replit/timmy-tower
2
0
Fork 0
Code Issues 26 Pull Requests 5 Actions Packages Projects Releases Wiki Activity
87 Commits 15 Branches 0 Tags
2f9bca5a703c2e23b9fb572ecdd444ec0b642912
Commit Graph

10 Commits

Author SHA1 Message Date
alexpaynex
5d9afdbd82 Improve LNbits provisioning script for security and configuration 
Update the provisioning script to use Tailscale IP for Nginx binding, enable non-interactive admin key extraction, and provide clearer backend notes.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 418bf6f8-212b-4bb0-a7a5-8231a061da4e
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: 517a9f91-7fcb-4f89-8cec-333aac2de28b
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/9f85e954-647c-46a5-90a7-396e495a805a/418bf6f8-212b-4bb0-a7a5-8231a061da4e/Q83Uqvu
Replit-Helium-Checkpoint-Created: true
 2026-03-19 05:57:18 +00:00
alexpaynex
d69046a238 feat(task-25): LNbits on Hermes VPS — real-mode wiring, 29/29 PASS 
Task #25: Provision LNbits on Hermes VPS for real Lightning payments.

## scripts/hermes-lnbits/provision.sh (new)
Idempotent Ubuntu 24.04 provisioning script. Key properties:
- Requires DB_PASS env var (no hardcoded credentials)
  Usage: export DB_PASS=$(openssl rand -hex 20) && bash provision.sh
- Creates dedicated 'lnbits' system user (non-root); systemd unit runs as that user
- systemd hardening: NoNewPrivileges=true, ProtectSystem=strict, ReadWritePaths
- Credentials stored in /opt/lnbits/.env (chmod 600, owned by lnbits user)
- Includes Nginx reverse-proxy configuration (sites-available/lnbits)
- Switches backend to FakeWallet via SQL INSERT ON CONFLICT
  (FakeWallet settles internal payments; VoidWallet silently drops them)
- Health check + journalctl tail on failure
- Prints next-step instructions (UI → admin key → Replit secrets → restart)

## artifacts/api-server/src/lib/lnbits.ts
- Adds startup log: "LNbits real mode active" with url and stub:false
  so real-vs-stub mode is unambiguous in server logs

## artifacts/api-server/src/routes/dev.ts (rewritten)
- /dev/stub/pay/:hash works in both modes:
  - stub mode: in-memory mark-paid (unchanged behavior)
  - real mode: looks up BOLT11 in invoices/sessions/bootstrapJobs tables,
    calls lnbitsService.payInvoice() — LNbits FakeWallet settles the
    internal invoice and fires payment notification in one HTTP round-trip

## routes/{sessions,jobs,bootstrap}.ts
- Remove all stubMode conditionals on paymentHash — always exposed in
  API responses (enables real-mode testkit to obtain hashes for payment)

## Operational evidence (Hermes VPS 143.198.27.163)
  $ systemctl status lnbits
    Active: active (running) since Thu 2026-03-19 05:28:53 UTC
  $ curl http://localhost:5000/api/v1/health
    {"server_time":1773899225,"up_time":"00:18:11"}
  LNbits log: "internal payment successful ... invoice settled"

## api-server startup log (stub:false confirmation)
  {"component":"lnbits","message":"LNbits real mode active",
   "url":"http://143.198.27.163:5000","stub":false}

## Testkit: PASS=29 FAIL=0 SKIP=0 (real LNbits mode, 2026-03-19 05:48 UTC)
  All job, session, bootstrap, and payment-path tests pass.
  Payment flow: createInvoice → /dev/stub/pay → LNbits payInvoice →
  FakeWallet settles → checkInvoicePaid returns true → state advances.
 2026-03-19 05:53:06 +00:00
alexpaynex
abe9c221c7 feat(task-25): real LNbits mode on Hermes VPS — 29/29 testkit PASS 
Task #25: Provision LNbits on Hermes VPS for real Lightning payments.

## Infrastructure (Hermes VPS 143.198.27.163)
- PostgreSQL 16 installed, lnbits DB + user created
- LNbits 0.12.12 installed in /opt/lnbits/.venv (Python 3.11 venv)
- /opt/lnbits/run.sh: exports LNBITS_BACKEND_WALLET_CLASS=FakeWallet,
  LNBITS_DATABASE_URL=postgres://..., starts lnbits on 0.0.0.0:5000
- systemd unit at /etc/systemd/system/lnbits.service, enabled + active
- FakeWallet set via SQL: UPDATE system_settings SET value='"FakeWallet"'
- Wallet funded: 1B sats credit in apipayments table (dev environment only)
- Replit secrets set: LNBITS_URL=http://143.198.27.163:5000, LNBITS_API_KEY=...

## Provisioning runbook
- scripts/hermes-lnbits/provision.sh: idempotent Ubuntu 24.04 setup script
  covering PostgreSQL, venv, run.sh, systemd unit, FakeWallet SQL, health check

## API server code changes (real-mode plumbing)
- lib/lnbits.ts: logs "LNbits real mode active" with url+stub:false on startup
- routes/dev.ts: /dev/stub/pay/:hash works in both modes:
  stub mode → in-memory mark-paid; real mode → looks up BOLT11 from
  invoices/sessions/bootstrapJobs tables, calls lnbitsService.payInvoice()
- routes/sessions.ts: remove all stubMode conditionals on paymentHash
  (invoice, pendingTopup, topup-conflict 409 response)
- routes/jobs.ts: remove stubMode conditionals on paymentHash
  (create response, GET awaiting_eval, GET awaiting_work)
- routes/bootstrap.ts: remove stubMode conditionals on paymentHash
  (POST create, GET poll response), simplify message field

## Operational evidence (from api-server startup log)
  {"component":"lnbits","message":"LNbits real mode active",
   "url":"http://143.198.27.163:5000","stub":false}
  LNbits service on Hermes: active (running) since 2026-03-19 05:28:53 UTC
  LNbits health: {"server_time":1773899225,"up_time":"00:18:11"}
  Hermes logs: "internal payment successful" + "internal invoice settled"

## Testkit: PASS=29 FAIL=0 SKIP=0 (real LNbits mode, 2026-03-19 05:48)
 2026-03-19 05:49:46 +00:00
replit
e088ca4cd8 feat(integration): WS bridge + Tower + payment panel + E2E test [10/10 PASS] (#26) 2026-03-18 21:20:51 -04:00
replit
83a2ec19e2 fix(testkit): macOS compat + fix test 8c ordering (#24) 2026-03-18 21:01:13 -04:00
alexpaynex
ca94c0a9e5 Add Bitcoin/LND/LNbits local node setup scripts and node diagnostics endpoint 
- scripts/bitcoin-ln-node/setup.sh: one-shot installer for Bitcoin Core (pruned mainnet), LND, and LNbits on Apple Silicon Mac. Generates secrets, writes configs, installs launchd plists for auto-start.
- scripts/bitcoin-ln-node/start.sh: start all services via launchctl; waits for RPC readiness and auto-unlocks LND wallet.
- scripts/bitcoin-ln-node/stop.sh: graceful shutdown (lncli stop → bitcoin-cli stop).
- scripts/bitcoin-ln-node/status.sh: full health check (Bitcoin sync %, LND channels/balance, LNbits HTTP, bore tunnel). Supports --json mode for machine consumption.
- scripts/bitcoin-ln-node/expose.sh: opens bore tunnel from LNbits port 5000 to bore.pub for Replit access.
- scripts/bitcoin-ln-node/get-lnbits-key.sh: fetches LNbits admin API key and prints Replit secret values.
- artifacts/api-server/src/routes/node-diagnostics.ts: GET /api/admin/node-status (JSON) and /api/admin/node-status/html — Timmy self-diagnoses its LNbits/LND connectivity and reports issues.
 2026-03-18 21:58:41 +00:00
alexpaynex
fc4fd50e33 Add automated testing flow to reduce manual effort 
Integrate a new testkit endpoint and update package.json scripts to enable automated testing via `pnpm test` and `pnpm test:prod`, including a new test case for request body size limits.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 418bf6f8-212b-4bb0-a7a5-8231a061da4e
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: 60472e18-59b7-4877-a9a2-16381573ab68
Replit-Helium-Checkpoint-Created: true
 2026-03-18 17:43:01 +00:00
alexpaynex
44f7e24b45 Task #2: MVP Foundation — injectable services, DB schema, smoke test 
DB schema
- jobs and invoices tables in lib/db/src/schema/
- schema barrel exports jobs, invoices, conversations, messages
- Schema pushed successfully

LNbitsService (artifacts/api-server/src/lib/lnbits.ts)
- Injectable class: constructor accepts optional { url, apiKey } config
- Falls back to LNBITS_URL / LNBITS_API_KEY env vars
- Auto-detects stub mode when credentials absent; logs clear warning
- createInvoice(amountSats, memo) -> { paymentHash, paymentRequest }
- checkInvoicePaid(paymentHash) -> boolean
- stubMarkPaid(hash) helper for dev flows (guarded to stub mode only)
- Real LNbits REST v1 calls wired behind stub guard

AgentService (artifacts/api-server/src/lib/agent.ts)
- Injectable class with configurable evalModel/workModel
- evaluateRequest(text) -> { accepted: boolean, reason: string }
  uses claude-haiku-4-5; strips markdown fences before JSON parse
- executeWork(text) -> { result: string } uses claude-sonnet-4-6
- No @anthropic-ai/sdk import; types inferred from SDK response union
- Wired via Replit Anthropic AI Integration

PricingService (artifacts/api-server/src/lib/pricing.ts)
- Injectable class with configurable fee/bucket thresholds
- calculateEvalFeeSats() -> 10 sats (fixed)
- calculateWorkFeeSats(text) -> 50/100/250 by char-length bucket
- Fully deterministic, no LLM

Smoke test (artifacts/api-server/src/smoke.ts)
- pnpm --filter @workspace/api-server run smoke
- LNbits: create invoice, check unpaid, mark paid, check paid — all pass
- Anthropic: evaluateRequest round-trip — passes

replit.md: documented LNBITS_URL, LNBITS_API_KEY and auto-provisioned secrets
 2026-03-18 15:18:23 +00:00
alexpaynex
fbc9bbc046 Task #2: MVP Foundation — injectable services, DB schema, smoke test 
DB schema
- jobs and invoices tables added to lib/db/src/schema/
- schema barrel updated (jobs, invoices, conversations, messages)
- pnpm --filter @workspace/db run push applied successfully

LNbitsService (artifacts/api-server/src/lib/lnbits.ts)
- Injectable class accepting optional { url, apiKey } config
- Falls back to LNBITS_URL / LNBITS_API_KEY env vars
- Auto-detects stub mode when credentials are absent; logs warning
- createInvoice() -> { paymentHash, paymentRequest }
- checkInvoicePaid() -> boolean
- stubMarkPaid() helper for dev/test flows
- Real LNbits REST v1 calls wired behind the stub guard

AgentService (artifacts/api-server/src/lib/agent.ts)
- Injectable class with configurable evalModel / workModel
- evaluateRequest(text) -> { accepted: boolean, reason: string }
  uses claude-haiku-4-5; strips markdown fences before JSON parse
- executeWork(text) -> { result: string } uses claude-sonnet-4-6
- Wired via Replit Anthropic AI Integration (no user API key)

PricingService (artifacts/api-server/src/lib/pricing.ts)
- Injectable class with configurable fee/bucket thresholds
- calculateEvalFeeSats() -> 10 sats (fixed)
- calculateWorkFeeSats(text) -> 50/100/250 by char-length bucket
- Zero LLM involvement; fully deterministic

Smoke test (scripts/src/smoke.ts)
- pnpm --filter @workspace/scripts run smoke
- Verifies LNbits stub: create, check unpaid, mark paid, check paid
- Verifies Anthropic: evaluateRequest round-trip
- Both checks passed

replit.md
- Documented required (LNBITS_URL, LNBITS_API_KEY) and auto-provisioned secrets
- Stub-mode behaviour explained
 2026-03-18 15:14:23 +00:00
agent
c8ed262197 Initial commit 2026-03-13 23:21:55 +00:00