OpenWare OPEX

rk_logo

Applogic installation

Generate deployment files

Generate the chart and the configuration files with the following command:

./bin/opex generate applogic --env *env_name*

This will produce:

  • config/environments/*env_name*/applogic.yml - AppLogic configuration for the environment
  • config/environments/*env_name*/keys/applogic.key - RSA private key used by Applogic
  • config/charts/applogic - AppLogic Helm chart

Deploy the application

Fill the applogic.yml file with correct values (RabbitMQ password etc.) and run:

./bin/opex install applogic --env *env_name*

It will deploy the application with the environment configuration using helm.

Troubleshooting

Withdrawals requests fails

Applogic returns HTTP code 401

If the following exception is raised from AppLogic:

JWT::VerificationError: Signature verification raised

The 401 error is most likely raised because the public key passed to Applogic doesn't match Barong's private key, thus resulting in JWT not being created properly.

To verify that the keys are correct, just create a public key out of the Barong private key and compare it with the Applogic's one:

ruby -e "require 'openssl'; puts (OpenSSL::PKey::RSA.new(File.read('config/environments/*env_name*/keys/barong.key')).public_key.to_pem)"

After the keys are matching, JWT should be working properly and you would no longer get this exception.

Applogic returns HTTP code 500

If the following exception is raised from AppLogic:

FATAL -- : [689aab94-4e9f-435f-a71d-ead8d5e866b8] Faraday::Error (-- HTTP 401 Unauthorized --\n\n-- Request URL --\nhttps://platform.dev.peatio.tech/management_api/v1/withdraws/new
...

Make sure that Applogic keys for Barong and Peatio management APIs are correct.

To retrieve the public RSA key out of Base64-encoded private keys, run the following:

  ruby -e "require 'openssl'; require 'base64'; puts Base64.urlsafe_encode64(OpenSSL::PKey::RSA.new(File.read('*path_to_key*'), '').public_key.to_pem)"

Applogic private keys for Barong and Peatio management APIs are located in config/environments/*env_name*/applogic.yml in the management_api_v1_yml field:

management_api_v1_yml:
  barong:
    actions:
      otp_sign:
        required_signatures:
        - applogic
        requires_barong_totp: false
    jwt: {}
    keychain:
      applogic:
        algorithm: RS256
        value: *Base64-encoded RSA private key*
  peatio:
    actions:
      write_withdraws:
        required_signatures:
        - applogic
        requires_barong_totp: true
    jwt: {}
    keychain:
      applogic:
        algorithm: RS256
        value: *Base64-encoded RSA private key*

To verify that all the public keys are correct, compare public keys taken from Applogic keychain private keys with the ones listed in Peatio and Barong keychains.

For Peatio:

management_api_v1_yml:
  keychain:
    toolbox:
      algorithm: RS256
      value: *Base64-encoded RSA public key of toolbox*
    applogic:
      algorithm: RS256
      value: *Base64-encoded RSA public key of Applogic*
    barong:
      algorithm: RS256
      value: *Base64-encoded RSA public key of Barong*
  jwt: {}
  scopes:
    write_withdraws:
      permitted_signers: ['applogic', 'barong']
      mandatory_signers: ['applogic', 'barong']

For Barong:

management_api_v1_yml:
  keychain:
    applogic:
      algorithm: RS256
      value: *Base64-encoded RSA public key of Applogic*
  scopes:
    otp_sign:
      mandatory_signers:
        - applogic
      permitted_signers:
        - applogic

After all the RSA keys are correct, all the Applogic-related actions should work seamlessly.