mirror of
https://github.com/rcourtman/Pulse.git
synced 2026-02-18 00:17:39 +01:00
c3deb6170e
CRITICAL FIX: Prevents nodes.enc configuration from being permanently lost when decryption fails due to encryption key regeneration or corruption. Root Cause Analysis: 1. If .encryption.key is deleted/regenerated, existing .enc files become unreadable 2. Previous code would fail to decrypt, try backup (also fails), then return error 3. This left NO nodes.enc file on disk 4. Next startup would see no .enc files and happily generate a new encryption key 5. User's node configuration was permanently lost Changes Made: 1. **persistence.go (lines 600-645)**: When decryption fails for BOTH main file and backup, instead of returning error and leaving no file: - Log CRITICAL error with clear message about encryption key issue - Move corrupted file to timestamped .corrupted file for forensics - Create EMPTY but VALID encrypted nodes.enc file - Return empty config so system can start - This prevents encryption key regeneration on next startup 2. **crypto.go (lines 93-121)**: Enhanced encryption key generation checks: - Now checks for nodes.enc* (including .backup, .corrupted files) - Uses glob patterns to find ANY encrypted file remnants - Refuses to generate new key if ANY .enc* files exist - Provides clear error message listing all found files - Forces manual intervention before allowing key regeneration Benefits: - System can still start even if decryption fails - Corrupted files are preserved with timestamps for forensic analysis - Encryption key cannot be silently regenerated if ANY encrypted data exists - Clear, prominent error logging helps diagnose the root cause - User is forced to manually address the issue rather than silently losing data This should prevent the recurring issue where node configurations mysteriously disappear, requiring manual reconfiguration through the UI.