Eskyee
diff --git a/‎.env.example‎
Lines changed: 75 additions & 0 deletions b/‎.env.example‎
Lines changed: 75 additions & 0 deletions
diff --git a/‎.github/workflows/pr-checks.yml‎
Lines changed: 41 additions & 0 deletions b/‎.github/workflows/pr-checks.yml‎
Lines changed: 41 additions & 0 deletions
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 172 additions & 0 deletions b/‎.github/workflows/release.yml‎
Lines changed: 172 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 23 additions & 0 deletions b/‎.gitignore‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎.release-please-manifest.json‎
Lines changed: 3 additions & 0 deletions b/‎.release-please-manifest.json‎
Lines changed: 3 additions & 0 deletions
@@ -0,0 +1,75 @@
+# gitlawb node — environment variables
+# Copy to .env and fill in your values.
+# All variables are optional unless marked REQUIRED.
+
+# ── Node identity ─────────────────────────────────────────────────────────
+# Path to the node's Ed25519 keypair PEM file.
+# Generate with: gl identity new
+GITLAWB_KEY=/data/keys/identity.pem
+
+# Publicly reachable URL of this node (used in peer announcements)
+GITLAWB_PUBLIC_URL=https://your-node.example.com
+
+# ── Server ────────────────────────────────────────────────────────────────
+GITLAWB_HOST=0.0.0.0
+GITLAWB_PORT=7545
+
+# ── Storage ───────────────────────────────────────────────────────────────
+GITLAWB_REPOS_DIR=/data/repos
+
+# PostgreSQL connection URL. Required.
+# When using the bundled docker-compose, this is wired automatically.
+DATABASE_URL=postgresql://gitlawb:changeme@localhost:5432/gitlawb
+
+# ── IPFS pinning (Pinata) ─────────────────────────────────────────────────
+# Get a JWT at https://app.pinata.cloud/developers/api-keys
+GITLAWB_PINATA_JWT=
+GITLAWB_PINATA_UPLOAD_URL=https://uploads.pinata.cloud/v3/files
+
+# ── Arweave permanent anchoring (Irys devnet) ─────────────────────────────
+# Leave empty to disable Arweave anchoring.
+GITLAWB_IRYS_URL=https://devnet.irys.xyz
+
+# ── Base L2 smart contracts ───────────────────────────────────────────────
+GITLAWB_CHAIN_RPC_URL=https://sepolia.base.org
+GITLAWB_CONTRACT_DID_REGISTRY=0x8046284116C5ac6724adbBf860feBeA85692d574
+GITLAWB_CONTRACT_NAME_REGISTRY=0x73094B9DAb2421878A20Abed1497001fbD51302c
+
+# $GITLAWB ERC20 token (Base mainnet).
+GITLAWB_TOKEN=0x5F980Dcfc4c0fa3911554cf5ab288ed0eb13DBa3
+
+# ── On-chain PoS (operators — required to earn rewards) ───────────────────
+# Set both of the next two to enable Proof-of-Stake mode. With both set, the
+# node verifies its registration on startup and posts heartbeats automatically.
+# Leave empty to run without on-chain PoS (local dev / pre-launch).
+
+# Deployed GitlawbNodeStaking contract address.
+GITLAWB_CONTRACT_NODE_STAKING=
+
+# Operator wallet private key (0x-prefixed hex). Used to sign heartbeats.
+# Use a dedicated wallet with only enough ETH for gas — not your treasury.
+GITLAWB_OPERATOR_PRIVATE_KEY=
+
+# If true, the node refuses to start unless registered and currently active.
+# Leave false while bootstrapping; flip to true once your stake is confirmed.
+GITLAWB_OPERATOR_STRICT_MODE=false
+
+# Heartbeat cadence in hours. Must be < 24 with headroom. Default: 20.
+GITLAWB_HEARTBEAT_INTERVAL_HOURS=20
+
+# ── docker-compose Postgres password ──────────────────────────────────────
+# Only used when running via `docker compose up` with the bundled Postgres.
+POSTGRES_PASSWORD=changeme
+
+# ── P2P networking ────────────────────────────────────────────────────────
+GITLAWB_P2P_PORT=7546
+# Comma-separated multiaddrs of bootstrap peers
+GITLAWB_BOOTSTRAP_PEERS=
+
+# ── Access control ────────────────────────────────────────────────────────
+# Set to false to require auth on all read endpoints
+GITLAWB_PUBLIC_READ=true
+
+# ── Sync ─────────────────────────────────────────────────────────────────
+# Enable automatic background sync from known peers
+GITLAWB_AUTO_SYNC=false
@@ -0,0 +1,41 @@
+name: PR Checks
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+permissions:
+  contents: read
+
+env:
+  CARGO_TERM_COLOR: always
+  RUST_BACKTRACE: 1
+
+jobs:
+  fmt-clippy-test:
+    name: fmt + clippy + test
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Set up Rust toolchain
+        uses: dtolnay/rust-toolchain@b3b07ba8b418998c39fb20f53e8b695cdcc8de1b # stable
+        with:
+          toolchain: stable
+          components: rustfmt, clippy
+
+      - name: Cache cargo
+        uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+
+      - name: cargo fmt --check
+        run: cargo fmt --all -- --check
+
+      - name: cargo clippy
+        run: cargo clippy --workspace --all-targets -- -D warnings
+
+      - name: cargo test
+        run: cargo test --workspace
@@ -0,0 +1,172 @@
+name: Release
+
+on:
+  push:
+    branches:
+      - main
+
+concurrency:
+  group: release-${{ github.ref }}
+  cancel-in-progress: false
+
+jobs:
+  release-please:
+    if: ${{ github.repository == 'Gitlawb/node' }}
+    name: Release Please
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    outputs:
+      release_created: ${{ steps.release.outputs.release_created }}
+      tag_name: ${{ steps.release.outputs.tag_name }}
+      version: ${{ steps.release.outputs.version }}
+    steps:
+      - name: Run release-please
+        id: release
+        uses: googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 # v4.3.0
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+  docker:
+    name: Build & Push Docker Image
+    needs: release-please
+    if: ${{ needs.release-please.outputs.release_created == 'true' }}
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout release tag
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          ref: ${{ needs.release-please.outputs.tag_name }}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0
+        with:
+          images: ghcr.io/${{ github.repository }}
+          tags: |
+            type=semver,pattern={{version}},value=${{ needs.release-please.outputs.version }}
+            type=semver,pattern={{major}}.{{minor}},value=${{ needs.release-please.outputs.version }}
+            type=raw,value=latest
+
+      - name: Build and load locally (smoke)
+        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
+        with:
+          context: .
+          load: true
+          tags: gitlawb-node:smoke
+          cache-from: type=gha
+
+      - name: Smoke test
+        run: docker run --rm gitlawb-node:smoke --version
+
+      - name: Build and push (multi-arch)
+        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Release summary
+        run: |
+          {
+            echo "## Released ${{ needs.release-please.outputs.tag_name }}"
+            echo
+            echo "- Image: \`ghcr.io/${{ github.repository }}:${{ needs.release-please.outputs.version }}\`"
+            echo "- GitHub: https://github.com/${{ github.repository }}/releases/tag/${{ needs.release-please.outputs.tag_name }}"
+          } >> "$GITHUB_STEP_SUMMARY"
+
+  release-binaries:
+    name: Build & Attach Binaries
+    needs: release-please
+    if: ${{ needs.release-please.outputs.release_created == 'true' }}
+    runs-on: ${{ matrix.os }}
+    permissions:
+      contents: write
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - target: x86_64-unknown-linux-musl
+            os: ubuntu-latest
+          - target: aarch64-unknown-linux-musl
+            os: ubuntu-latest
+          - target: x86_64-apple-darwin
+            os: macos-13
+          - target: aarch64-apple-darwin
+            os: macos-14
+    steps:
+      - name: Checkout release tag
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          ref: ${{ needs.release-please.outputs.tag_name }}
+
+      - name: Set up Rust toolchain
+        uses: dtolnay/rust-toolchain@b3b07ba8b418998c39fb20f53e8b695cdcc8de1b # stable
+        with:
+          toolchain: stable
+          targets: ${{ matrix.target }}
+
+      - name: Install musl tools (linux)
+        if: contains(matrix.target, 'linux-musl')
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y musl-tools
+          if [ "${{ matrix.target }}" = "aarch64-unknown-linux-musl" ]; then
+            sudo apt-get install -y gcc-aarch64-linux-gnu
+            echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_LINKER=aarch64-linux-gnu-gcc" >> "$GITHUB_ENV"
+            echo "CC_aarch64_unknown_linux_musl=aarch64-linux-gnu-gcc" >> "$GITHUB_ENV"
+          fi
+
+      - name: Cache cargo
+        uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+        with:
+          key: ${{ matrix.target }}
+
+      - name: Build
+        run: cargo build --release --target ${{ matrix.target }} -p gl -p git-remote-gitlawb -p gitlawb-node
+
+      - name: Package
+        id: pkg
+        shell: bash
+        run: |
+          set -euo pipefail
+          NAME="gitlawb-node-${{ needs.release-please.outputs.version }}-${{ matrix.target }}"
+          mkdir -p "dist/$NAME"
+          cp "target/${{ matrix.target }}/release/gl" "dist/$NAME/"
+          cp "target/${{ matrix.target }}/release/git-remote-gitlawb" "dist/$NAME/"
+          cp "target/${{ matrix.target }}/release/gitlawb-node" "dist/$NAME/"
+          cp README.md LICENSE-MIT LICENSE-APACHE "dist/$NAME/"
+          cd dist
+          tar czf "$NAME.tar.gz" "$NAME"
+          shasum -a 256 "$NAME.tar.gz" > "$NAME.tar.gz.sha256"
+          echo "asset=dist/$NAME.tar.gz" >> "$GITHUB_OUTPUT"
+          echo "checksum=dist/$NAME.tar.gz.sha256" >> "$GITHUB_OUTPUT"
+
+      - name: Attach to release
+        uses: softprops/action-gh-release@72f2c25fcb47643c292f7107632f7a47c1df5cd8 # v2.3.2
+        with:
+          tag_name: ${{ needs.release-please.outputs.tag_name }}
+          files: |
+            ${{ steps.pkg.outputs.asset }}
+            ${{ steps.pkg.outputs.checksum }}
@@ -0,0 +1,23 @@
+/target
+**/*.rs.bk
+Cargo.lock.bak
+
+# Local node data
+/data
+/repos
+
+# Env / secrets
+.env
+.env.local
+*.pem
+keys/
+
+# Editor / OS
+.DS_Store
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# Logs
+*.log
@@ -0,0 +1,3 @@
+{
+  ".": "0.3.8"
+}