diff --git a/nodebuilder/module.go b/nodebuilder/module.go index e33e36a004..8f196f3b1d 100644 --- a/nodebuilder/module.go +++ b/nodebuilder/module.go @@ -33,7 +33,6 @@ func ConstructModule(tp node.Type, network p2p.Network, cfg *Config, store Store fx.Supply(tp), fx.Supply(network), fx.Supply(ks), - fx.Supply(p2p.TLSPath(tlsPath(store.Path()))), fx.Provide(p2p.BootstrappersFor), fx.Provide(func(lc fx.Lifecycle) context.Context { return fxutil.WithLifecycle(context.Background(), lc) diff --git a/nodebuilder/p2p/host.go b/nodebuilder/p2p/host.go index 5cb82096b5..6b8d355a5d 100644 --- a/nodebuilder/p2p/host.go +++ b/nodebuilder/p2p/host.go @@ -70,6 +70,24 @@ func (ua *UserAgent) String() string { func host(params hostParams) (HostBase, error) { ua := newUserAgent().WithNetwork(params.Net).WithNodeType(params.Tp) + wss, isEnabled, err := enableWss() + if err != nil { + return nil, err + } + + if isEnabled { + params.Cfg.ListenAddresses = append( + params.Cfg.ListenAddresses, + "/ip4/0.0.0.0/tcp/2122/wss", + "/ip6/::/tcp/2122/wss", + ) + params.Cfg.NoAnnounceAddresses = append( + params.Cfg.NoAnnounceAddresses, + "/ip4/127.0.0.1/tcp/2122/wss", + "/ip6/::/tcp/2122/wss", + ) + } + opts := []libp2p.Option{ libp2p.NoListenAddrs, // do not listen automatically libp2p.AddrsFactory(params.AddrF), @@ -82,7 +100,12 @@ func host(params hostParams) (HostBase, error) { libp2p.DisableRelay(), libp2p.BandwidthReporter(params.Bandwidth), libp2p.ResourceManager(params.ResourceManager), - enableTransport(params.Cfg, params.TLS), + libp2p.ChainOptions( + libp2p.Transport(tcp.NewTCPTransport), + libp2p.Transport(quic.NewTransport), + libp2p.Transport(webtransport.New), + wss, + ), // to clearly define what defaults we rely upon libp2p.DefaultSecurity, libp2p.DefaultMuxers, @@ -111,28 +134,12 @@ func host(params hostParams) (HostBase, error) { return h, nil } -func enableTransport(cfg *Config, tls *tls) libp2p.Option { - options := []libp2p.Option{ - libp2p.Transport(tcp.NewTCPTransport), - libp2p.Transport(quic.NewTransport), - libp2p.Transport(webtransport.New), - } - - wsTransport := tls.transport() - if wsTransport != nil { - options = append(options, wsTransport) - tls.upgrade(cfg) - } - return libp2p.ChainOptions(options...) -} - type HostBase hst.Host type hostParams struct { fx.In Cfg *Config - TLS *tls Net Network Lc fx.Lifecycle ID peer.ID diff --git a/nodebuilder/p2p/module.go b/nodebuilder/p2p/module.go index 98f62e33d7..59d9fa5054 100644 --- a/nodebuilder/p2p/module.go +++ b/nodebuilder/p2p/module.go @@ -18,9 +18,6 @@ func ConstructModule(tp node.Type, cfg *Config) fx.Option { baseComponents := fx.Options( fx.Error(cfgErr), fx.Supply(cfg), - fx.Provide(fx.Annotate(func(path TLSPath) (*tls, error) { - return tlsConfig(string(path)) - })), fx.Provide(Key), fx.Provide(id), fx.Provide(peerStore), diff --git a/nodebuilder/p2p/module_test.go b/nodebuilder/p2p/module_test.go index 2e740460ca..96b5aac789 100644 --- a/nodebuilder/p2p/module_test.go +++ b/nodebuilder/p2p/module_test.go @@ -23,7 +23,6 @@ func testModule(tp node.Type) fx.Option { ConstructModule(tp, &cfg), fx.Provide(context.Background), fx.Supply(Private), - fx.Supply(TLSPath("")), fx.Supply(Bootstrappers{}), fx.Supply(tp), fx.Provide(keystore.NewMapKeystore), diff --git a/nodebuilder/p2p/tls.go b/nodebuilder/p2p/tls.go index 18f351bd9a..3e31248d3b 100644 --- a/nodebuilder/p2p/tls.go +++ b/nodebuilder/p2p/tls.go @@ -2,72 +2,38 @@ package p2p import ( cfg "crypto/tls" - "github.com/libp2p/go-libp2p" ws "github.com/libp2p/go-libp2p/p2p/transport/websocket" + "os" "github.com/celestiaorg/celestia-node/libs/utils" ) +var ( + tlsPath = "TLS_PATH" +) + const ( cert = "/cert.pem" key = "/key.pem" ) -// TLSPath is an alias of the file path of TLS certificates and keys. -type TLSPath string - -type tls struct { - *cfg.Config - ListenAddresses []string - NoAnnounceAddresses []string -} +func enableWss() (libp2p.Option, bool, error) { + path := os.Getenv(tlsPath) + exist := utils.Exists(path+cert) && utils.Exists(path+key) + if !exist { + return libp2p.Transport(ws.New), exist, nil + } -func newTLS(path string) (*tls, error) { var certificates []cfg.Certificate if path != "" { cert, err := cfg.LoadX509KeyPair(path+cert, path+key) if err != nil { - return nil, err + return nil, false, err } certificates = append(certificates, cert) } config := &cfg.Config{MinVersion: cfg.VersionTLS12, Certificates: certificates} - return &tls{ - Config: config, - ListenAddresses: []string{ - "/ip4/0.0.0.0/tcp/2122/wss", - "/ip6/::/tcp/2122/wss", - }, - NoAnnounceAddresses: []string{ - "/ip4/127.0.0.1/tcp/2122/wss", - "/ip6/::/tcp/2122/wss", - }, - }, nil -} - -func tlsConfig(path string) (*tls, error) { - exist := utils.Exists(path+cert) && utils.Exists(path+key) - if !exist { - return newTLS("") - } - - return newTLS(path) -} - -func (tls *tls) upgrade(cfg *Config) { - if len(tls.Certificates) == 0 { - return - } - - cfg.ListenAddresses = append(cfg.ListenAddresses, tls.ListenAddresses...) - cfg.NoAnnounceAddresses = append(cfg.NoAnnounceAddresses, tls.NoAnnounceAddresses...) -} - -func (tls *tls) transport() libp2p.Option { - if len(tls.Config.Certificates) == 0 { - return nil - } - return libp2p.Transport(ws.New, ws.WithTLSConfig(tls.Config)) + return libp2p.Transport(ws.New, ws.WithTLSConfig(config)), true, nil }