From cb4160a188990a7c317e7898090c4b365c909af3 Mon Sep 17 00:00:00 2001 From: Your Name Date: Tue, 7 Apr 2026 14:49:27 +0530 Subject: [PATCH 01/17] update redis docker-compose Signed-off-by: Your Name Signed-off-by: KambleSahil3 --- .env.demo | 2 +- agent.env | 1 + .../AFJ/scripts/start_agent.sh | 44 +++++++++++-------- 3 files changed, 28 insertions(+), 19 deletions(-) diff --git a/.env.demo b/.env.demo index 834cd1094..da2da98db 100644 --- a/.env.demo +++ b/.env.demo @@ -484,7 +484,7 @@ NATS_CREDS_FILE= NATS_AUTH_TYPE=none # 'nkey' | 'creds' | 'usernamePassword' | 'none' -NOTIFICATION_NATS_AUTH_TYPE= +NOTIFICATION_NATS_AUTH_TYPE=none ENABLE_NATS_NOTIFICATION=false diff --git a/agent.env b/agent.env index e94ebc7e8..bea079744 100644 --- a/agent.env +++ b/agent.env @@ -23,6 +23,7 @@ RPC_URL=https://polygon-rpc.com # DID_CONTRACT_ADDRESS=0xcB80F37eDD2bE3570c6C9D5B0888614E04E1e49E # RPC_URL=https://rpc-amoy.polygon.technology +AGENT_HTTP_URL= # Add url and token from your file server SERVER_URL= FILE_SERVER_TOKEN= diff --git a/apps/agent-provisioning/AFJ/scripts/start_agent.sh b/apps/agent-provisioning/AFJ/scripts/start_agent.sh index c15c2ce83..10a3e2c0a 100755 --- a/apps/agent-provisioning/AFJ/scripts/start_agent.sh +++ b/apps/agent-provisioning/AFJ/scripts/start_agent.sh @@ -2,24 +2,32 @@ START_TIME=$(date +%s) -AGENCY=$1 -EXTERNAL_IP=$2 -WALLET_NAME=$3 -WALLET_PASSWORD=$4 -RANDOM_SEED=$5 -WEBHOOK_HOST=$6 -WALLET_STORAGE_HOST=$7 -WALLET_STORAGE_PORT=$8 -WALLET_STORAGE_USER=$9 -WALLET_STORAGE_PASSWORD=${10} -CONTAINER_NAME=${11} -PROTOCOL=${12} -TENANT=${13} -AFJ_VERSION=${14} -INDY_LEDGER=${15} -INBOUND_ENDPOINT=${16} -SCHEMA_FILE_SERVER_URL=${17} -AGENT_API_KEY=${18} +AGENCY="$1" +EXTERNAL_IP="$2" +WALLET_NAME="$3" +WALLET_PASSWORD="$4" +RANDOM_SEED="$5" +WEBHOOK_HOST="$6" +WALLET_STORAGE_HOST="$7" +WALLET_STORAGE_PORT="$8" +WALLET_STORAGE_USER="$9" +WALLET_STORAGE_PASSWORD="${10}" +CONTAINER_NAME="${11}" +PROTOCOL="${12}" +TENANT="${13}" +AFJ_VERSION="${14}" +INDY_LEDGER="${15}" +INBOUND_ENDPOINT="${16}" +SCHEMA_FILE_SERVER_URL="${17}" +AGENT_API_KEY="${18}" + +# Validate required parameters +if [ -z "$AGENCY" ] || [ -z "$EXTERNAL_IP" ] || [ -z "$WALLET_NAME" ]; then + echo "ERROR: Missing required parameters" + echo "Usage: $0 AGENCY EXTERNAL_IP WALLET_NAME ..." + exit 1 +fi + ADMIN_PORT_FILE="$PWD/apps/agent-provisioning/AFJ/port-file/last-admin-port.txt" INBOUND_PORT_FILE="$PWD/apps/agent-provisioning/AFJ/port-file/last-inbound-port.txt" ADMIN_PORT=8001 From 2168ea69385026f6732e4a975dad930b3a0a01e7 Mon Sep 17 00:00:00 2001 From: Your Name Date: Fri, 10 Apr 2026 17:36:03 +0530 Subject: [PATCH 02/17] chore: updated keycloak client env variables Signed-off-by: Your Name Signed-off-by: KambleSahil3 --- .env.demo | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.env.demo b/.env.demo index da2da98db..9ec15ae56 100644 --- a/.env.demo +++ b/.env.demo @@ -252,7 +252,7 @@ KEYCLOAK_ADMIN_URL=http://localhost:8080 KEYCLOAK_MASTER_REALM=master # Keycloak management client ID -KEYCLOAK_MANAGEMENT_CLIENT_ID=adminClient +KEYCLOAK_MANAGEMENT_CLIENT_ID=platformClient # Keycloak management client secret KEYCLOAK_MANAGEMENT_CLIENT_SECRET= @@ -504,7 +504,7 @@ FILEUPLOAD_CACHE_TTL= FIELD_UPLOAD_SIZE= # Create a new keycloak client for platform admin (admin console) with adminClient name and add its client id -PLATFORM_ADMIN_KEYCLOAK_ID= +PLATFORM_ADMIN_KEYCLOAK_ID=adminClient # Add the secret of keycloak client created for the above platform admin (admin console) id PLATFORM_ADMIN_KEYCLOAK_SECRET= From 03d599772d4ab46928663b1dfa0b73994171fa57 Mon Sep 17 00:00:00 2001 From: Your Name Date: Fri, 10 Apr 2026 18:37:23 +0530 Subject: [PATCH 03/17] chore: updated keycloak client env variables in env.demo and seed.ts Signed-off-by: Your Name Signed-off-by: KambleSahil3 --- .env.demo | 6 +++--- libs/prisma-service/prisma/seed.ts | 31 +++++++++++------------------- 2 files changed, 14 insertions(+), 23 deletions(-) diff --git a/.env.demo b/.env.demo index 9ec15ae56..56d5f683a 100644 --- a/.env.demo +++ b/.env.demo @@ -252,7 +252,7 @@ KEYCLOAK_ADMIN_URL=http://localhost:8080 KEYCLOAK_MASTER_REALM=master # Keycloak management client ID -KEYCLOAK_MANAGEMENT_CLIENT_ID=platformClient +KEYCLOAK_MANAGEMENT_CLIENT_ID=credeblClient # Keycloak management client secret KEYCLOAK_MANAGEMENT_CLIENT_SECRET= @@ -504,10 +504,10 @@ FILEUPLOAD_CACHE_TTL= FIELD_UPLOAD_SIZE= # Create a new keycloak client for platform admin (admin console) with adminClient name and add its client id -PLATFORM_ADMIN_KEYCLOAK_ID=adminClient +ADMIN_KEYCLOAK_ID=adminClient # Add the secret of keycloak client created for the above platform admin (admin console) id -PLATFORM_ADMIN_KEYCLOAK_SECRET= +ADMIN_KEYCLOAK_SECRET= # Add in case the keycloak id of the old platform client is changed and want to update all the users in database with the new admin client PLATFORM_ADMIN_OLD_CLIENT_ID= \ No newline at end of file diff --git a/libs/prisma-service/prisma/seed.ts b/libs/prisma-service/prisma/seed.ts index d9b36b368..316a72be1 100644 --- a/libs/prisma-service/prisma/seed.ts +++ b/libs/prisma-service/prisma/seed.ts @@ -631,9 +631,9 @@ const updatePlatformUserRole = async (): Promise => { }; export async function getKeycloakToken(): Promise { - const { KEYCLOAK_DOMAIN, KEYCLOAK_REALM, PLATFORM_ADMIN_KEYCLOAK_ID, PLATFORM_ADMIN_KEYCLOAK_SECRET } = process.env; + const { KEYCLOAK_DOMAIN, KEYCLOAK_REALM, ADMIN_KEYCLOAK_ID, ADMIN_KEYCLOAK_SECRET } = process.env; - if (!KEYCLOAK_DOMAIN || !KEYCLOAK_REALM || !PLATFORM_ADMIN_KEYCLOAK_ID || !PLATFORM_ADMIN_KEYCLOAK_SECRET) { + if (!KEYCLOAK_DOMAIN || !KEYCLOAK_REALM || !ADMIN_KEYCLOAK_ID || !ADMIN_KEYCLOAK_SECRET) { throw new Error('Missing Keycloak env vars'); } @@ -644,8 +644,8 @@ export async function getKeycloakToken(): Promise { headers: { 'Content-Type': 'application/x-www-form-urlencoded' }, body: new URLSearchParams({ grant_type: 'client_credentials', - client_id: PLATFORM_ADMIN_KEYCLOAK_ID, - client_secret: PLATFORM_ADMIN_KEYCLOAK_SECRET + client_id: ADMIN_KEYCLOAK_ID, + client_secret: ADMIN_KEYCLOAK_SECRET }) } ); @@ -672,13 +672,7 @@ export async function createKeycloakUser(): Promise { throw new Error('failed to load platform config data from db'); } - const { - KEYCLOAK_DOMAIN, - KEYCLOAK_REALM, - PLATFORM_ADMIN_KEYCLOAK_ID, - PLATFORM_ADMIN_KEYCLOAK_SECRET, - CRYPTO_PRIVATE_KEY - } = process.env; + const { KEYCLOAK_DOMAIN, KEYCLOAK_REALM, ADMIN_KEYCLOAK_ID, ADMIN_KEYCLOAK_SECRET, CRYPTO_PRIVATE_KEY } = process.env; if (!KEYCLOAK_DOMAIN) { throw new Error('Missing environment variable: KEYCLOAK_DOMAIN'); @@ -688,12 +682,12 @@ export async function createKeycloakUser(): Promise { throw new Error('Missing environment variable: KEYCLOAK_REALM'); } - if (!PLATFORM_ADMIN_KEYCLOAK_ID) { - throw new Error('Missing environment variable: PLATFORM_ADMIN_KEYCLOAK_ID'); + if (!ADMIN_KEYCLOAK_ID) { + throw new Error('Missing environment variable: ADMIN_KEYCLOAK_ID'); } - if (!PLATFORM_ADMIN_KEYCLOAK_SECRET) { - throw new Error('Missing environment variable: PLATFORM_ADMIN_KEYCLOAK_SECRET'); + if (!ADMIN_KEYCLOAK_SECRET) { + throw new Error('Missing environment variable: ADMIN_KEYCLOAK_SECRET'); } if (!CRYPTO_PRIVATE_KEY) { @@ -762,12 +756,9 @@ export async function createKeycloakUser(): Promise { } logger.log(`✅ Platform admin found in database`); - const encClientId = CryptoJS.AES.encrypt(JSON.stringify(PLATFORM_ADMIN_KEYCLOAK_ID), CRYPTO_PRIVATE_KEY).toString(); + const encClientId = CryptoJS.AES.encrypt(JSON.stringify(ADMIN_KEYCLOAK_ID), CRYPTO_PRIVATE_KEY).toString(); - const encClientSecret = CryptoJS.AES.encrypt( - JSON.stringify(PLATFORM_ADMIN_KEYCLOAK_SECRET), - CRYPTO_PRIVATE_KEY - ).toString(); + const encClientSecret = CryptoJS.AES.encrypt(JSON.stringify(ADMIN_KEYCLOAK_SECRET), CRYPTO_PRIVATE_KEY).toString(); await prisma.user.update({ where: { email: cachedConfig.platformEmail }, From 1835cb49b60c13d072e2d57d1ba322c4a08571e1 Mon Sep 17 00:00:00 2001 From: Your Name Date: Fri, 10 Apr 2026 19:14:28 +0530 Subject: [PATCH 04/17] feat: add new service to docker compose file Signed-off-by: Your Name Signed-off-by: KambleSahil3 --- docker-compose.yml | 62 ++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 52 insertions(+), 10 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index a2701cfa2..44a368cb2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,16 +2,17 @@ version: '3' services: nats: - container_name: nats - entrypoint: '/nats-server -c /nats-server.conf -DV' # Corrected the path to nats-server.conf + container_name: credebl-nats image: nats + command: ["-c", "/nats-server.conf"] ports: - '4222:4222' - '6222:6222' - '8222:8222' - # volumes: - # - ./nats-server.conf:/nats-server.conf # Mount the config file + volumes: + - ./nats-server.conf:/nats-server.conf:ro redis: + container_name: credebl-redis image: redis:6.2-alpine restart: always ports: @@ -19,6 +20,22 @@ services: command: redis-server --save 20 1 --loglevel warning volumes: - cache:/data + postgres: + container_name: credebl-postgres + image: postgres:16 + healthcheck: + test: ["CMD-SHELL", "pg_isready -U postgres"] + interval: 5s + timeout: 5s + retries: 5 + ports: + - "5432:5432" + environment: + - POSTGRES_USER=postgres + - POSTGRES_PASSWORD=postgres + - POSTGRES_DB=credebl + volumes: + - platform-volume:/var/lib/postgresql/data seed: container_name: seed-service image: ghcr.io/credebl/seed:latest @@ -26,7 +43,17 @@ services: - ./.env volumes: - $PWD/libs/prisma-service/prisma/data/credebl-master-table/credebl-master-table.json:/app/libs/prisma-service/prisma/data/credebl-master-table.json + schema-file-server: + container_name: schema-file-server + image: ghcr.io/credebl/schema-file-server:latest + ports: + - '4000:4000' + env_file: + - ./.env + volumes: + - $PWD/apps/schemas:/app/schemas api-gateway: + container_name: api-gateway depends_on: - nats # Use depends_on instead of needs - redis @@ -35,7 +62,10 @@ services: - '5000:5000' env_file: - ./.env + volumes: + - $PWD/apps/uploadedFiles/exports:/app/uploadedFiles/exports user: + container_name: user-service depends_on: - nats # Use depends_on instead of needs - api-gateway @@ -43,6 +73,7 @@ services: env_file: - ./.env utility: + container_name: utility-service depends_on: - nats # Use depends_on instead of needs - api-gateway @@ -50,6 +81,7 @@ services: env_file: - ./.env connection: + container_name: connection-service depends_on: - nats # Use depends_on instead of needs - api-gateway @@ -59,6 +91,7 @@ services: env_file: - ./.env issuance: + container_name: issuance-service depends_on: - nats # Use depends_on instead of needs - redis @@ -68,7 +101,10 @@ services: image: ghcr.io/credebl/issuance:latest env_file: - ./.env + volumes: + - $PWD/apps/uploadedFiles/exports:/app/uploadedFiles/exports ledger: + container_name: ledger-service depends_on: - nats # Use depends_on instead of needs - api-gateway @@ -79,6 +115,7 @@ services: env_file: - ./.env organization: + container_name: organization-service depends_on: - nats # Use depends_on instead of needs - api-gateway @@ -90,6 +127,7 @@ services: env_file: - ./.env verification: + container_name: verification-service depends_on: - nats # Use depends_on instead of needs - api-gateway @@ -102,6 +140,7 @@ services: env_file: - ./.env agent-provisioning: + container_name: agent-provisioning-service depends_on: - nats # Use depends_on instead of needs - api-gateway @@ -122,9 +161,9 @@ services: volumes: - $PWD/apps/agent-provisioning/AFJ/agent-config:/app/agent-provisioning/AFJ/agent-config - /var/run/docker.sock:/var/run/docker.sock - - /app/agent-provisioning/AFJ/token:/app/agent-provisioning/AFJ/token - $PWD/agent.env:/app/agent.env agent-service: + container_name: agent-service depends_on: - nats # Use depends_on instead of needs - api-gateway @@ -145,6 +184,7 @@ services: volumes_from: - agent-provisioning cloud-wallet: + container_name: cloud-wallet-service depends_on: - nats - api-gateway @@ -152,6 +192,7 @@ services: env_file: - ./.env geolocation: + container_name: geolocation-service depends_on: - nats - api-gateway @@ -159,6 +200,7 @@ services: env_file: - ./.env notification: + container_name: notification-service depends_on: - nats - api-gateway @@ -166,6 +208,7 @@ services: env_file: - ./.env webhook: + container_name: webhook-service depends_on: - nats - api-gateway @@ -173,6 +216,7 @@ services: env_file: - ./.env ecosystem: + container_name: ecosystem-service depends_on: - nats - api-gateway @@ -182,6 +226,7 @@ services: env_file: - ./.env oid4vc-issuance: + container_name: oid4vc-issuance-service depends_on: - nats - api-gateway @@ -191,6 +236,7 @@ services: env_file: - ./.env oid4vc-verification: + container_name: oid4vc-verification-service depends_on: - nats - api-gateway @@ -200,6 +246,7 @@ services: env_file: - ./.env x509: + container_name: x509-service depends_on: - nats - api-gateway @@ -208,11 +255,6 @@ services: dockerfile: Dockerfiles/Dockerfile.x509 env_file: - ./.env - schema-file-server: - container_name: schema-file-server - image: ghcr.io/credebl/schema-file-server:latest - env_file: - - ./.env volumes: cache: From 9536bd80e46e05b53b359822718d79e3ad58d9d4 Mon Sep 17 00:00:00 2001 From: Your Name Date: Fri, 10 Apr 2026 19:22:49 +0530 Subject: [PATCH 05/17] fix: update platformAdminKeycloakPassword value in master.conf Signed-off-by: Your Name Signed-off-by: KambleSahil3 --- .../prisma/data/credebl-master-table/credebl-master-table.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libs/prisma-service/prisma/data/credebl-master-table/credebl-master-table.json b/libs/prisma-service/prisma/data/credebl-master-table/credebl-master-table.json index 0655d7dc1..d2e3b644b 100644 --- a/libs/prisma-service/prisma/data/credebl-master-table/credebl-master-table.json +++ b/libs/prisma-service/prisma/data/credebl-master-table/credebl-master-table.json @@ -26,7 +26,7 @@ "createdBy": "", "lastChangedBy": "" }, - "platformAdminKeycloakPassword":"Admin@123", + "platformAdminKeycloakPassword":"##Please provide encrypted password using crypto-js##", "orgRoleData": [ { "name": "owner", From 450602e3a8691d68ece3b5f9d2c85afd9d60fefe Mon Sep 17 00:00:00 2001 From: Your Name Date: Mon, 13 Apr 2026 15:53:04 +0530 Subject: [PATCH 06/17] chore: env update description Signed-off-by: Your Name Signed-off-by: KambleSahil3 --- .env.demo | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.env.demo b/.env.demo index 56d5f683a..19cf34981 100644 --- a/.env.demo +++ b/.env.demo @@ -432,7 +432,7 @@ S3_BUCKET_ARN=arn:aws:s3:::xxxxx # Active email provider EMAIL_PROVIDER=resend -# Your Resend API key. This is required if EMAIL_PROVIDER=resend +# Your Resend API key. This is required if email provider is resend # Resend API key RESEND_API_KEY=re_xxxxxxxxxx @@ -440,7 +440,7 @@ RESEND_API_KEY=re_xxxxxxxxxx # SendGrid API key # SENDGRID_API_KEY=SG.xxxxxxx -# if EMAIL_PROVIDER=ses +# if email provider is ses # AWS SES region # AWS_SES_REGION=ap-south-1 # AWS SES access key @@ -448,7 +448,7 @@ RESEND_API_KEY=re_xxxxxxxxxx # AWS SES secret key # AWS_SES_SECRET_KEY=xxxx -# if EMAIL_PROVIDER=smtp +# if email provider is smtp # uncomment this if you are using smtp email provider # SMTP_HOST=smtp.gmail.com # SMTP_PORT=587 From 8133a1dd41507256c90a62701d8bdb0f21a9cc46 Mon Sep 17 00:00:00 2001 From: Your Name Date: Mon, 13 Apr 2026 15:55:24 +0530 Subject: [PATCH 07/17] chore: env update Signed-off-by: Your Name Signed-off-by: KambleSahil3 --- .env.demo | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.env.demo b/.env.demo index 19cf34981..7ee39018e 100644 --- a/.env.demo +++ b/.env.demo @@ -434,11 +434,11 @@ EMAIL_PROVIDER=resend # Your Resend API key. This is required if email provider is resend # Resend API key -RESEND_API_KEY=re_xxxxxxxxxx +RESEND_API_KEY= # SENDGRID (Fallback option) uncomment this if you are using sendgrid email provider # SendGrid API key -# SENDGRID_API_KEY=SG.xxxxxxx +# SENDGRID_API_KEY= # if email provider is ses # AWS SES region From a47a8581bbd2fad3f182bbb4b53d91113d16fd5b Mon Sep 17 00:00:00 2001 From: Your Name Date: Mon, 13 Apr 2026 16:57:47 +0530 Subject: [PATCH 08/17] chore: env update Signed-off-by: Your Name Signed-off-by: KambleSahil3 --- .env.demo | 3 --- 1 file changed, 3 deletions(-) diff --git a/.env.demo b/.env.demo index 7ee39018e..7f2009e35 100644 --- a/.env.demo +++ b/.env.demo @@ -75,9 +75,6 @@ REDIS_HOST=your-ip # Redis server port REDIS_PORT=6379 -# Please provide your sendgrid API key -SENDGRID_API_KEY= - # Use IP Address WALLET_STORAGE_HOST=your-ip From d16ee750faa715c8f52f71b42c46a06519887bd1 Mon Sep 17 00:00:00 2001 From: Your Name Date: Mon, 13 Apr 2026 17:40:30 +0530 Subject: [PATCH 09/17] chore: env update AWS creds Signed-off-by: Your Name Signed-off-by: KambleSahil3 --- .env.demo | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/.env.demo b/.env.demo index 7f2009e35..b803cefd7 100644 --- a/.env.demo +++ b/.env.demo @@ -133,44 +133,24 @@ DATABASE_URL="postgresql://postgres:postgres@your-ip:5432/credebl" # Used for Bulk issuance of credential # Optional (Can be skipped if Bulk issuance is not used) -# Please provide your access key AWS_ACCESS_KEY= - -# Please provide your secret key AWS_SECRET_KEY= - -# Please provide your aws region AWS_REGION= - -# Please provide your aws bucket AWS_BUCKET= # Used for Adding org-logo during org creation and update # Optional (Can be skipped if no image is added during org creation and updation) # Please provide your aws bucket access key AWS_PUBLIC_ACCESS_KEY= - -# Please provide your aws secret key AWS_PUBLIC_SECRET_KEY= - -# Please provide your aws region AWS_PUBLIC_REGION= - -# Please provide your aws org bucket name AWS_ORG_LOGO_BUCKET_NAME= # Used for storing connection URL generated from Agent and creating shortened URL # Required (As connecting to org requires Shortened url) -# Please provide your aws bucket access key AWS_S3_STOREOBJECT_ACCESS_KEY= - -# Please provide your aws bucket secret key AWS_S3_STOREOBJECT_SECRET_KEY= - -# Please provide your aws region AWS_S3_STOREOBJECT_REGION= - -# Please provide your aws bucket AWS_S3_STOREOBJECT_BUCKET= # Please refere AWS to determine your bucket url From c62e9efa93b799576245abb8cbda5c3c845855aa Mon Sep 17 00:00:00 2001 From: Your Name Date: Mon, 13 Apr 2026 17:59:34 +0530 Subject: [PATCH 10/17] chore: env update Signed-off-by: Your Name Signed-off-by: KambleSahil3 --- .env.demo | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.env.demo b/.env.demo index b803cefd7..7cd8771c5 100644 --- a/.env.demo +++ b/.env.demo @@ -487,4 +487,5 @@ ADMIN_KEYCLOAK_ID=adminClient ADMIN_KEYCLOAK_SECRET= # Add in case the keycloak id of the old platform client is changed and want to update all the users in database with the new admin client -PLATFORM_ADMIN_OLD_CLIENT_ID= \ No newline at end of file +PLATFORM_ADMIN_OLD_CLIENT_ID= + From fc9d8bc48d60c4edc5897aeb2b60b460a7350b5e Mon Sep 17 00:00:00 2001 From: Sahil Kamble Date: Mon, 13 Apr 2026 18:08:55 +0530 Subject: [PATCH 11/17] chore: update credebl-master-table.json Signed-off-by: Your Name Signed-off-by: KambleSahil3 --- .../prisma/data/credebl-master-table/credebl-master-table.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libs/prisma-service/prisma/data/credebl-master-table/credebl-master-table.json b/libs/prisma-service/prisma/data/credebl-master-table/credebl-master-table.json index d2e3b644b..75f8b8e5a 100644 --- a/libs/prisma-service/prisma/data/credebl-master-table/credebl-master-table.json +++ b/libs/prisma-service/prisma/data/credebl-master-table/credebl-master-table.json @@ -13,7 +13,7 @@ "lastName": "CREDEBL", "email": "", "username": "", - "password": "####Please provide encrypted password using crypto-js###", + "password": "##Please provide encrypted password using crypto-js##", "verificationCode": "", "isEmailVerified": true, "supabaseUserId": "96cef763-e106-46c1-ac78-fadf2803b11f" From ad671be120b7886e2e6a6d47f1585d4514ca2c86 Mon Sep 17 00:00:00 2001 From: KambleSahil3 Date: Tue, 14 Apr 2026 15:34:01 +0530 Subject: [PATCH 12/17] update env.demo and agent.env Signed-off-by: KambleSahil3 --- .env.demo | 2 ++ agent.env | 40 +++++++++++++++++++++++++++++++++------- 2 files changed, 35 insertions(+), 7 deletions(-) diff --git a/.env.demo b/.env.demo index 7cd8771c5..1ab5fe888 100644 --- a/.env.demo +++ b/.env.demo @@ -256,6 +256,8 @@ AFJ_AGENT_SPIN_UP=/agent-provisioning/AFJ/scripts/docker_start_agent.sh # Path for AFJ agent endpoint files AFJ_AGENT_ENDPOINT_PATH=/agent-provisioning/AFJ/endpoints/ +AFJ_VERSION=ghcr.io/credebl/credo-controller:latest + # Uncomment bellow three lines and comment the above to start services locally without using docker, using pnpm # AFJ_AGENT_SPIN_UP=/apps/agent-provisioning/AFJ/scripts/start_agent.sh # AFJ_AGENT_ENDPOINT_PATH=/apps/agent-provisioning/AFJ/endpoints/ diff --git a/agent.env b/agent.env index bea079744..e2985b57b 100644 --- a/agent.env +++ b/agent.env @@ -1,8 +1,3 @@ -NODE_ENV=DEV -ALLOW_INSECURE_HTTP_URLS=true -APP_JSON_BODY_SIZE=5mb -APP_URL_ENCODED_BODY_SIZE=5mb - CONNECT_TIMEOUT=10 MAX_CONNECTIONS=1000 IDLE_TIMEOUT=30000 @@ -23,17 +18,48 @@ RPC_URL=https://polygon-rpc.com # DID_CONTRACT_ADDRESS=0xcB80F37eDD2bE3570c6C9D5B0888614E04E1e49E # RPC_URL=https://rpc-amoy.polygon.technology -AGENT_HTTP_URL= # Add url and token from your file server SERVER_URL= FILE_SERVER_TOKEN= -# TODO: Update the install script to update the following environment variables every time the endpoints are updated. APP_URL=localhost:8001 AGENT_HTTP_URL=http://localhost:8001 +HOLDER_REDIRECT= +HOLDER_CLIENT_ID=wallet +ALLOW_INSECURE_HTTP_URLS=true + +ROOT_CA_VALIDITY_YEARS=3 +DCS_VALIDITY_YEARS=3 + +ROOT_CA_START_FROM_CURRENT_MONTH=true +DCS_START_FROM_CURRENT_MONTH=true + +NODE_ENV=DEV + +# Authentication type for trust-service calls. Supported: NoAuth | ClientAuth (defaults to NoAuth if not set) +TRUST_SERVICE_AUTH_TYPE= +# Full token endpoint URL for ClientAuth (e.g. http://host:5000/v1/orgs/{clientId}/token) +TRUST_SERVICE_TOKEN_URL= +# Client credentials used for trust-service authentication (ClientAuth only) +TRUST_SERVICE_CLIENT_ID= +TRUST_SERVICE_CLIENT_SECRET= +# Trust list URL — for NoAuth: GitHub/static JSON URL; for ClientAuth: trust-service base URL TRUST_LIST_URL= +# Expiry is in seconds +OID4VCI_CRED_OFFER_EXPIRY=3600 +OID4VCI_ACCESS_TOKEN_EXPIRY=3600 +OID4VCI_AUTH_CODE_EXPIRY=3600 +OID4VCI_CNONCE_EXPIRY=3600 + +# Expiry is in seconds +OID4VP_AUTH_REQUEST_PROOF_REQUEST_EXPIRY=3600 + +APP_JSON_BODY_SIZE=5mb +APP_URL_ENCODED_BODY_SIZE=5mb + + BCOVRIN_TEST_GENESIS='{"reqSignature":{},"txn":{"data":{"data":{"alias":"Node1","blskey":"4N8aUNHSgjQVgkpm8nhNEfDf6txHznoYREg9kirmJrkivgL4oSEimFF6nsQ6M41QvhM2Z33nves5vfSn9n1UwNFJBYtWVnHYMATn76vLuL3zU88KyeAYcHfsih3He6UHcXDxcaecHVz6jhCYz1P2UZn2bDVruL5wXpehgBfBaLKm3Ba","blskey_pop":"RahHYiCvoNCtPTrVtP7nMC5eTYrsUA8WjXbdhNc8debh1agE9bGiJxWBXYNFbnJXoXhWFMvyqhqhRoq737YQemH5ik9oL7R4NTTCz2LEZhkgLJzB3QRQqJyBNyv7acbdHrAT8nQ9UkLbaVL9NBpnWXBTw4LEMePaSHEw66RzPNdAX1","client_ip":"138.197.138.255","client_port":9702,"node_ip":"138.197.138.255","node_port":9701,"services":["VALIDATOR"]},"dest":"Gw6pDLhcBcoQesN72qfotTgFa7cbuqZpkX3Xo6pLhPhv"},"metadata":{"from":"Th7MpTaRZVRYnPiabds81Y"},"type":"0"},"txnMetadata":{"seqNo":1,"txnId":"fea82e10e894419fe2bea7d96296a6d46f50f93f9eeda954ec461b2ed2950b62"},"ver":"1"} {"reqSignature":{},"txn":{"data":{"data":{"alias":"Node2","blskey":"37rAPpXVoxzKhz7d9gkUe52XuXryuLXoM6P6LbWDB7LSbG62Lsb33sfG7zqS8TK1MXwuCHj1FKNzVpsnafmqLG1vXN88rt38mNFs9TENzm4QHdBzsvCuoBnPH7rpYYDo9DZNJePaDvRvqJKByCabubJz3XXKbEeshzpz4Ma5QYpJqjk","blskey_pop":"Qr658mWZ2YC8JXGXwMDQTzuZCWF7NK9EwxphGmcBvCh6ybUuLxbG65nsX4JvD4SPNtkJ2w9ug1yLTj6fgmuDg41TgECXjLCij3RMsV8CwewBVgVN67wsA45DFWvqvLtu4rjNnE9JbdFTc1Z4WCPA3Xan44K1HoHAq9EVeaRYs8zoF5","client_ip":"138.197.138.255","client_port":9704,"node_ip":"138.197.138.255","node_port":9703,"services":["VALIDATOR"]},"dest":"8ECVSk179mjsjKRLWiQtssMLgp6EPhWXtaYyStWPSGAb"},"metadata":{"from":"EbP4aYNeTHL6q385GuVpRV"},"type":"0"},"txnMetadata":{"seqNo":2,"txnId":"1ac8aece2a18ced660fef8694b61aac3af08ba875ce3026a160acbc3a3af35fc"},"ver":"1"} {"reqSignature":{},"txn":{"data":{"data":{"alias":"Node3","blskey":"3WFpdbg7C5cnLYZwFZevJqhubkFALBfCBBok15GdrKMUhUjGsk3jV6QKj6MZgEubF7oqCafxNdkm7eswgA4sdKTRc82tLGzZBd6vNqU8dupzup6uYUf32KTHTPQbuUM8Yk4QFXjEf2Usu2TJcNkdgpyeUSX42u5LqdDDpNSWUK5deC5","blskey_pop":"QwDeb2CkNSx6r8QC8vGQK3GRv7Yndn84TGNijX8YXHPiagXajyfTjoR87rXUu4G4QLk2cF8NNyqWiYMus1623dELWwx57rLCFqGh7N4ZRbGDRP4fnVcaKg1BcUxQ866Ven4gw8y4N56S5HzxXNBZtLYmhGHvDtk6PFkFwCvxYrNYjh","client_ip":"138.197.138.255","client_port":9706,"node_ip":"138.197.138.255","node_port":9705,"services":["VALIDATOR"]},"dest":"DKVxG2fXXTU8yT5N7hGEbXB3dfdAnYv1JczDUHpmDxya"},"metadata":{"from":"4cU41vWW82ArfxJxHkzXPG"},"type":"0"},"txnMetadata":{"seqNo":3,"txnId":"7e9f355dffa78ed24668f0e0e369fd8c224076571c51e2ea8be5f26479edebe4"},"ver":"1"} From b8fde39bba09729bb620d199196c24b42f23b73c Mon Sep 17 00:00:00 2001 From: KambleSahil3 Date: Tue, 14 Apr 2026 18:01:12 +0530 Subject: [PATCH 13/17] update docker-compose.yml file to use ghcr image Signed-off-by: KambleSahil3 --- docker-compose.yml | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 44a368cb2..7263026d7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -220,9 +220,7 @@ services: depends_on: - nats - api-gateway - build: - context: ./ # Adjust the context path as needed - dockerfile: Dockerfiles/Dockerfile.ecosystem + image: ghcr.io/credebl/ecosystem:latest env_file: - ./.env oid4vc-issuance: @@ -230,9 +228,7 @@ services: depends_on: - nats - api-gateway - build: - context: ./ # Adjust the context path as needed - dockerfile: Dockerfiles/Dockerfile.oid4vc-issuance + image: ghcr.io/credebl/oid4vc-issuance:latest env_file: - ./.env oid4vc-verification: @@ -240,9 +236,7 @@ services: depends_on: - nats - api-gateway - build: - context: ./ # Adjust the context path as needed - dockerfile: Dockerfiles/Dockerfile.oid4vc-verification + image: ghcr.io/credebl/oid4vc-verification:latest env_file: - ./.env x509: @@ -250,9 +244,7 @@ services: depends_on: - nats - api-gateway - build: - context: ./ # Adjust the context path as needed - dockerfile: Dockerfiles/Dockerfile.x509 + image: ghcr.io/credebl/x509:latest env_file: - ./.env From e1864c74b3e08cdfa18a063cebaeafe071e406d8 Mon Sep 17 00:00:00 2001 From: KambleSahil3 Date: Wed, 15 Apr 2026 11:13:12 +0530 Subject: [PATCH 14/17] chore: update agent.env Signed-off-by: KambleSahil3 --- agent.env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/agent.env b/agent.env index e2985b57b..ecbabf0ed 100644 --- a/agent.env +++ b/agent.env @@ -45,7 +45,7 @@ TRUST_SERVICE_TOKEN_URL= TRUST_SERVICE_CLIENT_ID= TRUST_SERVICE_CLIENT_SECRET= # Trust list URL — for NoAuth: GitHub/static JSON URL; for ClientAuth: trust-service base URL -TRUST_LIST_URL= +TRUST_LIST_URL=https://raw.githubusercontent.com/credebl/agent-controller/refs/heads/feat/oidc-main-sync/trusted-certs.json # Expiry is in seconds OID4VCI_CRED_OFFER_EXPIRY=3600 From d839f12f8dcfafb96c2fe8735560d4a4e5d14ff1 Mon Sep 17 00:00:00 2001 From: KambleSahil3 Date: Wed, 15 Apr 2026 11:50:28 +0530 Subject: [PATCH 15/17] fix: sonar cloud issue Signed-off-by: KambleSahil3 --- apps/agent-provisioning/AFJ/scripts/start_agent.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/agent-provisioning/AFJ/scripts/start_agent.sh b/apps/agent-provisioning/AFJ/scripts/start_agent.sh index 10a3e2c0a..3a356d0ab 100755 --- a/apps/agent-provisioning/AFJ/scripts/start_agent.sh +++ b/apps/agent-provisioning/AFJ/scripts/start_agent.sh @@ -22,7 +22,7 @@ SCHEMA_FILE_SERVER_URL="${17}" AGENT_API_KEY="${18}" # Validate required parameters -if [ -z "$AGENCY" ] || [ -z "$EXTERNAL_IP" ] || [ -z "$WALLET_NAME" ]; then +if [[ -z "$AGENCY" ]] || [[ -z "$EXTERNAL_IP" ]] || [[ -z "$WALLET_NAME" ]]; then echo "ERROR: Missing required parameters" echo "Usage: $0 AGENCY EXTERNAL_IP WALLET_NAME ..." exit 1 From 32e8d4c3fa3022f73400af75ec656b1e17bbb796 Mon Sep 17 00:00:00 2001 From: KambleSahil3 Date: Wed, 15 Apr 2026 11:55:35 +0530 Subject: [PATCH 16/17] fix: code-rabbit issue Signed-off-by: KambleSahil3 --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 7263026d7..991af677e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -174,7 +174,7 @@ services: - organization - verification - agent-provisioning - command: sh -c 'until (docker logs platform-agent-provisioning-1 | grep "Agent-Provisioning-Service Microservice is listening to NATS"); do sleep 1; done && node dist/apps/agent-service/main.js' + command: sh -c 'until (docker logs agent-provisioning-service | grep "Agent-Provisioning-Service Microservice is listening to NATS"); do sleep 1; done && node dist/apps/agent-service/main.js' image: ghcr.io/credebl/agent-service:latest env_file: - ./.env From 128b2eda3e5f0c020b543ea8a82db3a80df4f1a4 Mon Sep 17 00:00:00 2001 From: KambleSahil3 Date: Wed, 15 Apr 2026 13:18:58 +0530 Subject: [PATCH 17/17] chore: remove unused comments and env variables Signed-off-by: KambleSahil3 --- .env.demo | 244 ++++++++++++++---------------------------------------- 1 file changed, 62 insertions(+), 182 deletions(-) diff --git a/.env.demo b/.env.demo index 1ab5fe888..da53b5f8c 100644 --- a/.env.demo +++ b/.env.demo @@ -31,92 +31,74 @@ PLAY_STORE_DOWNLOAD_LINK=https://play.google.com/store/apps/details?id=id.credeb # Apple App Store download link IOS_DOWNLOAD_LINK=https://apps.apple.com/in/app/adeya-ssi-wallet/id6463845498 -# Please specify your platform name +# Specify your platform name PLATFORM_NAME=CREDEBL -# Please specify your powered by org name +# Specify your powered by org name POWERED_BY= -# Please specify your platform web URL +# Specify your platform web URL PLATFORM_WEB_URL=https://credebl.id/ -# Please specify your support URL +# Specify your support URL POWERED_BY_URL=https://example.com -# Please specify your logo host or domain url -UPLOAD_LOGO_HOST=devapi.credebl.id +# Specify your logo host or domain url +UPLOAD_LOGO_HOST=your-ip:5000 BRAND_LOGO=https://credebl.id/images/CREDEBL_LOGO.png -# Please provide admin email Id +# Provide admin email Id PLATFORM_ADMIN_EMAIL=platform.admin@yopmail.com # Socket server host URL SOCKET_HOST=ws://your-ip:5000 -# NATS server host/IP address -NATS_HOST=your-ip - -# NATS server port -NATS_PORT=4222 - # Full NATS connection URL NATS_URL=nats://your-ip:4222 -# NATS server password -NATS_PASSWORD=xxxx - -# NATS server username +# NATS server Username and password (if authentication is enabled) NATS_USER=xxxx +NATS_PASSWORD=xxxx -# Redis server host/IP address +# Redis server host/IP address and port REDIS_HOST=your-ip - -# Redis server port REDIS_PORT=6379 -# Use IP Address -WALLET_STORAGE_HOST=your-ip - -# Wallet storage database port +# Wallet storage database connection details +WALLET_STORAGE_HOST=database-ip WALLET_STORAGE_PORT=5432 - -# Wallet storage database username WALLET_STORAGE_USER='postgres' - -# Wallet storage database password WALLET_STORAGE_PASSWORD='postgres' # It should be same as studio UI CRYPTO_PRIVATE_KEY=YourSecretPrivateKeyHere -PLATFORM_URL=https://devapi.credebl.id +PLATFORM_URL=http://your-ip:5000 -# Please provide your environment name +# Provide your environment name PLATFORM_PROFILE_MODE=DEV -# Please specify your localhost URL +# Specify your localhost URL PUBLIC_LOCALHOST_URL=http://localhost:5000 -# Please specify your DEV environment api URL +# Specify your DEV environment api URL PUBLIC_DEV_API_URL=https://devapi.credebl.id -# Please specify your QA environment api URL +# Specify your QA environment api URL PUBLIC_QA_API_URL=https://qa-api.credebl.id -# Please specify your PRODUCTION environment api URL +# Specify your PRODUCTION environment api URL PUBLIC_PRODUCTION_API_URL=https://api.credebl.id -# Please specify your sandbox environment URL +# Specify your sandbox environment URL PUBLIC_SANDBOX_API_URL=https://sandboxapi.credebl.id -# Please specify your support email +# Specify your support email PUBLIC_PLATFORM_SUPPORT_EMAIL=support@example.com -# Platform admin wallet name +# Platform admin wallet name and encrypt password using crypto-js PLATFORM_WALLET_NAME=platform-admin - -# Please provide encrypt password using crypto-js PLATFORM_WALLET_PASSWORD='U2FsdGVkX19l6w/PpuicnGBYThBHolzF27oN0JwfWkc=' # The seed should consist of 32 characters. @@ -125,140 +107,87 @@ PLATFORM_SEED=000000000000000000000000Steward1 PLATFORM_ID=1 # The format for below is as follows: postgresql://{postgres.user}:{postgres.password}@{your-ip}:{postgres.port}/{database-name} -# Provide pooler supabase postgres URL +# Provide postgres URL - database connection details POOL_DATABASE_URL="postgresql://postgres:postgres@your-ip:5432/credebl" - -# Provide supabase postgres URL and Use the correct user/pwd, IP Address DATABASE_URL="postgresql://postgres:postgres@your-ip:5432/credebl" -# Used for Bulk issuance of credential -# Optional (Can be skipped if Bulk issuance is not used) +# Used for Bulk issuance of credential (Optional- Can be skipped if Bulk issuance is not used) +# Provide aws bucket access credentails AWS_ACCESS_KEY= AWS_SECRET_KEY= AWS_REGION= AWS_BUCKET= -# Used for Adding org-logo during org creation and update -# Optional (Can be skipped if no image is added during org creation and updation) -# Please provide your aws bucket access key +# Used for Adding org-logo during org creation and update (Optional- Can be skipped if no image is added during org creation and updation) +# Provide aws bucket access credentails with write access to the bucket as logo upload is done using signed url which requires putObject permission. AWS_PUBLIC_ACCESS_KEY= AWS_PUBLIC_SECRET_KEY= AWS_PUBLIC_REGION= AWS_ORG_LOGO_BUCKET_NAME= -# Used for storing connection URL generated from Agent and creating shortened URL -# Required (As connecting to org requires Shortened url) +# Used for storing connection URL generated from Agent and creating shortened URL (As connecting to org requires Shortened url) +# Provide aws bucket access credentails with write access to the bucket as storing shortened url is done using putObject operation. AWS_S3_STOREOBJECT_ACCESS_KEY= AWS_S3_STOREOBJECT_SECRET_KEY= AWS_S3_STOREOBJECT_REGION= AWS_S3_STOREOBJECT_BUCKET= -# Please refere AWS to determine your bucket url -# https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#path-style-access -# Please specify the domain for your bucket responsible for storing shortened url objects e.g. 'https://bucket-name.s3.ap-east-1.amazonaws.com' -SHORTENED_URL_DOMAIN='https://AWS_S3_STOREOBJECT_REGION.amazonaws.com/AWS_S3_STOREOBJECT_BUCKET' +# Provide bucket used for storing shortened url objects e.g. 'https://s3.region-code.amazonaws.com/bucket-name' +SHORTENED_URL_DOMAIN='https://s3.AWS_S3_STOREOBJECT_REGION.amazonaws.com/AWS_S3_STOREOBJECT_BUCKET' -# Please specify your domain/subdomain responsible for deeplinking with 'url' as a query param e.g. 'https://your-deeplink-domain?url=' +# Specify your domain/subdomain responsible for deeplinking with 'url' as a query param e.g. 'https://your-deeplink-domain?url=' DEEPLINK_DOMAIN='https://link.credebl.id?url=' # Provide a list of domains that are allowed to use this server ENABLE_CORS_IP_LIST=http://localhost:3000,http://localhost:3001,http://localhost:5000,http://localhost:8085 -# Please provide Nkeys secret for user service +# Provide Nkeys secret for all services USER_NKEY_SEED= - -# Please provide Nkeys secret for api-gateway API_GATEWAY_NKEY_SEED= - -# Please provide Nkeys secret for organization service ORGANIZATION_NKEY_SEED= - -# Please provide Nkeys secret for agent provisioning service AGENT_PROVISIONING_NKEY_SEED= - -# Please provide Nkeys secret for agent service AGENT_SERVICE_NKEY_SEED= - -# Please provide Nkeys secret for verification service VERIFICATION_NKEY_SEED= - -# Please provide Nkeys secret for ledger service LEDGER_NKEY_SEED= - -# Please provide Nkeys secret for issuance service ISSUANCE_NKEY_SEED= - -# Please provide Nkeys secret for connection service CONNECTION_NKEY_SEED= - -# Please provide Nkeys secret for ecosystem service ECOSYSTEM_NKEY_SEED= - -# Please provide Nkeys secret for credential-definition service CREDENTAILDEFINITION_NKEY_SEED= - -# Please provide Nkeys secret for schema service SCHEMA_NKEY_SEED= - -# Please provide Nkeys secret for utilities service UTILITIES_NKEY_SEED= - CLOUD_WALLET_NKEY_SEED= - -# Please provide Nkeys secret for geo-location service GEOLOCATION_NKEY_SEED= - NOTIFICATION_NKEY_SEED= - -# Please provide Nkeys secret for x509 service X509_NKEY_SEED= - -# Please provide Nkeys secret for x509 service OIDC4VC_ISSUANCE_NKEY_SEED= - -# Please provide Nkeys secret for x509 service OIDC4VC_VERIFICATION_NKEY_SEED= -# Keycloak base domain URL +# Keycloak credentials and configuration KEYCLOAK_DOMAIN=http://localhost:8080/ - -# Keycloak admin URL KEYCLOAK_ADMIN_URL=http://localhost:8080 - -# Keycloak master realm name KEYCLOAK_MASTER_REALM=master - -# Keycloak management client ID -KEYCLOAK_MANAGEMENT_CLIENT_ID=credeblClient - -# Keycloak management client secret +KEYCLOAK_MANAGEMENT_CLIENT_ID=credeblClient # Keycloak client created for platform management in keycloak. KEYCLOAK_MANAGEMENT_CLIENT_SECRET= +KEYCLOAK_REALM=credebl-platform # Keycloak realm name for the platform -# Keycloak realm name for the platform -KEYCLOAK_REALM=credebl-platform - -# Please provide schema URL +# Provide schema server URL and token SCHEMA_FILE_SERVER_URL= - -# Please provide schema file server token for polygon SCHEMA_FILE_SERVER_TOKEN= # Script path for importing geo-location master data GEO_LOCATION_MASTER_DATA_IMPORT_SCRIPT=/prisma/scripts/geo_location_data_import.sh -# Script path for updating client credential data +# Script path for client credential data UPDATE_CLIENT_CREDENTIAL_SCRIPT=/prisma/scripts/update_client_credential_data.sh -# Note: the below 3 variables are only in case of starting services using docker -# Script path to start AFJ agent (Docker) -AFJ_AGENT_SPIN_UP=/agent-provisioning/AFJ/scripts/docker_start_agent.sh +# CREDO-CONTROLLER image. Provide the image name with tag if you are using a custom image. +AFJ_VERSION=ghcr.io/credebl/credo-controller:latest -# Path for AFJ agent endpoint files +# Note: the below 2 variables are only in case of starting services using docker +AFJ_AGENT_SPIN_UP=/agent-provisioning/AFJ/scripts/docker_start_agent.sh AFJ_AGENT_ENDPOINT_PATH=/agent-provisioning/AFJ/endpoints/ -AFJ_VERSION=ghcr.io/credebl/credo-controller:latest - -# Uncomment bellow three lines and comment the above to start services locally without using docker, using pnpm +# Uncomment below 2 lines and comment the above to start services locally without using docker, using pnpm # AFJ_AGENT_SPIN_UP=/apps/agent-provisioning/AFJ/scripts/start_agent.sh # AFJ_AGENT_ENDPOINT_PATH=/apps/agent-provisioning/AFJ/endpoints/ @@ -277,19 +206,11 @@ MAX_ORG_LIMIT=10 # Host:port of your FIDO (WebAuthn) Server FIDO_API_ENDPOINT=http://localhost:8000 -# ELK flag +# ELK configuration ELK_LOG=false - -# ELK log level LOG_LEVEL=debug - -# ELK log path ELK_LOG_PATH="http://localhost:9200/" - -# ELK user username ELK_USERNAME=elastic - -# ELK user password ELK_PASSWORD=xxxxxx ORGANIZATION=credebl @@ -299,35 +220,27 @@ APP=api # Default is true too, if nothing is passed HIDE_EXPERIMENTAL_OIDC_CONTROLLERS=true -#Schema-file-server +# Schema-file-server configurations # Port used by the schema file server application APP_PORT=4000 - # JWT token secret for schema file server authentication JWT_TOKEN_SECRET= - # Issuer name used for JWT tokens ISSUER=Credebl -#Signoz and OTel +# Signoz and OTel configurations # Flag to enable/disable OpenTelemetry (true = enabled, false = disabled) IS_ENABLE_OTEL=false - # Logical name of the service shown in observability tools (e.g., SigNoz) OTEL_SERVICE_NAME='CREDEBL-PLATFORM-SERVICE' - # Version of the service; helps in tracking changes over time OTEL_SERVICE_VERSION='1.0.0' - # Endpoint where traces are exported (OTLP over HTTP) OTEL_TRACES_OTLP_ENDPOINT='http://localhost:4318/v1/traces' - # Endpoint where logs are exported (OTLP over HTTP) OTEL_LOGS_OTLP_ENDPOINT='http://localhost:4318/v1/logs' - # API key or token used for authenticating with the OTel collector (e.g., SigNoz) OTEL_HEADERS_KEY=88ca6b1XXXXXXXXXXXXXXXXXXXXXXXXXXX - # Name of the logger used for OpenTelemetry log records OTEL_LOGGER_NAME='credebl-platform-logger' @@ -337,58 +250,34 @@ HOSTNAME='localhost' # Provide limits of sessions SESSIONS_LIMIT=10 -# SSO -APP_PROTOCOL=http - -#To add more clients, simply copy the variable below and change the word 'CREDEBL' to your client's name. -CREDEBL_CLIENT_ALIAS=CREDEBL - -CREDEBL_DOMAIN=http://localhost:3000 - -#Provide the value in its encrypted form using CRYPTO_PRIVATE_KEY. -CREDEBL_KEYCLOAK_MANAGEMENT_CLIENT_ID= - -#Provide the value in its encrypted form using CRYPTO_PRIVATE_KEY. -CREDEBL_KEYCLOAK_MANAGEMENT_CLIENT_SECRET= - -# To add more clients, simply add comma separated values of client names -# Comma separated list of supported SSO client names -SUPPORTED_SSO_CLIENTS=CREDEBL - -# Key for agent base wallet # API key for agent base wallet AGENT_API_KEY='supersecret-that-too-16chars' -# ECS security group ID +# Below values are required only if you are deploying CREDEBL on AWS ECS (EC2/Fargate). You can skip these if you are using local deployment. ECS_SECURITY_GROUP_ID=sg-xxxxxxxxxxxxxxxxx - -# File system ID (EFS) FILESYSTEMID=fs-xxxxxxxx - -# ECS subnet ID ECS_SUBNET_ID=subnet-xxxxxxxx - -# Inbound target group ARN INBOUND_TG_ARN=arn:aws:elasticloadbalancing:us-east-1:123456789012:targetgroup/inbound-tg/8a7f1cd3e2b94b12 - -# Admin target group ARN ADMIN_TG_ARN=arn:aws:elasticloadbalancing:us-east-1:123456789012:targetgroup/admin-tg/4c1e9fa7bb2143c8 - -# ECS cluster name for credo controller CLUSTER_NAME=CREDO-CONTROLLER-CLUSTER - -# ECS taskdefinition name for credo controller TASKDEFINITION_FAMILY=CREDO-CONTROLLER-TASKDEFINITION - -# Protocol used by credo controller PROTOCOL=http - -# Please provide your AWS account Id AWS_ACCOUNT_ID=xxxxx - -# Please provide your AWS bucket arn S3_BUCKET_ARN=arn:aws:s3:::xxxxx +# SSO Configurations +APP_PROTOCOL=http +#To add more clients, simply copy the variable below and change the word 'CREDEBL' to your client's name. +CREDEBL_CLIENT_ALIAS=CREDEBL +CREDEBL_DOMAIN=http://localhost:3000 +#Provide the value in its encrypted form using CRYPTO_PRIVATE_KEY. +CREDEBL_KEYCLOAK_MANAGEMENT_CLIENT_ID= +#Provide the value in its encrypted form using CRYPTO_PRIVATE_KEY. +CREDEBL_KEYCLOAK_MANAGEMENT_CLIENT_SECRET= + +# To add more clients, simply add comma separated values of client names +SUPPORTED_SSO_CLIENTS=CREDEBL + # To add more client add the following variables for each additional client. # Replace the `CLIENT-NAME` with the appropriate client name as added in `SUPPORTED_SSO_CLIENTS` # Default client will not need the following details @@ -408,16 +297,13 @@ S3_BUCKET_ARN=arn:aws:s3:::xxxxx # VERIFIER_KEYCLOAK_MANAGEMENT_CLIENT_SECRET=encryptedKeyCloakClientSecret # Active email provider: choose one of [resend | sendgrid | ses | smtp] -# Active email provider EMAIL_PROVIDER=resend -# Your Resend API key. This is required if email provider is resend -# Resend API key +# Resend API key. This is required if email provider is resend RESEND_API_KEY= # SENDGRID (Fallback option) uncomment this if you are using sendgrid email provider - # SendGrid API key -# SENDGRID_API_KEY= +# SENDGRID_API_KEY= # if email provider is ses # AWS SES region @@ -449,7 +335,6 @@ PROJECT_ID= # IN nanos(10_000) CONSUMER_CONFIG_ACK_WAIT=10_000 - CONSUMER_CONFIG_MAX_DELIVER=4 AGGREGATE_STREAM=aggregate @@ -467,15 +352,10 @@ NOTIFICATION_NATS_AUTH_TYPE=none ENABLE_NATS_NOTIFICATION=false -# Please specify your Supabase URL +# Specify your Supabase URL and Supabase Anon key SUPABASE_URL= - -# Please specify your Supabase Anon key SUPABASE_KEY= -POSTGRES_USER= -POSTGRES_PASSWORD= - # Provide file upload cache ttl FILEUPLOAD_CACHE_TTL=