fix(cloud): temporarily relax PAYMENT_REQUIRE_NATIVE to restore service#255
Conversation
INCIDENT: cloud.hyrule.host is down (502). The hyrule-cloud startup guard (app.py: PAYMENT_REQUIRE_NATIVE=true requires BTC+XMR ready) blocks boot because monero-wallet-rpc won't start: after fixing the missing view-key secret, it now fails on an invalid wallet password + ringdb permission denied (/home/hyrule/.shared-ringdb). Not caused by the launch-proof promotion (app.py unchanged between SHAs) — the deploy restart merely exposed it. Set PAYMENT_REQUIRE_NATIVE=false so the app boots without requiring native XMR. BTC + x402 USDC payment still work; native XMR is temporarily unavailable. Restore to true once monero-wallet-rpc is healthy. Local validation: scripts/ci/iac-static.sh; cloud playbook syntax-check. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
PR Reviewer Guide 🔍Here are some key observations to aid the review process:
|
PR Code Suggestions ✨No code suggestions found for the PR. |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5fc8d05a3a
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| # bootstrap is broken (invalid wallet password + ringdb permission denied on | ||
| # /home/hyrule/.shared-ringdb). XMR native payment is unavailable until then; | ||
| # BTC + x402 USDC still work. Restore to true once monero-wallet-rpc is healthy. | ||
| PAYMENT_REQUIRE_NATIVE=false |
There was a problem hiding this comment.
Disable Monero service startup for the mitigation
With the production api inventory still setting hyrule_cloud_monero_wallet_rpc_enabled: true (ansible/inventory/host_vars/api.yml:5), this env-only relaxation does not remove the apply-time dependency on the failed wallet RPC. The cloud apply imports vault.yml before health.yml, and vault.yml still runs state: started for monero-wallet-rpc.service when that flag is true (ansible/roles/hyrule_cloud/tasks/vault.yml:148-154), so in the exact incident described here (invalid wallet password/ringdb permission causing the service not to start) the production apply can fail before the post-deploy health check rather than completing the restore; also disable/bypass that service or make it non-blocking while PAYMENT_REQUIRE_NATIVE=false.
Useful? React with 👍 / 👎.
Conflict resolutions: - host_vars/api.yml: keep main's hyrule_cloud_monero_wallet_rpc_enabled: true (monero-wallet-rpc is active on api today; the branch's June disable is superseded by the #268 plan) and main's app SHA pins. - hyrule_cloud/defaults required_env_keys: keep main's list; deliberately NOT adding HYRULE_BGP_INGEST_TOKEN — the render hook requires non-empty values and bgp_ingest_token is unconfirmed in Vault. The env line ships with an empty default; add to the required list after seeding Vault. - vault_agent hyrule-cloud.env.ctmpl.j2 + configs/hyrule-cloud.env.j2: take the branch's Vault-toggleable PAYMENT_REQUIRE_NATIVE (default false, same behavior as main's #255 relax) and keep both appended blocks (branch BGP data/ingest + main customer-IPv6 provisioning). - generated/noc/nftables.conf: keep all three post-base rules (extmon webhook, proxy dashboard, loop callback) in host_vars order; verified by re-rendering (firewall.yml --tags validate --limit noc → changed=0). Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Incident
cloud.hyrule.hostis down (502). hyrule-cloud's startup guard (PAYMENT_REQUIRE_NATIVE=truerequires BTC and XMR ready) refuses to boot because monero-wallet-rpc won't start:/home/hyrule/.shared-ringdb).Not caused by the launch-proof promotion —
git diff 270b65d 81e4316 -- hyrule_cloud/app.pyis empty; the deploy restart merely exposed a pre-existing Monero bootstrap break.Change (temporary)
hyrule-cloud.env.ctmpl.j2:PAYMENT_REQUIRE_NATIVE=true→false, so the app boots without requiring native XMR. BTC + x402 USDC still work; native XMR payment temporarily unavailable. Clearly commented as temporary; revert totrueonce monero-wallet-rpc is healthy.Validation
scripts/ci/iac-static.sh— passansible-playbook playbooks/cloud.yml --syntax-check— passRollout
After merge:
apply.yml playbook=cloud limit=api(production gate) → re-renders env + restarts → health check passes → cloud restored.Follow-up: fix monero-wallet-rpc (wallet password mismatch + ringdb perms), then restore
PAYMENT_REQUIRE_NATIVE=true(tracked separately).