fix: gitignore mutable zallet configs to prevent git pull conflicts

.github/workflows/ci.yaml

@@ -25,7 +25,9 @@ jobs:
 
       - name: Generate TLS certs and regtest configs
         run: |
-          mkdir -p config/tls config/regtest
+          cp -n config/zallet.toml.default config/zallet.toml
+          cp -n config/regtest/zallet.toml.default config/regtest/zallet.toml
+          mkdir -p config/tls
           openssl req -x509 -newkey rsa:2048 \
             -keyout config/tls/zaino.key -out config/tls/zaino.crt \
             -sha256 -days 1 -nodes -subj "/CN=localhost" 2>/dev/null

.gitignore

@@ -20,20 +20,20 @@ target/
 #.idea/
 
 # =============================================================================
-# Config directory — ignore generated secrets, track templates
+# Config directory — track .default templates, ignore live copies and secrets
 # =============================================================================
 config/**
 !config/.gitkeep
-!config/zallet.toml
+!config/zallet.toml.default
 !config/zaino.toml
 # TLS directory structure (certs are generated locally)
 !config/tls/
 config/tls/*
 !config/tls/.gitkeep
-# Regtest configs (tracked templates; identity file is generated by scripts/regtest-init.sh)
+# Regtest configs
 !config/regtest/
 !config/regtest/zaino.toml
-!config/regtest/zallet.toml
+!config/regtest/zallet.toml.default
 
 # Runtime environment overrides (see .env.example for available variables)
 .env

README.md

@@ -7,7 +7,8 @@ Three services replacing the legacy `zcashd`: **Zebra** (full node), **Zaino** (
 ```bash
 git clone https://github.com/ZcashFoundation/z3 && cd z3
 
-# Generate required credentials
+# Seed config files and generate required credentials
+cp -n config/zallet.toml.default config/zallet.toml
 openssl req -x509 -newkey rsa:4096 -keyout config/tls/zaino.key -out config/tls/zaino.crt \
   -sha256 -days 365 -nodes -subj "/CN=localhost" \
   -addext "subjectAltName=DNS:localhost,DNS:zaino,IP:127.0.0.1"
@@ -27,7 +28,7 @@ docker compose up -d
 Pre-built images for all 3 services are pulled automatically. No build step or submodule init needed.
 
 > [!WARNING]
-> The TLS certificate and identity file must exist before running any `docker compose` command. If `config/tls/zaino.crt` or `config/tls/zaino.key` are missing, Compose will fail with a file-not-found error.
+> The TLS certificate, identity file, and zallet config must exist before running any `docker compose` command. Run the setup steps above first — if any file is missing, Compose will fail.
 
 > [!IMPORTANT]
 > Zebra must sync the blockchain before Zaino and Zallet can start. Running `docker compose up -d` on a fresh install without syncing Zebra first will cause the other services to fail repeatedly. Start Zebra alone, wait for sync, then start the rest.

scripts/regtest-init.sh

@@ -80,6 +80,15 @@ ensure_openssl() {
     exit 1
 }
 
+seed_configs() {
+    for name in config/zallet.toml config/regtest/zallet.toml; do
+        if [ ! -f "$REPO_ROOT/$name" ] && [ -f "$REPO_ROOT/$name.default" ]; then
+            cp "$REPO_ROOT/$name.default" "$REPO_ROOT/$name"
+            log "==> Seeded $name from $name.default"
+        fi
+    done
+}
+
 update_zallet_rpc_pwhash() {
     local config_path="$REPO_ROOT/config/regtest/zallet.toml"
     local rpc_password="${RPC_PASSWORD:-zebra}"
@@ -133,6 +142,7 @@ fi
 
 cd "$REPO_ROOT"
 
+seed_configs
 ensure_local_identity
 ensure_tls_certs
 update_zallet_rpc_pwhash