save checkpoint: save features

2026-02-12 10:27:23 +02:00
parent dca86e1248
commit 5bca406787
8837 changed files with 1796879 additions and 5294 deletions
--- a/devops/compose/docker-compose.sm-remote.yml
+++ b/devops/compose/docker-compose.sm-remote.yml
@@ -5,18 +5,15 @@
 # Provides SM2/SM3/SM4 (ShangMi) cryptographic operations via software provider
 # or integration with OSCCA-certified hardware security modules.
 #
-# Usage (MUST be combined with stella-ops AND compliance-china):
+# Usage (standalone SM Remote service):
+#   docker compose -f docker-compose.sm-remote.yml up -d
+#
+# Optional overlay usage with full platform:
 #   docker compose \
 #     -f docker-compose.stella-ops.yml \
 #     -f docker-compose.compliance-china.yml \
 #     -f docker-compose.sm-remote.yml up -d
 #
-# For development/testing without SM hardware, use crypto-sim.yml instead:
-#   docker compose \
-#     -f docker-compose.stella-ops.yml \
-#     -f docker-compose.compliance-china.yml \
-#     -f docker-compose.crypto-sim.yml up -d
-#
 # SM Algorithms Provided:
 # - SM2: Public key cryptography (ECDSA-like, 256-bit curve) - GM/T 0003-2012
 # - SM3: Cryptographic hash function (256-bit output) - GM/T 0004-2012
@@ -40,15 +37,8 @@ x-sm-remote-labels: &sm-remote-labels
  com.stellaops.crypto.profile: "china"
  com.stellaops.crypto.jurisdiction: "china"

-x-sm-remote-env: &sm-remote-env
-  STELLAOPS_CRYPTO_PROVIDERS: "cn.sm.soft,cn.sm.remote.http"
-  STELLAOPS_CRYPTO_SM_REMOTE_URL: "http://sm-remote:56080"
-  STELLAOPS_CRYPTO_SM_ENABLED: "true"
-  SM_SOFT_ALLOWED: "1"
-
 networks:
  stellaops:
-    external: true
    name: stellaops

 services:
@@ -90,64 +80,6 @@ services:
      start_period: 15s
    labels: *sm-remote-labels

-  # ---------------------------------------------------------------------------
-  # Override services to use SM Remote
-  # ---------------------------------------------------------------------------
-
-  # Authority - Use SM Remote for SM2 signatures
-  authority:
-    environment:
-      <<: *sm-remote-env
-    depends_on:
-      - sm-remote
-    labels:
-      com.stellaops.crypto.provider: "sm"
-
-  # Signer - Use SM Remote for SM2 signatures
-  signer:
-    environment:
-      <<: *sm-remote-env
-    depends_on:
-      - sm-remote
-    labels:
-      com.stellaops.crypto.provider: "sm"
-
-  # Attestor - Use SM Remote for SM2 signatures
-  attestor:
-    environment:
-      <<: *sm-remote-env
-    depends_on:
-      - sm-remote
-    labels:
-      com.stellaops.crypto.provider: "sm"
-
-  # Scanner Web - Use SM Remote for verification
-  scanner-web:
-    environment:
-      <<: *sm-remote-env
-    depends_on:
-      - sm-remote
-    labels:
-      com.stellaops.crypto.provider: "sm"
-
-  # Scanner Worker - Use SM Remote for verification
-  scanner-worker:
-    environment:
-      <<: *sm-remote-env
-    depends_on:
-      - sm-remote
-    labels:
-      com.stellaops.crypto.provider: "sm"
-
-  # Excititor - Use SM Remote for VEX signing
-  excititor:
-    environment:
-      <<: *sm-remote-env
-    depends_on:
-      - sm-remote
-    labels:
-      com.stellaops.crypto.provider: "sm"
-
 volumes:
  sm-remote-keys:
    name: stellaops-sm-remote-keys