4nk/anchorage_layer_simple
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
anchorage_layer_simple/api-faucet/src/server.js
ncantu 937646cc45 Daily backup to git cron, backup/restore scripts, docs 
**Motivations:**
- Export Signet and mining wallet backups to git with only 2 versions kept
- Document and add backup/restore scripts for signet and mining wallet

**Correctifs:**
- Backup-to-git uses SSH URL for passwordless cron; copy timestamped files only; prune to 2 versions; remove *-latest from backup repo

**Evolutions:**
- data/backup-to-git-cron.sh: daily export to git.4nkweb.com/4nk/backup
- save-signet-datadir-backup.sh, restore-signet-from-backup.sh, export-mining-wallet.sh, import-mining-wallet.sh
- features/backup-to-git-daily-cron.md, docs/MAINTENANCE.md backup section
- .gitignore: data/backup-to-git.log

**Pages affectées:**
- .gitignore, data/backup-to-git-cron.sh, docs/MAINTENANCE.md, features/backup-to-git-daily-cron.md
- save-signet-datadir-backup.sh, restore-signet-from-backup.sh, export-mining-wallet.sh, import-mining-wallet.sh
- Plus autres fichiers modifiés ou non suivis déjà présents dans le working tree
2026-02-04 03:07:57 +01:00

150 lines
4.0 KiB
JavaScript
Raw Blame History

#!/usr/bin/env node
/**
* API Faucet Bitcoin Signet
*
* Cette API permet de distribuer des sats (50000 sats = 0.0005 BTC)
* sur la blockchain Bitcoin Signet.
*
* Port: 3021
*/
import express from 'express';
import cors from 'cors';
import dotenv from 'dotenv';
import { bitcoinRPC } from './bitcoin-rpc.js';
import { faucetRouter } from './routes/faucet.js';
import { healthRouter } from './routes/health.js';
import { logger } from './logger.js';
// Charger les variables d'environnement
dotenv.config();
const app = express();
const PORT = process.env.FAUCET_API_PORT || 3021;
const HOST = process.env.FAUCET_API_HOST || '0.0.0.0';
const ALLOWED_SOURCE_IP = process.env.ALLOWED_SOURCE_IP ?? '';
/**
* Normalize remote address: IPv6-mapped IPv4 (::ffff:192.168.1.100) -> 192.168.1.100
* @param {string} addr - req.socket.remoteAddress
* @returns {string}
*/
function normalizeRemoteAddress(addr) {
if (!addr) return '';
if (addr.startsWith('::ffff:')) return addr.slice(7);
return addr;
}
// Middleware: accept only requests from proxy when ALLOWED_SOURCE_IP is set (IPv4 only)
app.use((req, res, next) => {
if (!ALLOWED_SOURCE_IP) return next();
const remote = normalizeRemoteAddress(req.socket.remoteAddress ?? '');
if (remote !== ALLOWED_SOURCE_IP) {
logger.warn('Request rejected: source not allowed', {
remoteAddress: req.socket.remoteAddress,
allowedSourceIp: ALLOWED_SOURCE_IP,
path: req.path,
});
res.status(403).json({ error: 'Forbidden', message: 'Source not allowed' });
return;
}
next();
});
// Middleware
app.use(cors());
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
// Middleware de logging
app.use((req, res, next) => {
logger.info(`${req.method} ${req.path}`, {
ip: req.ip,
userAgent: req.get('user-agent'),
});
next();
});
// Middleware d'authentification API Key
app.use((req, res, next) => {
// Exclure /health et / de l'authentification
if (req.path === '/health' || req.path === '/') {
return next();
}
const apiKey = req.headers['x-api-key'];
// Filtrer les clés vides pour éviter qu'une chaîne vide soit acceptée
const validKeys = process.env.API_KEYS?.split(',').map(k => k.trim()).filter(k => k.length > 0) || [];
// Vérifier que la clé API est présente, non vide, et dans la liste des clés valides
if (!apiKey || apiKey.trim().length === 0 || !validKeys.includes(apiKey.trim())) {
logger.warn('Unauthorized API access attempt', { ip: req.ip, path: req.path });
return res.status(401).json({
error: 'Unauthorized',
message: 'Invalid or missing API key',
});
}
next();
});
// Routes
app.use('/health', healthRouter);
app.use('/api/faucet', faucetRouter);
// Route racine
app.get('/', (req, res) => {
res.json({
service: 'bitcoin-signet-faucet-api',
version: '1.0.0',
endpoints: {
health: '/health',
request: '/api/faucet/request',
},
});
});
// Gestion des erreurs
app.use((err, req, res, next) => {
logger.error('Unhandled error', { error: err.message, stack: err.stack });
res.status(500).json({
error: 'Internal Server Error',
message: process.env.NODE_ENV === 'development' ? err.message : 'An error occurred',
});
});
// Gestion des routes non trouvées
app.use((req, res) => {
res.status(404).json({
error: 'Not Found',
message: `Route ${req.method} ${req.path} not found`,
});
});
// Démarrage du serveur
const server = app.listen(PORT, HOST, () => {
logger.info(`API Faucet Bitcoin Signet démarrée`, {
host: HOST,
port: PORT,
environment: process.env.NODE_ENV || 'production',
});
});
// Gestion de l'arrêt propre
process.on('SIGTERM', () => {
logger.info('SIGTERM received, shutting down gracefully');
server.close(() => {
logger.info('Server closed');
process.exit(0);
});
});
process.on('SIGINT', () => {
logger.info('SIGINT received, shutting down gracefully');
server.close(() => {
logger.info('Server closed');
process.exit(0);
});
});
Reference in New Issue View Git Blame Copy Permalink