diff --git a/config.yaml.example b/config.yaml.example index 5e13fc3..46355e7 100644 --- a/config.yaml.example +++ b/config.yaml.example @@ -20,6 +20,11 @@ repeater: # If not specified, a new identity will be generated identity_file: null + # Identity key (alternative to identity_file) + # Store the private key directly in config as binary (set by convert_firmware_key.sh) + # If both identity_file and identity_key are set, identity_key takes precedence + # identity_key: null + # Duplicate packet cache TTL in seconds cache_ttl: 3600 diff --git a/convert_firmware_key.sh b/convert_firmware_key.sh index 1153f87..335c9aa 100755 --- a/convert_firmware_key.sh +++ b/convert_firmware_key.sh @@ -152,20 +152,20 @@ if output_format == "yaml": sys.exit(1) # Check for existing key - if 'mesh' in config and 'identity_key' in config['mesh']: - existing = config['mesh']['identity_key'] + if 'repeater' in config and 'identity_key' in config['repeater']: + existing = config['repeater']['identity_key'] if isinstance(existing, bytes): print(f"WARNING: Existing identity_key found ({len(existing)} bytes)") else: print(f"WARNING: Existing identity_key found") print() - # Ensure mesh section exists - if 'mesh' not in config: - config['mesh'] = {} + # Ensure repeater section exists + if 'repeater' not in config: + config['repeater'] = {} # Store the full 64-byte key - config['mesh']['identity_key'] = key_bytes + config['repeater']['identity_key'] = key_bytes # Save config atomically backup_path = f"{config_path}.backup.{Path(config_path).stat().st_mtime_ns}" @@ -220,7 +220,7 @@ else: config = yaml.safe_load(f) or {} # Check if identity_key exists in config - if 'mesh' in config and 'identity_key' in config['mesh']: + if 'repeater' in config and 'identity_key' in config['repeater']: print(f"Updating {config_path} to use identity.key file...") # Create backup @@ -230,7 +230,7 @@ else: print(f"Created backup: {backup_path}") # Remove identity_key from config - del config['mesh']['identity_key'] + del config['repeater']['identity_key'] # Save updated config with open(config_path, 'w') as f: @@ -240,7 +240,7 @@ else: print(f"✓ Config will now use {identity_path}") print() else: - print(f"✓ Config file already configured to use identity.key file") + print(f"✓ Config file already configured to use identity.key file (no repeater.identity_key found)") print() except Exception as e: diff --git a/repeater/config.py b/repeater/config.py index 86e0933..6ba716b 100644 --- a/repeater/config.py +++ b/repeater/config.py @@ -94,9 +94,14 @@ def load_config(config_path: Optional[str] = None) -> Dict[str, Any]: "jwt_expiry_minutes": 60, } - # Only auto-generate identity_key if not provided - if "identity_key" not in config["mesh"]: - config["mesh"]["identity_key"] = _load_or_create_identity_key() + # Only auto-generate identity_key if not provided under repeater section + if "identity_key" not in config["repeater"]: + # Check if identity_file is specified + identity_file = config["repeater"].get("identity_file") + if identity_file: + config["repeater"]["identity_key"] = _load_or_create_identity_key(path=identity_file) + else: + config["repeater"]["identity_key"] = _load_or_create_identity_key() if os.getenv("PYMC_REPEATER_LOG_LEVEL"): if "logging" not in config: diff --git a/repeater/main.py b/repeater/main.py index e0b9e92..19ef940 100644 --- a/repeater/main.py +++ b/repeater/main.py @@ -116,7 +116,7 @@ class RepeaterDaemon: logger.info("Identity manager initialized") # Set up default repeater identity (not managed by identity manager) - identity_key = self.config.get("mesh", {}).get("identity_key") + identity_key = self.config.get("repeater", {}).get("identity_key") if not identity_key: logger.error("No identity key found in configuration. Cannot init repeater.") raise RuntimeError("Identity key is required for repeater operation")