#!/usr/bin/env bash # Generate node keys for all new Besu nodes set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" source "$PROJECT_ROOT/config/ip-addresses.conf" get_host_for_vmid() { local vmid=$1 if [[ "$vmid" =~ ^(1505|1506|1507|1508)$ ]]; then echo "${PROXMOX_HOST_ML110}" elif [[ "$vmid" =~ ^(2500|2501|2502|2503|2504|2505)$ ]]; then echo "${PROXMOX_HOST_R630_01}" else echo "${PROXMOX_HOST_R630_01}" fi } generate_node_key() { local vmid=$1 local ip=$2 local hostname=$3 local host=$(get_host_for_vmid $vmid) echo "Generating node key for $vmid ($hostname)..." # Generate node key using Besu ssh -o StrictHostKeyChecking=no root@${host} "pct exec $vmid -- bash -c ' mkdir -p /data/besu /opt/besu/bin/besu public-key export --node-private-key-file=/data/besu/key 2>&1 || \ /opt/besu/bin/besu public-key export --node-private-key-file=/data/besu/key --to=/data/besu/key.pub 2>&1 || \ echo \"Key generation needed\" '" 2>&1 | head -5 # Generate key if it doesn't exist ssh -o StrictHostKeyChecking=no root@${host} "pct exec $vmid -- bash -c ' if [ ! -f /data/besu/key ]; then openssl ecparam -name secp256k1 -genkey -noout -out /data/besu/key 2>/dev/null || \ /opt/besu/bin/besu public-key export --node-private-key-file=/data/besu/key 2>&1 || true fi chown -R besu:besu /data/besu '" 2>&1 # Extract public key and create enode local pubkey=$(ssh -o StrictHostKeyChecking=no root@${host} "pct exec $vmid -- bash -c ' if [ -f /data/besu/key ]; then /opt/besu/bin/besu public-key export --node-private-key-file=/data/besu/key 2>&1 | head -1 fi '" 2>/dev/null | tr -d '\n' | sed 's/^0x//') if [[ -n "$pubkey" && ${#pubkey} -ge 128 ]]; then echo "$vmid|$hostname|$ip|enode://${pubkey}@${ip}:30303" else echo "$vmid|$hostname|$ip|PENDING" fi } echo "Generating node keys for all new nodes..." for vmid in 1505 1506 2500 2501 2502 1507 1508 2503 2504 2505; do case $vmid in 1505) generate_node_key 1505 "${IP_SERVICE_21:-${IP_SERVICE_21:-${IP_SERVICE_21:-${IP_SERVICE_21:-${IP_SERVICE_21:-192.168.11.21}}}}}3" "besu-sentry-alltra-1" ;; 1506) generate_node_key 1506 "${IP_SERVICE_21:-${IP_SERVICE_21:-${IP_SERVICE_21:-${IP_SERVICE_21:-${IP_SERVICE_21:-192.168.11.21}}}}}4" "besu-sentry-alltra-2" ;; 2500) generate_node_key 2500 "${IP_SERVICE_172:-${IP_SERVICE_172:-192.168.11.172}}" "besu-rpc-alltra-1" ;; 2501) generate_node_key 2501 "${IP_SERVICE_173:-${IP_SERVICE_173:-192.168.11.173}}" "besu-rpc-alltra-2" ;; 2502) generate_node_key 2502 "${IP_SERVICE_174:-${IP_SERVICE_174:-192.168.11.174}}" "besu-rpc-alltra-3" ;; 1507) generate_node_key 1507 "${IP_RPC_244:-${IP_RPC_244:-${IP_RPC_244:-192.168.11.244}}}" "besu-sentry-hybx-1" ;; 1508) generate_node_key 1508 "${IP_RPC_245:-${IP_RPC_245:-${IP_RPC_245:-192.168.11.245}}}" "besu-sentry-hybx-2" ;; 2503) generate_node_key 2503 "${IP_RPC_246:-${IP_RPC_246:-${IP_RPC_246:-192.168.11.246}}}" "besu-rpc-hybx-1" ;; 2504) generate_node_key 2504 "${IP_RPC_247:-${IP_RPC_247:-${IP_RPC_247:-192.168.11.247}}}" "besu-rpc-hybx-2" ;; 2505) generate_node_key 2505 "${IP_RPC_248:-${IP_RPC_248:-${IP_RPC_248:-192.168.11.248}}}" "besu-rpc-hybx-3" ;; esac done