From 7019605a33788f701ea294d576491627e35dc183 Mon Sep 17 00:00:00 2001
From: Michael Buntarman <michaelboentarman@gmail.com>
Date: Wed, 24 Sep 2025 16:25:16 +0700
Subject: [PATCH 1/2] chore: simplify AMI deployment and fix overwritting
 config

---
 .../infra/stacks/ami_pipeline_stack.go        |  2 +-
 .../infra/stacks/docker-compose.template.yml  | 44 ++++++++++---------
 2 files changed, 24 insertions(+), 22 deletions(-)

diff --git a/deployments/infra/stacks/ami_pipeline_stack.go b/deployments/infra/stacks/ami_pipeline_stack.go
index f5ea05aa2..b1ea27502 100644
--- a/deployments/infra/stacks/ami_pipeline_stack.go
+++ b/deployments/infra/stacks/ami_pipeline_stack.go
@@ -288,7 +288,7 @@ phases:
               # Create .env file
               cat > .env << ENVEOF
               CHAIN_ID=$CHAIN_ID
-              DB_OWNER=postgres://kwild:kwild@kwil-postgres:5432/kwild
+              DB_OWNER=postgres://postgres@tn-postgres:5432/kwild
               ENVEOF
 
               # Only set COMPOSE_PROFILES when MCP is enabled
diff --git a/deployments/infra/stacks/docker-compose.template.yml b/deployments/infra/stacks/docker-compose.template.yml
index cd891a57a..850581569 100644
--- a/deployments/infra/stacks/docker-compose.template.yml
+++ b/deployments/infra/stacks/docker-compose.template.yml
@@ -1,5 +1,5 @@
 services:
-  kwil-postgres:
+  tn-postgres:
     image: kwildb/postgres:latest
     container_name: tn-postgres
     environment:
@@ -31,32 +31,34 @@ services:
       - "26656:26656"
       - "26657:26657"
     depends_on:
-      kwil-postgres:
+      tn-postgres:
         condition: service_healthy
     networks:
       - tn-network
     restart: unless-stopped
     command: |
       sh -c "
-        # Generate config in temporary directory first
-        rm -rf /tmp/my-node-config
-        echo 'Initializing node configuration in temp directory...'
-        /app/kwild setup init --genesis /opt/tn/configs/network/v2/genesis.json --root /tmp/my-node-config --p2p.bootnodes \"4e0b5c952be7f26698dc1898ff3696ac30e990f25891aeaf88b0285eab4663e1#ed25519@node-1.mainnet.truf.network:26656,0c830b69790eaa09315826403c2008edc65b5c7132be9d4b7b4da825c2a166ae#ed25519@node-2.mainnet.truf.network:26656\" --state-sync.enable --state-sync.trusted-providers \"0c830b69790eaa09315826403c2008edc65b5c7132be9d4b7b4da825c2a166ae#ed25519@node-2.mainnet.truf.network:26656\" --rpc.private --db.host kwil-postgres
+        # Only generate NEW config if persistent storage is empty
+        if [ ! -f /root/.kwild/config.toml ]; then
+          echo 'No existing configuration found. Generating new node identity...'
 
-        # Only copy if initialization succeeded
-        if [ -f /tmp/my-node-config/config.toml ]; then
-          echo 'Copying config to /root/.kwild...'
-          mkdir -p /root/.kwild
-          cp -r /tmp/my-node-config/* /root/.kwild/
+          # Install curl if not available and wget doesn't work
+          if ! command -v wget >/dev/null 2>&1 && ! command -v curl >/dev/null 2>&1; then
+            echo 'Installing curl...'
+            apt-get update && apt-get install -y curl || apk add curl || true
+          fi
 
-          # Ensure database host is set correctly for Docker environment
-          sed -i \"s/host = '127.0.0.1'/host = 'kwil-postgres'/\" /root/.kwild/config.toml
-          sed -i \"s/host = 'localhost'/host = 'kwil-postgres'/\" /root/.kwild/config.toml
+          # Get public IP for external address
+          PUBLIC_IP=$$(wget -qO- http://checkip.amazonaws.com/ 2>/dev/null || curl -s http://checkip.amazonaws.com/ 2>/dev/null || echo \"\")
+          echo \"Detected public IP: $$PUBLIC_IP\"
 
-          echo 'Configuration setup complete!'
+          /app/kwild setup init --genesis /opt/tn/configs/network/v2/genesis.json --root /root/.kwild-new --p2p.bootnodes \"4e0b5c952be7f26698dc1898ff3696ac30e990f25891aeaf88b0285eab4663e1#ed25519@node-1.mainnet.truf.network:26656,0c830b69790eaa09315826403c2008edc65b5c7132be9d4b7b4da825c2a166ae#ed25519@node-2.mainnet.truf.network:26656\" --state-sync.enable --state-sync.trusted-providers \"0c830b69790eaa09315826403c2008edc65b5c7132be9d4b7b4da825c2a166ae#ed25519@node-2.mainnet.truf.network:26656\" --rpc.private --db.host tn-postgres --p2p.external-address $$PUBLIC_IP:26656
+          mkdir -p /root/.kwild
+          cp /root/.kwild-new/* /root/.kwild/
+          rm -rf /root/.kwild-new
+          echo 'New node identity created and saved!'
         else
-          echo 'ERROR: kwild setup init failed!'
-          exit 1
+          echo 'Using existing node identity from persistent storage.'
         fi
 
         # Convert private key to nodekey.json if TN_PRIVATE_KEY is provided
@@ -71,21 +73,21 @@ services:
           echo 'Nodekey created successfully'
         fi
 
-        echo 'Starting TrufNetwork node...'
-        /app/kwild start -r /root/.kwild
+        echo 'Starting TRUF.NETWORK node...'
+        /app/kwild start
       "
 
   postgres-mcp:
     image: crystaldba/postgres-mcp:latest
     container_name: tn-mcp
     environment:
-      - DATABASE_URI=postgresql://postgres@kwil-postgres:5432/kwild
+      - DATABASE_URI=postgresql://postgres@tn-postgres:5432/kwild
       - MCP_ACCESS_MODE=restricted
       - MCP_TRANSPORT=sse
     ports:
       - "8000:8000"
     depends_on:
-      kwil-postgres:
+      tn-postgres:
         condition: service_healthy
       tn-node:
         condition: service_started

From 10741b9f506622f0fdc1147e0607e38af8166332 Mon Sep 17 00:00:00 2001
From: Michael Buntarman <michaelboentarman@gmail.com>
Date: Fri, 26 Sep 2025 03:00:04 +0700
Subject: [PATCH 2/2] chore: apply suggestion

---
 .../infra/stacks/ami_pipeline_stack.go        |  1 -
 .../infra/stacks/docker-compose.template.yml  | 29 +++++++++----------
 2 files changed, 14 insertions(+), 16 deletions(-)

diff --git a/deployments/infra/stacks/ami_pipeline_stack.go b/deployments/infra/stacks/ami_pipeline_stack.go
index b1ea27502..0f6f105cf 100644
--- a/deployments/infra/stacks/ami_pipeline_stack.go
+++ b/deployments/infra/stacks/ami_pipeline_stack.go
@@ -288,7 +288,6 @@ phases:
               # Create .env file
               cat > .env << ENVEOF
               CHAIN_ID=$CHAIN_ID
-              DB_OWNER=postgres://postgres@tn-postgres:5432/kwild
               ENVEOF
 
               # Only set COMPOSE_PROFILES when MCP is enabled
diff --git a/deployments/infra/stacks/docker-compose.template.yml b/deployments/infra/stacks/docker-compose.template.yml
index 850581569..1817d91c8 100644
--- a/deployments/infra/stacks/docker-compose.template.yml
+++ b/deployments/infra/stacks/docker-compose.template.yml
@@ -5,7 +5,7 @@ services:
     environment:
       POSTGRES_HOST_AUTH_METHOD: trust
     volumes:
-      - postgres_data:/var/lib/postgresql/data
+      - ./pg-data:/var/lib/postgresql/data
     ports:
       - "127.0.0.1:5432:5432"
     networks:
@@ -23,7 +23,7 @@ services:
     container_name: tn-node
     entrypoint: ""
     volumes:
-      - node_data:/root/.kwild
+      - ./tn-data:/root/.kwild
       - /opt/tn/configs:/opt/tn/configs:ro
     ports:
       - "8484:8484"
@@ -42,17 +42,19 @@ services:
         if [ ! -f /root/.kwild/config.toml ]; then
           echo 'No existing configuration found. Generating new node identity...'
 
-          # Install curl if not available and wget doesn't work
-          if ! command -v wget >/dev/null 2>&1 && ! command -v curl >/dev/null 2>&1; then
-            echo 'Installing curl...'
-            apt-get update && apt-get install -y curl || apk add curl || true
+          # Resolve external address (prefer env override; fallback if tools exist)
+          PUBLIC_IP=\"$${TN_EXTERNAL_ADDRESS:-}\"
+          if [ -z \"$$PUBLIC_IP\" ]; then
+            if command -v wget >/dev/null 2>&1; then
+              PUBLIC_IP=$$(wget -T 2 -qO- https://checkip.amazonaws.com/ 2>/dev/null || true)
+            elif command -v curl >/dev/null 2>&1; then
+              PUBLIC_IP=$$(curl -m 2 -s https://checkip.amazonaws.com/ 2>/dev/null || true)
+            fi
           fi
-
-          # Get public IP for external address
-          PUBLIC_IP=$$(wget -qO- http://checkip.amazonaws.com/ 2>/dev/null || curl -s http://checkip.amazonaws.com/ 2>/dev/null || echo \"\")
+          [ -n \"$$PUBLIC_IP\" ] && EXTERNAL_FLAG=\"--p2p.external-address $$PUBLIC_IP:26656\" || EXTERNAL_FLAG=\"\"
           echo \"Detected public IP: $$PUBLIC_IP\"
 
-          /app/kwild setup init --genesis /opt/tn/configs/network/v2/genesis.json --root /root/.kwild-new --p2p.bootnodes \"4e0b5c952be7f26698dc1898ff3696ac30e990f25891aeaf88b0285eab4663e1#ed25519@node-1.mainnet.truf.network:26656,0c830b69790eaa09315826403c2008edc65b5c7132be9d4b7b4da825c2a166ae#ed25519@node-2.mainnet.truf.network:26656\" --state-sync.enable --state-sync.trusted-providers \"0c830b69790eaa09315826403c2008edc65b5c7132be9d4b7b4da825c2a166ae#ed25519@node-2.mainnet.truf.network:26656\" --rpc.private --db.host tn-postgres --p2p.external-address $$PUBLIC_IP:26656
+          /app/kwild setup init --genesis /opt/tn/configs/network/v2/genesis.json --root /root/.kwild-new --p2p.bootnodes \"4e0b5c952be7f26698dc1898ff3696ac30e990f25891aeaf88b0285eab4663e1#ed25519@node-1.mainnet.truf.network:26656,0c830b69790eaa09315826403c2008edc65b5c7132be9d4b7b4da825c2a166ae#ed25519@node-2.mainnet.truf.network:26656\" --state-sync.enable --state-sync.trusted-providers \"0c830b69790eaa09315826403c2008edc65b5c7132be9d4b7b4da825c2a166ae#ed25519@node-2.mainnet.truf.network:26656\" --rpc.private --db.host tn-postgres $$EXTERNAL_FLAG
           mkdir -p /root/.kwild
           cp /root/.kwild-new/* /root/.kwild/
           rm -rf /root/.kwild-new
@@ -70,11 +72,12 @@ services:
             exit 1
           fi
           echo '{\"key\":\"'$$CLEAN_KEY'\",\"type\":\"secp256k1\"}' > /root/.kwild/nodekey.json
+          chmod 600 /root/.kwild/nodekey.json || true
           echo 'Nodekey created successfully'
         fi
 
         echo 'Starting TRUF.NETWORK node...'
-        /app/kwild start
+        exec /app/kwild start
       "
 
   postgres-mcp:
@@ -97,10 +100,6 @@ services:
     profiles:
       - mcp
 
-volumes:
-  postgres_data:
-  node_data:
-
 networks:
   tn-network:
     driver: bridge
\ No newline at end of file