Compare commits

...

2 Commits

Author SHA1 Message Date
Bogdan-Ștefan Neacşu 9fdf5273e3 Force update to be run 2025-01-16 17:24:52 +00:00
Bogdan-Ștefan Neacşu 8b1490cb99 Bind to [::] on nym-node for both IP versions 2025-01-16 16:16:38 +00:00
11 changed files with 1918 additions and 69 deletions
+6 -6
View File
@@ -101,7 +101,7 @@ impl HostArgs {
#[derive(clap::Args, Debug)]
pub(crate) struct HttpArgs {
/// Socket address this node will use for binding its http API.
/// default: `0.0.0.0:8080`
/// default: `[::]:8080`
#[clap(
long,
env = NYMNODE_HTTP_BIND_ADDRESS_ARG
@@ -181,7 +181,7 @@ impl HttpArgs {
#[derive(clap::Args, Debug)]
pub(crate) struct MixnetArgs {
/// Address this node will bind to for listening for mixnet packets
/// default: `0.0.0.0:1789`
/// default: `[::]:1789`
#[clap(
long,
env = NYMNODE_MIXNET_BIND_ADDRESS_ARG
@@ -258,7 +258,7 @@ pub(crate) struct WireguardArgs {
pub(crate) wireguard_enabled: Option<bool>,
/// Socket address this node will use for binding its wireguard interface.
/// default: `0.0.0.0:51822`
/// default: `[::]:51822`
#[clap(
long,
env = NYMNODE_WG_BIND_ADDRESS_ARG
@@ -315,7 +315,7 @@ impl WireguardArgs {
#[derive(clap::Args, Debug)]
pub(crate) struct VerlocArgs {
/// Socket address this node will use for binding its verloc API.
/// default: `0.0.0.0:1790`
/// default: `[::]:1790`
#[clap(
long,
env = NYMNODE_VERLOC_BIND_ADDRESS_ARG
@@ -377,7 +377,7 @@ impl MetricsArgs {
#[derive(clap::Args, Debug, Zeroize, ZeroizeOnDrop)]
pub(crate) struct EntryGatewayArgs {
/// Socket address this node will use for binding its client websocket API.
/// default: `0.0.0.0:9000`
/// default: `[::]:9000`
#[clap(
long,
env = NYMNODE_ENTRY_BIND_ADDRESS_ARG
@@ -431,7 +431,7 @@ impl EntryGatewayArgs {
mut section: config::GatewayTasksConfig,
) -> config::GatewayTasksConfig {
if let Some(bind_address) = self.entry_bind_address {
section.bind_address = bind_address
section.ws_bind_address = bind_address
}
if let Some(ws_port) = self.announce_ws_port {
section.announce_ws_port = Some(ws_port)
+4 -4
View File
@@ -3,7 +3,7 @@
use crate::config::persistence::GatewayTasksPaths;
use nym_config::defaults::{DEFAULT_CLIENT_LISTENING_PORT, TICKETBOOK_VALIDITY_DAYS};
use nym_config::helpers::inaddr_any;
use nym_config::helpers::in6addr_any_init;
use nym_config::serde_helpers::de_maybe_port;
use serde::{Deserialize, Serialize};
use std::net::SocketAddr;
@@ -22,8 +22,8 @@ pub struct GatewayTasksConfig {
pub enforce_zk_nyms: bool,
/// Socket address this node will use for binding its client websocket API.
/// default: `0.0.0.0:9000`
pub bind_address: SocketAddr,
/// default: `[::]:9000`
pub ws_bind_address: SocketAddr,
/// Custom announced port for listening for websocket client traffic.
/// If unspecified, the value from the `bind_address` will be used instead
@@ -134,7 +134,7 @@ impl GatewayTasksConfig {
GatewayTasksConfig {
storage_paths: GatewayTasksPaths::new(data_dir),
enforce_zk_nyms: false,
bind_address: SocketAddr::new(inaddr_any(), DEFAULT_WS_PORT),
ws_bind_address: SocketAddr::new(in6addr_any_init(), DEFAULT_WS_PORT),
announce_ws_port: None,
announce_wss_port: None,
debug: Default::default(),
+1 -1
View File
@@ -13,7 +13,7 @@ fn ephemeral_gateway_config(config: &Config) -> nym_gateway::config::Config {
nym_gateway::config::Config::new(
nym_gateway::config::Gateway {
enforce_zk_nyms: config.gateway_tasks.enforce_zk_nyms,
websocket_bind_address: config.gateway_tasks.bind_address,
websocket_bind_address: config.gateway_tasks.ws_bind_address,
nym_api_urls: config.mixnet.nym_api_urls.clone(),
nyxd_urls: config.mixnet.nyxd_urls.clone(),
},
+8 -8
View File
@@ -13,7 +13,7 @@ use nym_config::defaults::{
WG_TUN_DEVICE_IP_ADDRESS_V6,
};
use nym_config::defaults::{WG_TUN_DEVICE_NETMASK_V4, WG_TUN_DEVICE_NETMASK_V6};
use nym_config::helpers::inaddr_any;
use nym_config::helpers::{in6addr_any_init, inaddr_any};
use nym_config::serde_helpers::de_maybe_port;
use nym_config::serde_helpers::de_maybe_stringified;
use nym_config::{
@@ -444,7 +444,7 @@ pub struct Host {
#[serde(deny_unknown_fields)]
pub struct Http {
/// Socket address this node will use for binding its http API.
/// default: `0.0.0.0:8080`
/// default: `[::]:8080`
pub bind_address: SocketAddr,
/// Path to assets directory of custom landing page of this node.
@@ -475,7 +475,7 @@ pub struct Http {
impl Default for Http {
fn default() -> Self {
Http {
bind_address: SocketAddr::new(inaddr_any(), DEFAULT_HTTP_PORT),
bind_address: SocketAddr::new(in6addr_any_init(), DEFAULT_HTTP_PORT),
landing_page_assets_path: None,
access_token: None,
expose_system_info: true,
@@ -490,7 +490,7 @@ impl Default for Http {
#[serde(deny_unknown_fields)]
pub struct Mixnet {
/// Address this node will bind to for listening for mixnet packets
/// default: `0.0.0.0:1789`
/// default: `[::]:1789`
pub bind_address: SocketAddr,
/// If applicable, custom port announced in the self-described API that other clients and nodes
@@ -584,7 +584,7 @@ impl Default for Mixnet {
};
Mixnet {
bind_address: SocketAddr::new(inaddr_any(), DEFAULT_MIXNET_PORT),
bind_address: SocketAddr::new(in6addr_any_init(), DEFAULT_MIXNET_PORT),
announce_port: None,
nym_api_urls,
nyxd_urls,
@@ -597,7 +597,7 @@ impl Default for Mixnet {
#[serde(deny_unknown_fields)]
pub struct Verloc {
/// Socket address this node will use for binding its verloc API.
/// default: `0.0.0.0:1790`
/// default: `[::]:1790`
pub bind_address: SocketAddr,
/// If applicable, custom port announced in the self-described API that other clients and nodes
@@ -618,7 +618,7 @@ impl Verloc {
impl Default for Verloc {
fn default() -> Self {
Verloc {
bind_address: SocketAddr::new(inaddr_any(), Self::DEFAULT_VERLOC_PORT),
bind_address: SocketAddr::new(in6addr_any_init(), Self::DEFAULT_VERLOC_PORT),
announce_port: None,
debug: Default::default(),
}
@@ -687,7 +687,7 @@ pub struct Wireguard {
pub enabled: bool,
/// Socket address this node will use for binding its wireguard interface.
/// default: `0.0.0.0:51822`
/// default: `[::]:51822`
pub bind_address: SocketAddr,
/// Private IPv4 address of the wireguard gateway.
+2
View File
@@ -7,6 +7,7 @@ mod old_config_v3;
mod old_config_v4;
mod old_config_v5;
mod old_config_v6;
mod old_config_v7;
pub use old_config_v1::try_upgrade_config_v1;
pub use old_config_v2::try_upgrade_config_v2;
@@ -14,3 +15,4 @@ pub use old_config_v3::try_upgrade_config_v3;
pub use old_config_v4::try_upgrade_config_v4;
pub use old_config_v5::try_upgrade_config_v5;
pub use old_config_v6::try_upgrade_config_v6;
pub use old_config_v7::try_upgrade_config_v7;
@@ -3,11 +3,6 @@
#![allow(dead_code)]
use crate::config::authenticator::{Authenticator, AuthenticatorDebug};
use crate::config::gateway_tasks::ZkNymTicketHandlerDebug;
use crate::config::service_providers::{
IpPacketRouter, IpPacketRouterDebug, NetworkRequester, NetworkRequesterDebug,
};
use crate::config::*;
use crate::error::NymNodeError;
use celes::Country;
@@ -23,6 +18,7 @@ use nym_config::{
serde_helpers::{de_maybe_port, de_maybe_stringified},
};
use nym_config::{parse_urls, read_config_from_toml_file};
use old_configs::old_config_v7::*;
use persistence::*;
use serde::{Deserialize, Serialize};
use std::env;
@@ -85,13 +81,13 @@ pub enum NodeModeV6 {
ExitGateway,
}
impl From<NodeModeV6> for NodeModes {
impl From<NodeModeV6> for NodeModesV7 {
fn from(config: NodeModeV6) -> Self {
match config {
NodeModeV6::Mixnode => *NodeModes::default().with_mixnode(),
NodeModeV6::EntryGateway => *NodeModes::default().with_entry(),
NodeModeV6::Mixnode => *NodeModesV7::default().with_mixnode(),
NodeModeV6::EntryGateway => *NodeModesV7::default().with_entry(),
// in old version exit implied entry
NodeModeV6::ExitGateway => *NodeModes::default().with_entry().with_exit(),
NodeModeV6::ExitGateway => *NodeModesV7::default().with_entry().with_exit(),
}
}
}
@@ -953,7 +949,7 @@ impl ConfigV6 {
pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
path: P,
prev_config: Option<ConfigV6>,
) -> Result<Config, NymNodeError> {
) -> Result<ConfigV7, NymNodeError> {
debug!("attempting to load v6 config...");
let old_cfg = if let Some(prev_config) = prev_config {
@@ -962,22 +958,22 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
ConfigV6::read_from_path(&path)?
};
let cfg = Config {
let cfg = ConfigV7 {
save_path: old_cfg.save_path,
id: old_cfg.id,
modes: old_cfg.mode.into(),
host: Host {
host: HostV7 {
public_ips: old_cfg.host.public_ips,
hostname: old_cfg.host.hostname,
location: old_cfg.host.location,
},
mixnet: Mixnet {
mixnet: MixnetV7 {
bind_address: old_cfg.mixnet.bind_address,
announce_port: old_cfg.mixnet.announce_port,
nym_api_urls: old_cfg.mixnet.nym_api_urls,
nyxd_urls: old_cfg.mixnet.nyxd_urls,
debug: MixnetDebug {
maximum_forward_packet_delay: MixnetDebug::DEFAULT_MAXIMUM_FORWARD_PACKET_DELAY,
debug: MixnetDebugV7 {
maximum_forward_packet_delay: MixnetDebugV7::DEFAULT_MAXIMUM_FORWARD_PACKET_DELAY,
packet_forwarding_initial_backoff: old_cfg
.mixnet
.debug
@@ -991,8 +987,8 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
unsafe_disable_noise: old_cfg.mixnet.debug.unsafe_disable_noise,
},
},
storage_paths: NymNodePaths {
keys: KeysPaths {
storage_paths: NymNodePathsV7 {
keys: KeysPathsV7 {
private_ed25519_identity_key_file: old_cfg
.storage_paths
.keys
@@ -1020,7 +1016,7 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
},
description: old_cfg.storage_paths.description,
},
http: Http {
http: HttpV7 {
bind_address: old_cfg.http.bind_address,
landing_page_assets_path: old_cfg.http.landing_page_assets_path,
access_token: old_cfg.http.access_token,
@@ -1028,10 +1024,10 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
expose_system_hardware: old_cfg.http.expose_system_hardware,
expose_crypto_hardware: old_cfg.http.expose_crypto_hardware,
},
verloc: Verloc {
verloc: VerlocV7 {
bind_address: old_cfg.mixnode.verloc.bind_address,
announce_port: old_cfg.mixnode.verloc.announce_port,
debug: VerlocDebug {
debug: VerlocDebugV7 {
packets_per_node: old_cfg.mixnode.verloc.debug.packets_per_node,
connection_timeout: old_cfg.mixnode.verloc.debug.connection_timeout,
packet_timeout: old_cfg.mixnode.verloc.debug.packet_timeout,
@@ -1041,7 +1037,7 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
retry_timeout: old_cfg.mixnode.verloc.debug.retry_timeout,
},
},
wireguard: Wireguard {
wireguard: WireguardV7 {
enabled: old_cfg.wireguard.enabled,
bind_address: old_cfg.wireguard.bind_address,
private_ipv4: old_cfg.wireguard.private_ipv4,
@@ -1049,7 +1045,7 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
announced_port: old_cfg.wireguard.announced_port,
private_network_prefix_v4: old_cfg.wireguard.private_network_prefix_v4,
private_network_prefix_v6: old_cfg.wireguard.private_network_prefix_v6,
storage_paths: WireguardPaths {
storage_paths: WireguardPathsV7 {
private_diffie_hellman_key_file: old_cfg
.wireguard
.storage_paths
@@ -1060,8 +1056,8 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
.public_diffie_hellman_key_file,
},
},
gateway_tasks: GatewayTasksConfig {
storage_paths: GatewayTasksPaths {
gateway_tasks: GatewayTasksConfigV7 {
storage_paths: GatewayTasksPathsV7 {
clients_storage: old_cfg.entry_gateway.storage_paths.clients_storage,
stats_storage: old_cfg.entry_gateway.storage_paths.stats_storage,
cosmos_mnemonic: old_cfg.entry_gateway.storage_paths.cosmos_mnemonic,
@@ -1070,9 +1066,9 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
bind_address: old_cfg.entry_gateway.bind_address,
announce_ws_port: old_cfg.entry_gateway.announce_ws_port,
announce_wss_port: old_cfg.entry_gateway.announce_wss_port,
debug: gateway_tasks::Debug {
debug: GatewayTasksConfigDebugV7 {
message_retrieval_limit: old_cfg.entry_gateway.debug.message_retrieval_limit,
zk_nym_tickets: ZkNymTicketHandlerDebug {
zk_nym_tickets: ZkNymTicketHandlerDebugV7 {
revocation_bandwidth_penalty: old_cfg
.entry_gateway
.debug
@@ -1097,11 +1093,11 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
},
},
},
service_providers: ServiceProvidersConfig {
storage_paths: ServiceProvidersPaths {
service_providers: ServiceProvidersConfigV7 {
storage_paths: ServiceProvidersPathsV7 {
clients_storage: old_cfg.exit_gateway.storage_paths.clients_storage,
stats_storage: old_cfg.exit_gateway.storage_paths.stats_storage,
network_requester: NetworkRequesterPaths {
network_requester: NetworkRequesterPathsV7 {
private_ed25519_identity_key_file: old_cfg
.exit_gateway
.storage_paths
@@ -1138,7 +1134,7 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
.network_requester
.gateway_registrations,
},
ip_packet_router: IpPacketRouterPaths {
ip_packet_router: IpPacketRouterPathsV7 {
private_ed25519_identity_key_file: old_cfg
.exit_gateway
.storage_paths
@@ -1175,7 +1171,7 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
.ip_packet_router
.gateway_registrations,
},
authenticator: AuthenticatorPaths {
authenticator: AuthenticatorPathsV7 {
private_ed25519_identity_key_file: old_cfg
.exit_gateway
.storage_paths
@@ -1215,8 +1211,8 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
},
open_proxy: old_cfg.exit_gateway.open_proxy,
upstream_exit_policy_url: old_cfg.exit_gateway.upstream_exit_policy_url,
network_requester: NetworkRequester {
debug: NetworkRequesterDebug {
network_requester: NetworkRequesterV7 {
debug: NetworkRequesterDebugV7 {
enabled: old_cfg.exit_gateway.network_requester.debug.enabled,
disable_poisson_rate: old_cfg
.exit_gateway
@@ -1226,8 +1222,8 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
client_debug: old_cfg.exit_gateway.network_requester.debug.client_debug,
},
},
ip_packet_router: IpPacketRouter {
debug: IpPacketRouterDebug {
ip_packet_router: IpPacketRouterV7 {
debug: IpPacketRouterDebugV7 {
enabled: old_cfg.exit_gateway.ip_packet_router.debug.enabled,
disable_poisson_rate: old_cfg
.exit_gateway
@@ -1237,19 +1233,19 @@ pub async fn try_upgrade_config_v6<P: AsRef<Path>>(
client_debug: old_cfg.exit_gateway.ip_packet_router.debug.client_debug,
},
},
authenticator: Authenticator {
debug: AuthenticatorDebug {
authenticator: AuthenticatorV7 {
debug: AuthenticatorDebugV7 {
enabled: old_cfg.authenticator.debug.enabled,
disable_poisson_rate: old_cfg.authenticator.debug.disable_poisson_rate,
client_debug: old_cfg.authenticator.debug.client_debug,
},
},
debug: service_providers::Debug {
debug: ServiceProvidersConfigDebugV7 {
message_retrieval_limit: old_cfg.exit_gateway.debug.message_retrieval_limit,
},
},
metrics: Default::default(),
logging: LoggingSettings {},
logging: LoggingSettingsV7 {},
debug: Default::default(),
};
Ok(cfg)
File diff suppressed because it is too large Load Diff
-1
View File
@@ -30,7 +30,6 @@ pub struct ServiceProvidersConfig {
#[serde(default)]
pub debug: Debug,
}
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(deny_unknown_fields)]
pub struct Debug {
+6 -6
View File
@@ -46,7 +46,7 @@ location = '{{ host.location }}'
[mixnet]
# Address this node will bind to for listening for mixnet packets
# default: `0.0.0.0:1789`
# default: `[::]:1789`
bind_address = '{{ mixnet.bind_address }}'
# If applicable, custom port announced in the self-described API that other clients and nodes
@@ -95,7 +95,7 @@ public_x25519_noise_key_file = '{{ storage_paths.keys.public_x25519_noise_key_fi
[http]
# Socket address this node will use for binding its http API.
# default: `0.0.0.0:8080`
# default: `[::]:8080`
bind_address = '{{ http.bind_address }}'
# Path to assets directory of custom landing page of this node
@@ -126,7 +126,7 @@ expose_crypto_hardware = {{ http.expose_crypto_hardware }}
enabled = {{ wireguard.enabled }}
# Socket address this node will use for binding its wireguard interface.
# default: `0.0.0.0:51822`
# default: `[::]:51822`
bind_address = '{{ wireguard.bind_address }}'
# Private IP address of the wireguard gateway.
@@ -161,7 +161,7 @@ public_diffie_hellman_key_file = '{{ wireguard.storage_paths.public_diffie_hellm
[verloc]
# Socket address this node will use for binding its verloc API.
# default: `0.0.0.0:1790`
# default: `[::]:1790`
bind_address = '{{ verloc.bind_address }}'
# If applicable, custom port announced in the self-described API that other clients and nodes
@@ -179,8 +179,8 @@ announce_port ={{#if verloc.announce_port }} {{ verloc.announce_port }} {{else}}
enforce_zk_nyms = {{ gateway_tasks.enforce_zk_nyms }}
# Socket address this node will use for binding its client websocket API.
# default: `0.0.0.0:9000`
bind_address = '{{ gateway_tasks.bind_address }}'
# default: `[::]:9000`
ws_bind_address = '{{ gateway_tasks.ws_bind_address }}'
# Custom announced port for listening for websocket client traffic.
# If unspecified, the value from the `bind_address` will be used instead
+2 -1
View File
@@ -14,7 +14,8 @@ async fn try_upgrade_config(path: &Path) -> Result<(), NymNodeError> {
let cfg = try_upgrade_config_v3(path, cfg).await.ok();
let cfg = try_upgrade_config_v4(path, cfg).await.ok();
let cfg = try_upgrade_config_v5(path, cfg).await.ok();
match try_upgrade_config_v6(path, cfg).await {
let cfg = try_upgrade_config_v6(path, cfg).await.ok();
match try_upgrade_config_v7(path, cfg).await {
Ok(cfg) => cfg.save(),
Err(e) => {
tracing::error!("Failed to finish upgrade - {e}");
+3 -3
View File
@@ -554,7 +554,7 @@ impl NymNode {
.config
.gateway_tasks
.announce_ws_port
.unwrap_or(self.config.gateway_tasks.bind_address.port());
.unwrap_or(self.config.gateway_tasks.ws_bind_address.port());
Ok(nym_topology::gateway::LegacyNode {
node_id: u32::MAX,
@@ -593,7 +593,7 @@ impl NymNode {
if self.modes().entry {
info!(
"starting the clients websocket... on {}",
self.config.gateway_tasks.bind_address
self.config.gateway_tasks.ws_bind_address
);
let websocket = gateway_tasks_builder
.build_websocket_listener(active_clients_store.clone())
@@ -694,7 +694,7 @@ impl NymNode {
.config
.gateway_tasks
.announce_ws_port
.unwrap_or(self.config.gateway_tasks.bind_address.port()),
.unwrap_or(self.config.gateway_tasks.ws_bind_address.port()),
wss_port: self.config.gateway_tasks.announce_wss_port,
});
let gateway_details = api_requests::v1::gateway::models::Gateway {