efir369999/montana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7e79d99599
montana/Montana-Protocol/Code/scripts/install-docker.sh
Afgroup 614381d896 sync 2026-05-27T13:23:42Z
2026-05-27 16:44:03 +03:00

408 lines
21 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Montana — one-command Docker install on a clean Linux VPS.
#
# Result: a Helsinki-equivalent VPN-backend Montana node, fully containerised.
# - montana-node container on host network, p2p :8444
# - xray container on host network, Reality VLESS-XTLS-Vision :443
# - nginx-decoy container on host network, plain HTTP :80
# - ufw host firewall opening 22/80/443/8444
#
# Usage on a clean VPS (root):
# curl -fsSL https://raw.githubusercontent.com/efir369999/Montana/main/Code/scripts/install-docker.sh \
# | sudo bash
#
# Pre-stageable secrets (optional — operator-supplied via scp BEFORE running):
# /etc/montana-vpn/privkey Reality x25519 private key. Presence => the
# node joins the universal-key Montana VPN
# federation (same UUID/PBK/SID/SNI as
# Helsinki/Frankfurt/US). Absence => generate
# fresh standalone keys.
# /etc/montana-vpn/orch-token Orchestrator admin secret. Presence => after
# compose-up the installer POSTs /vpn/node/
# register so this node appears in the public
# https://montana.quest/vpn/sub subscription.
#
# Operator metadata (used by orchestrator register payload; sensible defaults
# from the VPS itself when omitted):
# Country, city and coordinates are auto-detected from the node's public IP
# (ip-api.com) when the variables below are omitted; override only if needed:
# MONTANA_ALIAS=<hostname-short> short lowercase alias
# MONTANA_CITY=<city name> auto from geo-IP; e.g. Yerevan
# MONTANA_LABEL=<human label> auto from city; any UTF-8
# MONTANA_COUNTRY=<two-letter ISO> auto from geo-IP; e.g. AM, FI, DE
# MONTANA_HOSTING=<provider name> e.g. WorkTitans
# MONTANA_COORDS='lat,lon' auto from geo-IP; e.g. 40.18,44.51
#
# Other environment knobs:
# MONTANA_DECOY_HOST=www.googletagmanager.com Reality dest SNI
# MONTANA_CLIENT_EMAIL=montana-universal xray client email tag
# MONTANA_NODE_TAG=$(hostname) inbound tag suffix
# MONTANA_REPO_URL=https://github.com/efir369999/Montana.git
# MONTANA_REPO_BRANCH=main
# MONTANA_WIPE_LEGACY=1 purge prior native systemd install
# MONTANA_ORCH_URL=https://montana.quest/vpn/node
# MONTANA_SKIP_VERIFY=0 skip post-install self-checks
set -euo pipefail
# ── configuration ───────────────────────────────────────────────────────────
REPO_URL="${MONTANA_REPO_URL:-https://github.com/efir369999/Montana.git}"
REPO_BRANCH="${MONTANA_REPO_BRANCH:-main}"
INSTALL_DIR="/opt/montana"
RUNTIME_DIR="$INSTALL_DIR/Code/docker/runtime"
VPN_DIR="/etc/montana-vpn"
VPN_PRIVKEY_FILE="$VPN_DIR/privkey"
ORCH_TOKEN_FILE="$VPN_DIR/orch-token"
XRAY_CONF="$VPN_DIR/xray-config.json"
NGX_CONF="$VPN_DIR/nginx-decoy.conf"
DECOY_HTML="$VPN_DIR/decoy-index.html"
DECOY_HOST="${MONTANA_DECOY_HOST:-www.googletagmanager.com}"
CLIENT_EMAIL="${MONTANA_CLIENT_EMAIL:-montana-universal}"
NODE_TAG="${MONTANA_NODE_TAG:-$(hostname -s 2>/dev/null || echo node)}"
WIPE_LEGACY="${MONTANA_WIPE_LEGACY:-1}"
ORCH_URL="${MONTANA_ORCH_URL:-https://montana.quest/vpn/node}"
SKIP_VERIFY="${MONTANA_SKIP_VERIFY:-0}"
# Universal Montana VPN client metadata — public, distributed in VLESS subs.
UNIVERSAL_UUID="e6d355e2-2d79-4c96-a373-3b0e6b6f4b0d"
UNIVERSAL_SID="302805bc0c25e504"
UNIVERSAL_PRIVKEY="cL7D6FCqH5nWcQlHCKH9uNr-RNwCt5peRAqt8tl9mXs"
log() { printf '\033[1;32m[install-docker]\033[0m %s\n' "$*"; }
warn() { printf '\033[1;33m[install-docker]\033[0m %s\n' "$*" >&2; }
die() { printf '\033[1;31m[install-docker] ERROR:\033[0m %s\n' "$*" >&2; exit 1; }
ok() { printf '\033[1;32m[verify ✓]\033[0m %s\n' "$*"; }
bad() { printf '\033[1;31m[verify ✗]\033[0m %s\n' "$*" >&2; }
retry() {
local n="$1"; shift
local i=1
while [ "$i" -le "$n" ]; do
if "$@"; then return 0; fi
warn "attempt $i/$n failed for: $*"
i=$((i+1)); sleep $((i*3))
done
return 1
}
# Built-in orchestrator token — every Montana node auto-registers on install.
BUILTIN_ORCH_TOKEN="b517e7888473d905d26eba58c444f7cad927978c5ef3a77b5baa8bb6c296c948"
if [ ! -s "$ORCH_TOKEN_FILE" ]; then
EFFECTIVE_TOKEN="${MONTANA_ORCH_TOKEN:-$BUILTIN_ORCH_TOKEN}"
mkdir -p "$VPN_DIR" && chmod 0700 "$VPN_DIR"
install -m 0600 /dev/stdin "$ORCH_TOKEN_FILE" <<<"$EFFECTIVE_TOKEN"
log "orch-token written (${MONTANA_ORCH_TOKEN:+env override}${MONTANA_ORCH_TOKEN:-built-in})"
fi
# ── 1. preconditions ─────────────────────────────────────────────────────────
[ "$(id -u)" = "0" ] || die "root privileges required"
[ -f /etc/os-release ] || die "/etc/os-release missing"
. /etc/os-release
OS_ID="${ID:-unknown}"
case "$OS_ID" in
ubuntu|debian) ;;
*) die "unsupported OS: $OS_ID. Supported: ubuntu, debian" ;;
esac
log "OS: ${PRETTY_NAME:-$OS_ID}"
# ── 2. wipe prior native systemd install if any ──────────────────────────────
if [ "$WIPE_LEGACY" = "1" ]; then
log "wiping any prior native systemd install of montana-node / xray / nginx..."
systemctl stop montana-node xray nginx 2>/dev/null || true
systemctl disable montana-node xray nginx 2>/dev/null || true
rm -f /etc/systemd/system/montana-node.service \
/etc/systemd/system/xray.service /etc/systemd/system/xray@.service
rm -rf /etc/systemd/system/montana-node.service.d \
/etc/systemd/system/xray.service.d /etc/systemd/system/xray@.service.d
systemctl daemon-reload 2>/dev/null || true
systemctl reset-failed 2>/dev/null || true
# Native xray uninstall — only if there's something to remove.
if [ -x /usr/local/bin/xray ] && [ -f /etc/systemd/system/xray.service ]; then
bash -c "$(curl -fsSL https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" \
@ remove --purge >/dev/null 2>&1 || true
fi
rm -f /usr/local/bin/xray /usr/local/bin/xctl
rm -rf /usr/local/etc/xray /usr/local/share/xray /var/log/xray
if dpkg -l 2>/dev/null | grep -qE '^ii nginx'; then
DEBIAN_FRONTEND=noninteractive apt-get remove --purge -y nginx nginx-core nginx-common nginx-full >/dev/null 2>&1 || true
DEBIAN_FRONTEND=noninteractive apt-get autoremove -y >/dev/null 2>&1 || true
fi
rm -rf /etc/nginx /var/www/decoy
if [ -d /var/lib/montana ]; then
BK="/root/montana-pre-docker-backup-$(date +%s)"
mkdir -p "$BK"
cp -a /var/lib/montana "$BK/" 2>/dev/null || true
cp -a /etc/montana "$BK/" 2>/dev/null || true
log "backed up legacy data to $BK"
fi
rm -rf /var/lib/montana /etc/montana
id montana >/dev/null 2>&1 && userdel -r montana 2>/dev/null || true
rm -f /usr/local/bin/montana-node
log "legacy wipe complete"
fi
# ── 3. apt deps + docker + compose plugin ────────────────────────────────────
log "installing apt deps (curl, ca-certificates, gnupg, openssl, jq, ufw, git)..."
export DEBIAN_FRONTEND=noninteractive
retry 3 apt-get update -qq
retry 3 apt-get install -y -qq curl ca-certificates gnupg openssl jq ufw git lsb-release >/dev/null
if ! command -v docker >/dev/null 2>&1; then
log "installing Docker Engine + compose plugin via official apt repo..."
install -m 0755 -d /etc/apt/keyrings
retry 3 bash -c "curl -fsSL https://download.docker.com/linux/${OS_ID}/gpg \
| gpg --dearmor -o /etc/apt/keyrings/docker.gpg"
chmod a+r /etc/apt/keyrings/docker.gpg
CODENAME="$(. /etc/os-release && echo "${VERSION_CODENAME:-bookworm}")"
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
https://download.docker.com/linux/${OS_ID} ${CODENAME} stable" > /etc/apt/sources.list.d/docker.list
retry 3 apt-get update -qq
retry 3 apt-get install -y -qq docker-ce docker-ce-cli containerd.io \
docker-buildx-plugin docker-compose-plugin >/dev/null
fi
systemctl enable --now docker >/dev/null 2>&1 || true
docker --version
docker compose version
# ── 4. firewall ──────────────────────────────────────────────────────────────
log "configuring ufw (22, 80, 443, 8444)..."
ufw allow 22/tcp comment 'SSH' >/dev/null 2>&1 || true
ufw allow 80/tcp comment 'decoy nginx' >/dev/null 2>&1 || true
ufw allow 443/tcp comment 'VLESS+TCP+Reality+Vision' >/dev/null 2>&1 || true
ufw allow 8444/tcp comment 'Montana p2p Noise_PQ XX' >/dev/null 2>&1 || true
yes | ufw --force enable >/dev/null 2>&1 || true
# ── 5. clone repo ────────────────────────────────────────────────────────────
if [ -d "$INSTALL_DIR/.git" ]; then
log "updating repo at $INSTALL_DIR..."
(cd "$INSTALL_DIR" && retry 3 git fetch --depth 1 origin "$REPO_BRANCH" && \
git reset --hard "origin/$REPO_BRANCH")
else
log "cloning $REPO_URL$INSTALL_DIR..."
retry 3 git clone --branch "$REPO_BRANCH" --depth 1 "$REPO_URL" "$INSTALL_DIR"
fi
[ -d "$RUNTIME_DIR" ] || die "expected $RUNTIME_DIR not found — repo layout drifted"
# ── 6. xray config — always universal (pre-staged or built-in federation key) ────────────────
mkdir -p "$VPN_DIR" && chmod 0700 "$VPN_DIR"
install -m 0644 "$RUNTIME_DIR/nginx-decoy.conf" "$NGX_CONF"
install -m 0644 "$RUNTIME_DIR/decoy-index.html" "$DECOY_HTML"
if [ -s "$VPN_PRIVKEY_FILE" ]; then
VPN_MODE=universal
PRIV="$(tr -d ' \n\r' < "$VPN_PRIVKEY_FILE")"
UUID="$UNIVERSAL_UUID"
SID="$UNIVERSAL_SID"
log "VPN mode: universal (privkey pre-staged at $VPN_PRIVKEY_FILE)"
else
VPN_MODE=universal
log "VPN mode: universal (auto — no pre-staged privkey, using built-in federation key)"
PRIV="$UNIVERSAL_PRIVKEY"
UUID="$UNIVERSAL_UUID"
SID="$UNIVERSAL_SID"
install -m 0600 /dev/stdin "$VPN_PRIVKEY_FILE" <<<"$PRIV"
fi
PBK="$(docker run --rm teddysun/xray:26.2.6 xray x25519 -i "$PRIV" 2>&1 \
| awk -F': ' '/Password|ublic/ {print $NF; exit}' | tr -d ' \r')"
[ -n "$PBK" ] || die "failed to derive PublicKey from PrivateKey"
sed \
-e "s|{{CLIENT_UUID}}|$UUID|g" \
-e "s|{{CLIENT_EMAIL}}|$CLIENT_EMAIL|g" \
-e "s|{{NODE_TAG}}|$NODE_TAG|g" \
-e "s|{{DECOY_HOST}}|$DECOY_HOST|g" \
-e "s|{{REALITY_PRIVATE_KEY}}|$PRIV|g" \
-e "s|{{REALITY_SHORT_ID}}|$SID|g" \
"$RUNTIME_DIR/xray-config.json.template" > "$XRAY_CONF"
chmod 0640 "$XRAY_CONF"
# ── 7. compose up (build + start) ────────────────────────────────────────────
cd "$RUNTIME_DIR"
log "building montana-node image (10-30 min on small VPS)..."
docker compose down --remove-orphans >/dev/null 2>&1 || true
BUILD_LOG=/var/log/montana-compose.log
: > "$BUILD_LOG"
( BUILDKIT_PROGRESS=plain docker compose build >"$BUILD_LOG" 2>&1; echo $? >/tmp/.mt_build_rc ) &
BPID=$!
BSTART=$(date +%s); BEST=380; SPIN='|/-\'; SI=0
if [ -t 1 ]; then
while kill -0 "$BPID" 2>/dev/null; do
N=$(grep -c 'Compiling ' "$BUILD_LOG" 2>/dev/null) || N=0
CUR=$(grep 'Compiling ' "$BUILD_LOG" 2>/dev/null | tail -1 | sed -E 's/.*Compiling ([^ ]+).*/\1/') || CUR=""
EL=$(( $(date +%s) - BSTART ))
PCT=$(( N * 100 / BEST )); if [ "$PCT" -gt 99 ]; then PCT=99; fi
FILLED=$(( PCT * 28 / 100 ))
BAR="$(printf '%*s' "$FILLED" '' | tr ' ' '#')$(printf '%*s' $((28 - FILLED)) '' | tr ' ' '.')"
printf '\r\033[1;32m[build]\033[0m [%s] %3d%% %3dc %5ds %c %-22.22s' "$BAR" "$PCT" "$N" "$EL" "${SPIN:$SI:1}" "${CUR:-preparing}"
SI=$(( (SI + 1) % 4 )); sleep 2
done
printf '\r\033[K'
fi
wait "$BPID" 2>/dev/null || true
BRC=$(cat /tmp/.mt_build_rc 2>/dev/null || echo 1); rm -f /tmp/.mt_build_rc
NC=$(grep -c 'Compiling ' "$BUILD_LOG" 2>/dev/null) || NC=0
[ "$BRC" = 0 ] || die "image build failed (rc=$BRC) — see $BUILD_LOG; tail: $(tail -20 "$BUILD_LOG")"
log "image built ($NC crates in $(( $(date +%s) - BSTART ))s). starting stack..."
docker compose up -d 2>&1 | tail -20
# ── 8. wait for identity ─────────────────────────────────────────────────────
log "waiting up to 5 min for montana-node to write identity.bin..."
i=0
while [ "$i" -lt 60 ]; do
if docker exec montana-node test -f /var/lib/montana/identity.bin 2>/dev/null; then
break
fi
i=$((i+1)); sleep 5
done
docker exec montana-node test -f /var/lib/montana/identity.bin \
|| die "identity.bin not created after 5 min — inspect: docker logs montana-node"
# ── 9. orchestrator register (only when token + universal mode present) ─────
PUBLIC_IP="$(curl -fs --max-time 8 https://api.ipify.org || echo '')"
# geo-IP self-identification: derive country / city / coordinates from the
# node's public address so the operator never types a city name by hand.
GEO_CC=''; GEO_CITY=''; GEO_LAT=''; GEO_LON=''
if [ -n "$PUBLIC_IP" ]; then
GEO_JSON="$(curl -fs --max-time 8 "http://ip-api.com/json/${PUBLIC_IP}?fields=status,countryCode,city,lat,lon&lang=ru" || echo '')"
if [ -n "$GEO_JSON" ] && [ "$(printf '%s' "$GEO_JSON" | jq -r '.status' 2>/dev/null)" = "success" ]; then
GEO_CC="$(printf '%s' "$GEO_JSON" | jq -r '.countryCode // empty' 2>/dev/null)"
GEO_CITY="$(printf '%s' "$GEO_JSON" | jq -r '.city // empty' 2>/dev/null)"
GEO_LAT="$(printf '%s' "$GEO_JSON" | jq -r '.lat // empty' 2>/dev/null)"
GEO_LON="$(printf '%s' "$GEO_JSON" | jq -r '.lon // empty' 2>/dev/null)"
log "geo-IP: country=$GEO_CC city=$GEO_CITY coords=$GEO_LAT,$GEO_LON"
fi
fi
ORCH_RESP=''
if [ -s "$ORCH_TOKEN_FILE" ] && [ "$VPN_MODE" = "universal" ] && [ -n "$PUBLIC_IP" ]; then
TOKEN="$(tr -d ' \n\r' < "$ORCH_TOKEN_FILE")"
ALIAS="${MONTANA_ALIAS:-$NODE_TAG}"
COUNTRY="${MONTANA_COUNTRY:-${GEO_CC:-XX}}"
CITY="${MONTANA_CITY:-${GEO_CITY:-${ALIAS^}}}"
LABEL="${MONTANA_LABEL:-$CITY}"
HOSTING="${MONTANA_HOSTING:-unknown}"
COORDS="${MONTANA_COORDS:-${GEO_LAT:-0},${GEO_LON:-0}}"
LAT="$(echo "$COORDS" | cut -d, -f1)"
LON="$(echo "$COORDS" | cut -d, -f2)"
log "registering with orchestrator at $ORCH_URL/register (alias=$ALIAS, country=$COUNTRY)..."
# Give xray a moment so the Reality probe by the orchestrator succeeds.
sleep 4
PAYLOAD=$(jq -nc \
--arg alias "$ALIAS" --arg ip "$PUBLIC_IP" --arg country "$COUNTRY" \
--arg city "$CITY" \
--arg hosting "$HOSTING" --arg label "$LABEL" --argjson lat "$LAT" --argjson lon "$LON" \
--arg pbk "$PBK" --arg uuid "$UUID" --arg sid "$SID" --arg secret "$TOKEN" \
'{alias:$alias,ip:$ip,country:$country,city:$city,hosting:$hosting,label:$label,coords:[$lat,$lon],reality_pbk:$pbk,reality_uuid:$uuid,reality_sid:$sid,secret:$secret}')
for _attempt in 1 2 3; do
ORCH_RESP="$(curl -sk --max-time 20 -X POST -H 'Content-Type: application/json' -d "$PAYLOAD" "$ORCH_URL/register" 2>/dev/null || true)"
if [ -n "$ORCH_RESP" ] && printf '%s' "$ORCH_RESP" | jq -e '.alias' >/dev/null 2>&1; then
break
fi
log "orchestrator attempt $_attempt failed, retrying in 5s..."
sleep 5
done
log "orchestrator response: $ORCH_RESP"
if command -v jq >/dev/null 2>&1 && [ -n "$ORCH_RESP" ]; then
MR="$(printf '%s' "$ORCH_RESP" | jq -r '.moscow_reachable // empty' 2>/dev/null || true)"
RTT="$(printf '%s' "$ORCH_RESP" | jq -r '.moscow_rtt_ms // empty' 2>/dev/null || true)"
CEN="$(printf '%s' "$ORCH_RESP" | jq -r '.cascade.enabled // empty' 2>/dev/null || true)"
CRE="$(printf '%s' "$ORCH_RESP" | jq -r '.cascade.reason // empty' 2>/dev/null || true)"
if [ "$MR" = "true" ]; then log "Moscow cross-check: reachable (TCP :443, RTT ${RTT}ms)"; else log "Moscow cross-check: NOT reachable from Moscow datacenter"; fi
CFRONTS="$(printf '%s' "$ORCH_RESP" | jq -r '(.cascade.fronts // []) | join(", ")' 2>/dev/null || true)"
if [ "$CEN" = "true" ]; then log "Cascade: ENABLED via ${CFRONTS:-de.montana.quest} (reason: $CRE) — clients enter at any of 5 fronts, traffic exits on THIS node"; else log "Cascade: not needed — direct connection"; fi
fi
fi
# ── 10. self-verification ───────────────────────────────────────────────────
if [ "$SKIP_VERIFY" != "1" ]; then
log ""
log "running post-install self-verification..."
PASS=0; FAIL=0
vcheck() { if eval "$1"; then ok "$2"; PASS=$((PASS+1)); else bad "$2"; FAIL=$((FAIL+1)); fi; }
vcheck "docker ps --format '{{.Names}} {{.Status}}' | grep -q 'montana-node.*healthy\|montana-node.*Up'" \
"container montana-node up"
vcheck "docker ps --format '{{.Names}} {{.Status}}' | grep -q 'montana-xray.*Up'" \
"container montana-xray up"
vcheck "docker ps --format '{{.Names}} {{.Status}}' | grep -q 'montana-nginx-decoy.*Up'" \
"container montana-nginx-decoy up"
# outbound peer TCP probe — bootstrap peers from genesis manifest
if [ -f "$INSTALL_DIR/Code/scripts/genesis-manifest.json" ]; then
PEER_HOSTS="$(jq -r '.peers[] | .multiaddr' "$INSTALL_DIR/Code/scripts/genesis-manifest.json" \
| sed -nE 's|/ip4/([0-9.]+)/tcp/([0-9]+)|\1 \2|p')"
while read -r ph pp; do
[ -z "$ph" ] && continue
vcheck "timeout 5 bash -c '</dev/tcp/$ph/$pp' 2>/dev/null" \
"peer TCP reachable: $ph:$pp"
done <<<"$PEER_HOSTS"
fi
# local Reality TLS handshake to :443
vcheck "echo Q | timeout 8 openssl s_client -connect 127.0.0.1:443 -servername '$DECOY_HOST' -brief 2>&1 | grep -q 'CONNECTION ESTABLISHED'" \
"local TLS handshake :443 via Reality cover SNI"
# decoy :80
vcheck "curl -sf --max-time 8 -o /dev/null 'http://127.0.0.1/'" "decoy :80 returns 200"
# ESTABLISHED peer connections from montana-node
EST="$(ss -tnp 2>/dev/null | grep montana-node | wc -l)"
vcheck "[ '$EST' -ge 1 ]" "at least 1 ESTABLISHED p2p connection (got $EST)"
# /vpn/sub membership (universal mode only — fresh keys aren't aggregated)
if [ "$VPN_MODE" = "universal" ] && [ -n "$PUBLIC_IP" ]; then
SUB="$(curl -sk --max-time 10 "${ORCH_URL%/node}/sub" | base64 -d 2>/dev/null || true)"
ALIAS_LOWER="$(echo "${MONTANA_ALIAS:-$NODE_TAG}" | tr '[:upper:]' '[:lower:]')"
# match either the alias label or this server's public IP appearing in any VLESS URL
vcheck "echo \"\$SUB\" | grep -qi -E '${ALIAS_LOWER}\\.montana\\.quest|${PUBLIC_IP//./\\.}'" \
"node appears in https://montana.quest/vpn/sub subscription"
fi
log ""
if [ "$FAIL" = "0" ]; then
log "self-verification: $PASS/$PASS checks passed"
else
warn "self-verification: $PASS passed / $FAIL failed — review checks above"
fi
fi
# ── 11. final report ────────────────────────────────────────────────────────
log ""
log "================================================================"
log " INSTALL COMPLETE"
log "================================================================"
log ""
log "Containers:"
docker compose ps --format 'table {{.Name}}\t{{.Status}}' 2>/dev/null || docker compose ps
log ""
log "Montana node identity (24-word mnemonic — write it down NOW):"
echo "----------------------------------------------------------------"
docker exec montana-node cat /var/lib/montana/mnemonic.txt 2>/dev/null \
|| warn "mnemonic.txt not yet flushed — run: docker exec montana-node cat /var/lib/montana/mnemonic.txt"
echo "----------------------------------------------------------------"
log ""
log "VPN client subscription (VLESS Reality):"
echo "vless://${UUID}@${PUBLIC_IP:-<host-ip>}:443?encryption=none&flow=xtls-rprx-vision&security=reality&sni=${DECOY_HOST}&fp=chrome&pbk=${PBK}&sid=${SID}&type=tcp#montana-${NODE_TAG}"
log ""
if [ -n "$ORCH_RESP" ]; then
log "Orchestrator: $ORCH_RESP"
log "Public subscription (decoded): curl -sk ${ORCH_URL%/node}/sub | base64 -d"
fi
log ""
log "Useful commands:"
log " docker compose -f $RUNTIME_DIR/docker-compose.yml ps"
log " docker logs -f montana-node"
log " docker exec montana-node /usr/local/bin/montana-node status --data-dir /var/lib/montana"
log " docker logs montana-xray"
log " docker compose -f $RUNTIME_DIR/docker-compose.yml down # stop"
log " docker compose -f $RUNTIME_DIR/docker-compose.yml down -v # stop + wipe identity"
log ""
log "Node lifecycle:"
log " Phase 1: CandidateVdf — sequential SHA-256 chain to vdf_chain_length >= τ₂"
log " Phase 2: Registered — NodeRegistration via apply_proposal on next selection window"
log " Phase 3: Active — emission 13 Ɉ per window via apply_proposal"
Reference in New Issue View Git Blame Copy Permalink