||||
|
projectID: beckn-onix-local
|
||||||
|
vaultAddr: http://localhost:8200
|
||||||
|
kvVersion: v2
|
||||||
|
mountPath: beckn
|
||||||
cache:
|
cache:
|
||||||
id: cache
|
id: cache
|
||||||
config:
|
config:
|
||||||
@@ -240,6 +295,13 @@ modules:
|
|||||||
role: bpp
|
role: bpp
|
||||||
registryUrl: http://localhost:8080/reg
|
registryUrl: http://localhost:8080/reg
|
||||||
plugins:
|
plugins:
|
||||||
|
keyManager:
|
||||||
|
id: keymanager
|
||||||
|
config:
|
||||||
|
projectID: beckn-onix-local
|
||||||
|
vaultAddr: http://localhost:8200
|
||||||
|
kvVersion: v2
|
||||||
|
mountPath: beckn
|
||||||
cache:
|
cache:
|
||||||
id: cache
|
id: cache
|
||||||
config:
|
config:
|
||||||
@@ -250,6 +312,8 @@ modules:
|
|||||||
schemaDir: ./schemas
|
schemaDir: ./schemas
|
||||||
signValidator:
|
signValidator:
|
||||||
id: signvalidator
|
id: signvalidator
|
||||||
|
config:
|
||||||
|
publicKeyPath: beckn/keys
|
||||||
router:
|
router:
|
||||||
id: router
|
id: router
|
||||||
config:
|
config:
|
||||||
@@ -266,6 +330,13 @@ modules:
|
|||||||
role: bpp
|
role: bpp
|
||||||
registryUrl: http://localhost:8080/reg
|
registryUrl: http://localhost:8080/reg
|
||||||
plugins:
|
plugins:
|
||||||
|
keyManager:
|
||||||
|
id: keymanager
|
||||||
|
config:
|
||||||
|
projectID: beckn-onix-local
|
||||||
|
vaultAddr: http://localhost:8200
|
||||||
|
kvVersion: v2
|
||||||
|
mountPath: beckn
|
||||||
cache:
|
cache:
|
||||||
id: cache
|
id: cache
|
||||||
config:
|
config:
|
||||||
@@ -322,16 +393,154 @@ routingRules:
|
|||||||
- support
|
- support
|
||||||
```
|
```
|
||||||
|
|
||||||
### Step 9: Run the Application
|
### Step 9: Run the Application with HashiCorp Vault
|
||||||
|
|
||||||
|
Since the configuration now includes the keyManager plugin for signing capabilities, you need to set up Vault:
|
||||||
|
|
||||||
|
#### Quick Setup (Recommended)
|
||||||
|
|
||||||
|
**Note:** Make sure Redis is already running from Step 5.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# Run with local configuration
|
# Make the script executable
|
||||||
|
chmod +x start-vault.sh
|
||||||
|
|
||||||
|
# Run the automated setup script
|
||||||
|
./start-vault.sh
|
||||||
|
|
||||||
|
# This creates a .env.vault file with your credentials
|
||||||
|
# Source it and run the server
|
||||||
|
source .env.vault && ./server --config=config/local-dev.yaml
|
||||||
|
```
|
||||||
|
|
||||||
|
That's it! The script handles everything automatically.
|
||||||
|
|
||||||
|
#### Manual Setup (Advanced)
|
||||||
|
|
||||||
|
If you prefer to set up Vault manually or need custom configuration:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# 1. Start Vault container
|
||||||
|
docker run -d \
|
||||||
|
--name vault-dev \
|
||||||
|
--cap-add=IPC_LOCK \
|
||||||
|
-p 8200:8200 \
|
||||||
|
-e 'VAULT_DEV_ROOT_TOKEN_ID=root' \
|
||||||
|
hashicorp/vault:latest
|
||||||
|
|
||||||
|
# 2. Configure Vault (run the setup script)
|
||||||
|
chmod +x config/setup-vault.sh
|
||||||
|
./config/setup-vault.sh
|
||||||
|
|
||||||
|
# 3. Export the displayed credentials
|
||||||
|
export VAULT_ROLE_ID=<displayed-role-id>
|
||||||
|
export VAULT_SECRET_ID=<displayed-secret-id>
|
||||||
|
|
||||||
|
# 4. Run the server
|
||||||
|
./server --config=config/local-dev.yaml
|
||||||
|
```
|
||||||
|
|
||||||
|
#### What the Setup Does
|
||||||
|
|
||||||
|
- Starts Vault in development mode on port 8200
|
||||||
|
- Enables AppRole authentication
|
||||||
|
- Creates necessary policies and roles
|
||||||
|
- Sets up the KV secrets engine at path `beckn`
|
||||||
|
- Stores sample keys for both BAP and BPP
|
||||||
|
- Generates and saves credentials to `.env.vault`
|
||||||
|
|
||||||
|
#### Accessing Vault UI
|
||||||
|
|
||||||
|
- **URL:** http://localhost:8200
|
||||||
|
- **Token:** root
|
||||||
|
|
||||||
|
#### Troubleshooting
|
||||||
|
|
||||||
|
If you get "invalid role or secret ID" error, the SECRET_ID has expired. Simply run:
|
||||||
|
```bash
|
||||||
|
./start-vault.sh
|
||||||
|
source .env.vault
|
||||||
|
```
|
||||||
|
|
||||||
|
**Alternative: Simple Docker Run Command**
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Start Vault in dev mode with initial setup
|
||||||
|
docker run -d \
|
||||||
|
--name vault-dev \
|
||||||
|
--cap-add=IPC_LOCK \
|
||||||
|
-p 8200:8200 \
|
||||||
|
-e 'VAULT_DEV_ROOT_TOKEN_ID=root' \
|
||||||
|
-e 'VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:8200' \
|
||||||
|
hashicorp/vault:latest
|
||||||
|
|
||||||
|
# Wait for Vault to be ready
|
||||||
|
sleep 3
|
||||||
|
|
||||||
|
# Setup Vault using a single command
|
||||||
|
docker exec vault-dev sh -c "
|
||||||
|
export VAULT_ADDR='http://127.0.0.1:8200' &&
|
||||||
|
export VAULT_TOKEN='root' &&
|
||||||
|
vault secrets enable -path=beckn kv-v2 &&
|
||||||
|
vault kv put beckn/keys/bap private_key='sample_bap_private_key' public_key='sample_bap_public_key' &&
|
||||||
|
vault kv put beckn/keys/bpp private_key='sample_bpp_private_key' public_key='sample_bpp_public_key'
|
||||||
|
"
|
||||||
|
```
|
||||||
|
|
||||||
|
**Step 9b: Set Environment Variables and Run**
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Get the AppRole credentials from Vault container logs
|
||||||
|
docker logs vault-dev | grep "VAULT_ROLE_ID\|VAULT_SECRET_ID"
|
||||||
|
|
||||||
|
# Copy the displayed credentials and export them
|
||||||
|
# They will look something like this:
|
||||||
|
export VAULT_ROLE_ID='<role-id-from-logs>'
|
||||||
|
export VAULT_SECRET_ID='<secret-id-from-logs>'
|
||||||
|
|
||||||
|
# Run the server
|
||||||
./server --config=config/local-dev.yaml
|
./server --config=config/local-dev.yaml
|
||||||
|
|
||||||
# Or using go run
|
# Or using go run
|
||||||
go run cmd/adapter/main.go --config=config/local-dev.yaml
|
go run cmd/adapter/main.go --config=config/local-dev.yaml
|
||||||
```
|
```
|
||||||
|
|
||||||
|
**Note:** The Vault address is already configured in `config/local-dev.yaml` as `http://localhost:8200`. The docker-compose automatically sets up AppRole authentication and displays the credentials in the logs.
|
||||||
|
|
||||||
|
**Alternative: Create a startup script**
|
||||||
|
|
||||||
|
Create `run-with-vault.sh`:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
#!/bin/bash
|
||||||
|
# Set Vault environment variables
|
||||||
|
export VAULT_ADDR=${VAULT_ADDR:-"http://localhost:8200"}
|
||||||
|
export VAULT_TOKEN=${VAULT_TOKEN:-"root"} # For dev mode
|
||||||
|
|
||||||
|
# Or use AppRole auth for production-like setup
|
||||||
|
# export VAULT_ROLE_ID=${VAULT_ROLE_ID:-"beckn-role-id"}
|
||||||
|
# export VAULT_SECRET_ID=${VAULT_SECRET_ID:-"beckn-secret-id"}
|
||||||
|
|
||||||
|
echo "Starting Beckn-ONIX with Vault key management..."
|
||||||
|
echo "Vault Address: $VAULT_ADDR"
|
||||||
|
|
||||||
|
# Check if Vault is accessible
|
||||||
|
if ! curl -s "$VAULT_ADDR/v1/sys/health" > /dev/null 2>&1; then
|
||||||
|
echo "Error: Cannot reach Vault at $VAULT_ADDR"
|
||||||
|
echo "Please start Vault first with: vault server -dev -dev-root-token-id='root'"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Run the server
|
||||||
|
./server --config=config/local-dev.yaml
|
||||||
|
```
|
||||||
|
|
||||||
|
Make it executable and run:
|
||||||
|
```bash
|
||||||
|
chmod +x run-with-vault.sh
|
||||||
|
./run-with-vault.sh
|
||||||
|
```
|
||||||
|
|
||||||
The server will start on `http://localhost:8081`
|
The server will start on `http://localhost:8081`
|
||||||
|
|
||||||
### Step 10: Verify Setup
|
### Step 10: Verify Setup
|
||||||
|
|||||||
211
docker-compose.yml
Normal file
211
docker-compose.yml
Normal file
@@ -0,0 +1,211 @@
|
|||||||
|
version: '3.8'
|
||||||
|
|
||||||
|
networks:
|
||||||
|
beckn_network:
|
||||||
|
driver: bridge
|
||||||
|
name: beckn_network
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
# BAP volumes
|
||||||
|
bap_client_config_volume:
|
||||||
|
bap_client_schemas_volume:
|
||||||
|
bap_client_logs_volume:
|
||||||
|
bap_network_config_volume:
|
||||||
|
bap_network_schemas_volume:
|
||||||
|
bap_network_logs_volume:
|
||||||
|
# BPP volumes
|
||||||
|
bpp_client_config_volume:
|
||||||
|
bpp_client_schemas_volume:
|
||||||
|
bpp_client_logs_volume:
|
||||||
|
bpp_network_config_volume:
|
||||||
|
bpp_network_schemas_volume:
|
||||||
|
bpp_network_logs_volume:
|
||||||
|
# Gateway and Registry volumes
|
||||||
|
gateway_data_volume:
|
||||||
|
registry_data_volume:
|
||||||
|
|
||||||
|
services:
|
||||||
|
# ============================================
|
||||||
|
# Core Infrastructure Services
|
||||||
|
# ============================================
|
||||||
|
|
||||||
|
# Redis - Caching Service
|
||||||
|
redis:
|
||||||
|
image: redis:alpine
|
||||||
|
container_name: redis
|
||||||
|
ports:
|
||||||
|
- "6379:6379"
|
||||||
|
networks:
|
||||||
|
- beckn_network
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "redis-cli", "ping"]
|
||||||
|
interval: 5s
|
||||||
|
timeout: 3s
|
||||||
|
retries: 5
|
||||||
|
|
||||||
|
# Vault - Key Management Service
|
||||||
|
vault:
|
||||||
|
image: hashicorp/vault:latest
|
||||||
|
container_name: vault
|
||||||
|
cap_add:
|
||||||
|
- IPC_LOCK
|
||||||
|
ports:
|
||||||
|
- "8200:8200"
|
||||||
|
environment:
|
||||||
|
VAULT_DEV_ROOT_TOKEN_ID: root
|
||||||
|
VAULT_DEV_LISTEN_ADDRESS: 0.0.0.0:8200
|
||||||
|
command: server -dev -dev-root-token-id=root
|
||||||
|
networks:
|
||||||
|
- beckn_network
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "vault", "status"]
|
||||||
|
interval: 5s
|
||||||
|
timeout: 3s
|
||||||
|
retries: 5
|
||||||
|
|
||||||
|
# ============================================
|
||||||
|
# Beckn Network Services
|
||||||
|
# ============================================
|
||||||
|
|
||||||
|
# Registry - Central registry for network participants
|
||||||
|
registry:
|
||||||
|
image: fidedocker/registry:latest
|
||||||
|
container_name: registry
|
||||||
|
ports:
|
||||||
|
- "3000:3000" # Main registry port
|
||||||
|
- "3030:3030" # Admin/monitoring port
|
||||||
|
volumes:
|
||||||
|
- registry_data_volume:/usr/src/app/data
|
||||||
|
networks:
|
||||||
|
- beckn_network
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "curl", "-f", "http://localhost:3000/health"]
|
||||||
|
interval: 30s
|
||||||
|
timeout: 10s
|
||||||
|
retries: 3
|
||||||
|
|
||||||
|
# Gateway - Network gateway for routing
|
||||||
|
gateway:
|
||||||
|
image: fidedocker/gateway:latest
|
||||||
|
container_name: gateway
|
||||||
|
ports:
|
||||||
|
- "4000:4000" # Main gateway port
|
||||||
|
- "4030:4030" # Admin/monitoring port
|
||||||
|
volumes:
|
||||||
|
- gateway_data_volume:/usr/src/app/data
|
||||||
|
networks:
|
||||||
|
- beckn_network
|
||||||
|
depends_on:
|
||||||
|
- registry
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "curl", "-f", "http://localhost:4000/health"]
|
||||||
|
interval: 30s
|
||||||
|
timeout: 10s
|
||||||
|
retries: 3
|
||||||
|
|
||||||
|
# ============================================
|
||||||
|
# BAP Services (Buyer App)
|
||||||
|
# ============================================
|
||||||
|
|
||||||
|
# BAP Client - Buyer App Client
|
||||||
|
bap-client:
|
||||||
|
image: fidedocker/protocol-server:latest
|
||||||
|
container_name: bap-client
|
||||||
|
ports:
|
||||||
|
- "5001:5001"
|
||||||
|
volumes:
|
||||||
|
- bap_client_config_volume:/usr/src/app/config
|
||||||
|
- bap_client_schemas_volume:/usr/src/app/schemas
|
||||||
|
- bap_client_logs_volume:/usr/src/app/logs
|
||||||
|
networks:
|
||||||
|
- beckn_network
|
||||||
|
depends_on:
|
||||||
|
- registry
|
||||||
|
- gateway
|
||||||
|
environment:
|
||||||
|
- NODE_ENV=development
|
||||||
|
- PORT=5001
|
||||||
|
- REGISTRY_URL=http://registry:3000
|
||||||
|
- GATEWAY_URL=http://gateway:4000
|
||||||
|
|
||||||
|
# BAP Network - Buyer App Network Layer
|
||||||
|
bap-network:
|
||||||
|
image: fidedocker/protocol-server:latest
|
||||||
|
container_name: bap-network
|
||||||
|
ports:
|
||||||
|
- "5002:5002"
|
||||||
|
volumes:
|
||||||
|
- bap_network_config_volume:/usr/src/app/config
|
||||||
|
- bap_network_schemas_volume:/usr/src/app/schemas
|
||||||
|
- bap_network_logs_volume:/usr/src/app/logs
|
||||||
|
networks:
|
||||||
|
- beckn_network
|
||||||
|
depends_on:
|
||||||
|
- registry
|
||||||
|
- gateway
|
||||||
|
- bap-client
|
||||||
|
environment:
|
||||||
|
- NODE_ENV=development
|
||||||
|
- PORT=5002
|
||||||
|
- REGISTRY_URL=http://registry:3000
|
||||||
|
- GATEWAY_URL=http://gateway:4000
|
||||||
|
|
||||||
|
# ============================================
|
||||||
|
# BPP Services (Seller App)
|
||||||
|
# ============================================
|
||||||
|
|
||||||
|
# BPP Client - Seller App Client
|
||||||
|
bpp-client:
|
||||||
|
image: fidedocker/protocol-server:latest
|
||||||
|
container_name: bpp-client
|
||||||
|
ports:
|
||||||
|
- "6001:6001"
|
||||||
|
volumes:
|
||||||
|
- bpp_client_config_volume:/usr/src/app/config
|
||||||
|
- bpp_client_schemas_volume:/usr/src/app/schemas
|
||||||
|
- bpp_client_logs_volume:/usr/src/app/logs
|
||||||
|
networks:
|
||||||
|
- beckn_network
|
||||||
|
depends_on:
|
||||||
|
- registry
|
||||||
|
- gateway
|
||||||
|
environment:
|
||||||
|
- NODE_ENV=development
|
||||||
|
- PORT=6001
|
||||||
|
- REGISTRY_URL=http://registry:3000
|
||||||
|
- GATEWAY_URL=http://gateway:4000
|
||||||
|
|
||||||
|
# BPP Network - Seller App Network Layer
|
||||||
|
bpp-network:
|
||||||
|
image: fidedocker/protocol-server:latest
|
||||||
|
container_name: bpp-network
|
||||||
|
ports:
|
||||||
|
- "6002:6002"
|
||||||
|
volumes:
|
||||||
|
- bpp_network_config_volume:/usr/src/app/config
|
||||||
|
- bpp_network_schemas_volume:/usr/src/app/schemas
|
||||||
|
- bpp_network_logs_volume:/usr/src/app/logs
|
||||||
|
networks:
|
||||||
|
- beckn_network
|
||||||
|
depends_on:
|
||||||
|
- registry
|
||||||
|
- gateway
|
||||||
|
- bpp-client
|
||||||
|
environment:
|
||||||
|
- NODE_ENV=development
|
||||||
|
- PORT=6002
|
||||||
|
- REGISTRY_URL=http://registry:3000
|
||||||
|
- GATEWAY_URL=http://gateway:4000
|
||||||
|
|
||||||
|
# Port Summary:
|
||||||
|
# - 3000: Registry (Main)
|
||||||
|
# - 3030: Registry (Admin)
|
||||||
|
# - 4000: Gateway (Main)
|
||||||
|
# - 4030: Gateway (Admin)
|
||||||
|
# - 5001: BAP Client
|
||||||
|
# - 5002: BAP Network
|
||||||
|
# - 6001: BPP Client
|
||||||
|
# - 6002: BPP Network
|
||||||
|
# - 6379: Redis
|
||||||
|
# - 8200: Vault
|
||||||
|
# - 8081: Beckn-ONIX Server (run separately)
|
||||||
125
setup.sh
Executable file
125
setup.sh
Executable file
@@ -0,0 +1,125 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Colors for output
|
||||||
|
RED='\033[0;31m'
|
||||||
|
GREEN='\033[0;32m'
|
||||||
|
YELLOW='\033[1;33m'
|
||||||
|
BLUE='\033[0;34m'
|
||||||
|
NC='\033[0m' # No Color
|
||||||
|
|
||||||
|
echo -e "${BLUE}========================================${NC}"
|
||||||
|
echo -e "${BLUE}Beckn-ONIX Complete Setup${NC}"
|
||||||
|
echo -e "${BLUE}========================================${NC}"
|
||||||
|
|
||||||
|
# Check if Docker is running
|
||||||
|
if ! docker info > /dev/null 2>&1; then
|
||||||
|
echo -e "${RED}Error: Docker is not running. Please start Docker first.${NC}"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Step 1: Start all services with docker-compose
|
||||||
|
echo -e "${YELLOW}Step 1: Starting all Beckn network services...${NC}"
|
||||||
|
docker compose down 2>/dev/null
|
||||||
|
docker compose up -d
|
||||||
|
|
||||||
|
# Wait for services to be ready
|
||||||
|
echo -e "${YELLOW}Waiting for services to be ready...${NC}"
|
||||||
|
sleep 10
|
||||||
|
|
||||||
|
# Step 2: Configure Vault
|
||||||
|
echo -e "${YELLOW}Step 2: Configuring Vault for key management...${NC}"
|
||||||
|
|
||||||
|
# Wait for Vault to be ready
|
||||||
|
for i in {1..30}; do
|
||||||
|
if docker exec -e VAULT_ADDR=http://127.0.0.1:8200 vault vault status > /dev/null 2>&1; then
|
||||||
|
echo -e "${GREEN}Vault is ready!${NC}"
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
if [ $i -eq 30 ]; then
|
||||||
|
echo -e "${RED}Error: Vault failed to start${NC}"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
sleep 1
|
||||||
|
done
|
||||||
|
|
||||||
|
# Configure Vault
|
||||||
|
docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
|
||||||
|
vault auth enable approle > /dev/null 2>&1 || true
|
||||||
|
|
||||||
|
echo 'path "beckn/*" { capabilities = ["create", "read", "update", "delete", "list"] }' | \
|
||||||
|
docker exec -i -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
|
||||||
|
vault policy write beckn-policy - > /dev/null 2>&1
|
||||||
|
|
||||||
|
docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
|
||||||
|
vault write auth/approle/role/beckn-role \
|
||||||
|
token_policies="beckn-policy" \
|
||||||
|
token_ttl=24h \
|
||||||
|
token_max_ttl=48h > /dev/null 2>&1
|
||||||
|
|
||||||
|
# Get credentials
|
||||||
|
ROLE_ID=$(docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
|
||||||
|
vault read -field=role_id auth/approle/role/beckn-role/role-id 2>/dev/null)
|
||||||
|
SECRET_ID=$(docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
|
||||||
|
vault write -field=secret_id -f auth/approle/role/beckn-role/secret-id 2>/dev/null)
|
||||||
|
|
||||||
|
# Enable KV v2 secrets engine
|
||||||
|
docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
|
||||||
|
vault secrets enable -path=beckn kv-v2 > /dev/null 2>&1 || true
|
||||||
|
|
||||||
|
# Store sample keys
|
||||||
|
docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
|
||||||
|
vault kv put beckn/keys/bap \
|
||||||
|
private_key='sample_bap_private_key' \
|
||||||
|
public_key='sample_bap_public_key' > /dev/null 2>&1
|
||||||
|
|
||||||
|
docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
|
||||||
|
vault kv put beckn/keys/bpp \
|
||||||
|
private_key='sample_bpp_private_key' \
|
||||||
|
public_key='sample_bpp_public_key' > /dev/null 2>&1
|
||||||
|
|
||||||
|
# Step 3: Build plugins
|
||||||
|
echo -e "${YELLOW}Step 3: Building plugins...${NC}"
|
||||||
|
if [ -f "./build-plugins.sh" ]; then
|
||||||
|
chmod +x ./build-plugins.sh
|
||||||
|
./build-plugins.sh
|
||||||
|
else
|
||||||
|
echo -e "${RED}Warning: build-plugins.sh not found. Please build plugins manually.${NC}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Step 4: Build server
|
||||||
|
echo -e "${YELLOW}Step 4: Building Beckn-ONIX server...${NC}"
|
||||||
|
go build -o server cmd/adapter/main.go
|
||||||
|
|
||||||
|
# Create .env.vault file
|
||||||
|
echo -e "${YELLOW}Step 5: Creating environment file...${NC}"
|
||||||
|
cat > .env.vault <<EOF
|
||||||
|
# Vault Credentials for Beckn-ONIX
|
||||||
|
# Generated on $(date)
|
||||||
|
export VAULT_ROLE_ID=$ROLE_ID
|
||||||
|
export VAULT_SECRET_ID=$SECRET_ID
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# Display status
|
||||||
|
echo -e "${GREEN}========================================${NC}"
|
||||||
|
echo -e "${GREEN}✅ Setup Complete!${NC}"
|
||||||
|
echo -e "${GREEN}========================================${NC}"
|
||||||
|
echo ""
|
||||||
|
echo -e "${BLUE}Services Running:${NC}"
|
||||||
|
echo -e " 📦 Registry: http://localhost:3000"
|
||||||
|
echo -e " 🌐 Gateway: http://localhost:4000"
|
||||||
|
echo -e " 🛒 BAP Client: http://localhost:5001"
|
||||||
|
echo -e " 🛒 BAP Network: http://localhost:5002"
|
||||||
|
echo -e " 🏪 BPP Client: http://localhost:6001"
|
||||||
|
echo -e " 🏪 BPP Network: http://localhost:6002"
|
||||||
|
echo -e " 🔐 Vault UI: http://localhost:8200 (token: root)"
|
||||||
|
echo -e " 💾 Redis: localhost:6379"
|
||||||
|
echo ""
|
||||||
|
echo -e "${GREEN}To run the Beckn-ONIX server:${NC}"
|
||||||
|
echo " source .env.vault && ./server --config=config/local-dev.yaml"
|
||||||
|
echo ""
|
||||||
|
echo -e "${GREEN}To stop all services:${NC}"
|
||||||
|
echo " docker compose down"
|
||||||
|
echo ""
|
||||||
|
echo -e "${GREEN}To view logs:${NC}"
|
||||||
|
echo " docker compose logs -f [service-name]"
|
||||||
|
echo -e "${GREEN}========================================${NC}"
|
||||||
Reference in New Issue
Block a user