Update deployment scripts to use Keystore and deprecate Keyring.

deploy/ansible/felix/initialize_felix.yml

@@ -67,7 +67,7 @@
       become_flags: "-H -S"
       shell: "{{ nucypher_exec }} felix init --geth --network {{ network }}"
       environment:
-        NUCYPHER_KEYRING_PASSWORD: "{{ lookup('env', 'NUCYPHER_FELIX_KEYRING_PASSWORD') }}"
+        NUCYPHER_KEYSTORE_PASSWORD: "{{ lookup('env', 'NUCYPHER_FELIX_KEYSTORE_PASSWORD') }}"
         LC_ALL: en_US.UTF-8
         LANG: en_US.UTF-8
       vars:
@@ -87,7 +87,7 @@
       become_flags: "-H -S"
       shell: "{{ nucypher_exec }} felix createdb --geth --network {{ network }}"
       environment:
-        NUCYPHER_KEYRING_PASSWORD: "{{ lookup('env', 'NUCYPHER_FELIX_KEYRING_PASSWORD') }}"
+        NUCYPHER_KEYSTORE_PASSWORD: "{{ lookup('env', 'NUCYPHER_FELIX_KEYSTORE_PASSWORD') }}"
         NUCYPHER_FELIX_DB_SECRET: "{{ lookup('env', 'NUCYPHER_FELIX_DB_SECRET') }}"
         LC_ALL: en_US.UTF-8
         LANG: en_US.UTF-8
@@ -111,7 +111,7 @@
         dest: /etc/systemd/system/felix_faucet.service
         mode: 0755
       vars:
-        keyring_password: "{{ lookup('env', 'NUCYPHER_FELIX_KEYRING_PASSWORD') }}"
+        keystore_password: "{{ lookup('env', 'NUCYPHER_FELIX_KEYSTORE_PASSWORD') }}"
         db_secret: "{{ lookup('env', 'NUCYPHER_FELIX_DB_SECRET') }}"
         virtualenv_path: '/home/ubuntu/venv'
         nucypher_network_domain: "{{ lookup('env', 'NUCYPHER_NETWORK_NAME') }}"

deploy/ansible/felix/launch_felix.yml

@@ -27,7 +27,7 @@
         dest: /etc/systemd/system/felix_faucet.service
         mode: 0755
       vars:
-        keyring_password: "{{ lookup('env', 'NUCYPHER_FELIX_KEYRING_PASSWORD') }}"
+        keystore_password: "{{ lookup('env', 'NUCYPHER_FELIX_KEYSTORE_PASSWORD') }}"
         db_secret: "{{ lookup('env', 'NUCYPHER_FELIX_DB_SECRET') }}"
         virtualenv_path: '/home/ubuntu/venv'
         nucypher_network_domain: "{{ lookup('env', 'NUCYPHER_NETWORK_NAME') }}"

deploy/ansible/ursulas/run_seednodes.yml

@@ -57,7 +57,7 @@
       args:
         chdir: ./code
       environment:
-        NUCYPHER_KEYRING_PASSWORD: "{{ ursula_password.stdout }}"
+        NUCYPHER_KEYSTORE_PASSWORD: "{{ ursula_password.stdout }}"
         LC_ALL: en_US.UTF-8
         LANG: en_US.UTF-8
       ignore_errors: yes

deploy/ansible/worker/include/backup_ursula_data.yml

@@ -9,17 +9,11 @@
         paths: "{{geth_dir}}keystore"
       register: keystore_files
 
-    - name: find Ursula private keyring files
+    - name: find Ursula keystore
       become: yes
       find:
-        paths: /home/nucypher/nucypher/keyring/private
-      register: private_keyrings
-
-    - name: find Ursula public keyring files
-      become: yes
-      find:
-        paths: /home/nucypher/nucypher/keyring/public
-      register: public_keyrings
+        paths: /home/nucypher/nucypher/keystore/
+      register: keystore
 
     - name: find Ursula database files
       find:
@@ -44,21 +38,13 @@
         - "/home/nucypher/nucypher/ursula.json"
         - "{{geth_dir}}account.txt"
 
-    - name: "Backup Public Keyrings locally to: {{deployer_config_path}}/remote_worker_backups/"
+    - name: "Backup NuCypher Keystores locally to: {{deployer_config_path}}/remote_worker_backups/"
       become: yes
       # become_user: nucypher
       fetch:
         src: "{{item.path}}"
         dest: "{{deployer_config_path}}/remote_worker_backups/"
-      with_items: "{{public_keyrings.files}}"
-
-    - name: "Backup Private Keyrings locally to: {{deployer_config_path}}/remote_worker_backups/"
-      become: yes
-      # become_user: nucypher
-      fetch:
-        src: "{{item.path}}"
-        dest: "{{deployer_config_path}}/remote_worker_backups/"
-      with_items: "{{private_keyrings.files}}"
+      with_items: "{{keystore.files}}"
 
     - name: "Backup ursula.db to: {{deployer_config_path}}/remote_worker_backups/"
       become: yes

deploy/ansible/worker/include/init_ursula.yml

@@ -70,6 +70,6 @@
       become: yes
       become_user: nucypher
       when: ursula_check.stat.exists == False
-      command: "docker run -v /home/nucypher:/root/.local/share/ -e NUCYPHER_KEYRING_PASSWORD -it {{ nucypher_image | default('nucypher/nucypher:latest') }} nucypher ursula init --provider {{ blockchain_provider }} --worker-address {{active_account.stdout}} --rest-host {{ip_response.content}} --network {{network_name}} {{nucypher_ursula_init_options | default('')}} {{signer_options}}"
+      command: "docker run -v /home/nucypher:/root/.local/share/ -e NUCYPHER_KEYSTORE_PASSWORD -it {{ nucypher_image | default('nucypher/nucypher:latest') }} nucypher ursula init --provider {{ blockchain_provider }} --worker-address {{active_account.stdout}} --rest-host {{ip_response.content}} --network {{network_name}} {{nucypher_ursula_init_options | default('')}} {{signer_options}}"
       environment:
-        NUCYPHER_KEYRING_PASSWORD: "{{runtime_envvars['NUCYPHER_KEYRING_PASSWORD']}}"
+        NUCYPHER_KEYSTORE_PASSWORD: "{{runtime_envvars['NUCYPHER_KEYSTORE_PASSWORD']}}"

deploy/ansible/worker/include/run_ursula.yml

@@ -51,7 +51,7 @@
     - name: "update Ursula worker config"
       become: yes
       become_user: nucypher
-      command: "docker run -v /home/nucypher:/root/.local/share/ -e NUCYPHER_KEYRING_PASSWORD -it {{ nucypher_image | default('nucypher/nucypher:latest') }}  nucypher ursula config --provider {{ blockchain_provider }} --worker-address {{active_account.stdout}} --rest-host {{ip_response.content}} --network {{network_name}} {{nucypher_ursula_init_options | default('')}} {{signer_options}} --config-file /root/.local/share/nucypher/ursula.json"
+      command: "docker run -v /home/nucypher:/root/.local/share/ -e NUCYPHER_KEYSTORE_PASSWORD -it {{ nucypher_image | default('nucypher/nucypher:latest') }}  nucypher ursula config --provider {{ blockchain_provider }} --worker-address {{active_account.stdout}} --rest-host {{ip_response.content}} --network {{network_name}} {{nucypher_ursula_init_options | default('')}} {{signer_options}} --config-file /root/.local/share/nucypher/ursula.json"
       environment: "{{runtime_envvars}}"
 
     - name: "Backup Worker Nucypher Keystore locally to: {{deployer_config_path}}/remote_worker_backups/"
@@ -129,7 +129,7 @@
         msg:
           "{{ursula_logs['stdout']}}"
 
-    - name: "Wait until we see that Ursula has decrypted her keyring and gotten started"
+    - name: "Wait until we see that Ursula has decrypted her keystore and gotten started"
       become: yes
       ignore_errors: yes
       wait_for:

deploy/ansible/worker/inventory.yml

@@ -59,7 +59,7 @@ all:
             ansible_python_interpreter: /usr/bin/python3
 
             # these can be overridden at the instance level if desired
-            NUCYPHER_KEYRING_PASSWORD: xxxxxxxxxxxxxxxxxxxxxxxpanda
+            NUCYPHER_KEYSTORE_PASSWORD: xxxxxxxxxxxxxxxxxxxxxxxpanda
             NUCYPHER_WORKER_ETH_PASSWORD: yyyyyyyyyyyyyyyyyyyystainpants
             #nucypher_ursula_run_options: "--debug"
             #nucypher_ursula_init_options: "--debug"

deploy/ansible/worker/restore_ursula_from_backup.yml

@@ -16,7 +16,7 @@
       with_items:
         - "{{geth_dir}}keystore"
         - /home/nucypher/nucypher/ursula.db
-        - /home/nucypher/nucypher/keyring/
+        - /home/nucypher/nucypher/keystore/
         - "{{geth_dir}}account.txt"
         - home/nucypher/nucypher/ursula.json
 
@@ -28,8 +28,7 @@
       with_items:
         - "{{geth_dir}}keystore"
         - /home/nucypher/nucypher/ursula.db
-        - /home/nucypher/nucypher/keyring/private
-        - /home/nucypher/nucypher/keyring/public
+        - /home/nucypher/nucypher/keystore
 
     - name: Restore Geth Keystore
       become: yes
@@ -41,25 +40,15 @@
       with_fileglob:
         - "{{restore_path}}{{geth_dir}}keystore/*"
 
-    - name: Restore private keyring
+    - name: Restore keystore
       become: yes
       copy:
         src: "{{ item }}"
-        dest: /home/nucypher/nucypher/keyring/private/
+        dest: /home/nucypher/nucypher/keystore
         owner: "nucypher"
         mode: 0600
       with_fileglob:
-        - "{{restore_path}}/home/nucypher/nucypher/keyring/private/*"
-
-    - name: Restore public keyring
-      become: yes
-      copy:
-        src: "{{ item }}"
-        dest: /home/nucypher/nucypher/keyring/public/
-        owner: "nucypher"
-        mode: 0600
-      with_fileglob:
-        - "{{restore_path}}/home/nucypher/nucypher/keyring/public/*"
+        - "{{restore_path}}/home/nucypher/nucypher/keystore/*"
 
     - name: Restore Ursula database files
       become: yes

deploy/services/felix_faucet.j2

@@ -4,7 +4,7 @@ Description="Run 'Felix', A NuCypher Test-ERC20 Faucet."
 [Service]
 User=root
 Type=simple
-Environment="NUCYPHER_KEYRING_PASSWORD={{ keyring_password }}"
+Environment="NUCYPHER_KEYSTORE_PASSWORD={{ keystore_password }}"
 Environment="NUCYPHER_FELIX_DB_SECRET={{ db_secret }}"
 ExecStart={{ virtualenv_path }}/bin/nucypher felix run --debug --network {{ nucypher_network_domain }} --geth
 

deploy/services/firstula_node.j2

@@ -4,7 +4,7 @@ Description="Run 'Lonely Ursula' -  The Original Network Node."
 [Service]
 User=ubuntu
 Type=simple
-Environment="NUCYPHER_KEYRING_PASSWORD={{ ursula_password.stdout }}"
+Environment="NUCYPHER_KEYSTORE_PASSWORD={{ ursula_password.stdout }}"
 ExecStart={{ virtualenv_path }}/bin/nucypher ursula run --debug --lonely --network {{ nucypher_network_domain }}
 
 [Install]

deploy/services/ursula_node.j2

@@ -4,7 +4,7 @@ Description="Run 'Ursula', A NuCypher Staking Node."
 [Service]
 User=ubuntu
 Type=simple
-Environment="NUCYPHER_KEYRING_PASSWORD={{ursula_password.stdout}}"
+Environment="NUCYPHER_KEYSTORE_PASSWORD={{ursula_password.stdout}}"
 ExecStart={{ virtualenv_path }}/bin/nucypher ursula run --debug --network {{ nucypher_network_domain }} --federated-only --teacher {{ seed_node_metadata.checksum_address }}@https://{{ seed_node_metadata.rest_host }}:{{seed_node_metadata.rest_port}}
 
 [Install]