github.com/gnolang/gno@v0.0.0-20240520182011-228e9d0192ce/tm2/pkg/bft/rpc/config/config.go (about)

     1  package config
     2  
     3  import (
     4  	"errors"
     5  	"net/http"
     6  	"path/filepath"
     7  	"time"
     8  )
     9  
    10  // -----------------------------------------------------------------------------
    11  // RPCConfig
    12  
    13  const (
    14  	defaultConfigDir = "config"
    15  )
    16  
    17  // RPCConfig defines the configuration options for the Tendermint RPC server
    18  type RPCConfig struct {
    19  	RootDir string `toml:"home"`
    20  
    21  	// TCP or UNIX socket address for the RPC server to listen on
    22  	ListenAddress string `toml:"laddr" comment:"TCP or UNIX socket address for the RPC server to listen on"`
    23  
    24  	// A list of origins a cross-domain request can be executed from.
    25  	// If the special '*' value is present in the list, all origins will be allowed.
    26  	// An origin may contain a wildcard (*) to replace 0 or more characters (i.e.: http://*.domain.com).
    27  	// Only one wildcard can be used per origin.
    28  	CORSAllowedOrigins []string `toml:"cors_allowed_origins" comment:"A list of origins a cross-domain request can be executed from\n Default value '[]' disables cors support\n Use '[\"*\"]' to allow any origin"`
    29  
    30  	// A list of methods the client is allowed to use with cross-domain requests.
    31  	CORSAllowedMethods []string `toml:"cors_allowed_methods" comment:"A list of methods the client is allowed to use with cross-domain requests"`
    32  
    33  	// A list of non simple headers the client is allowed to use with cross-domain requests.
    34  	CORSAllowedHeaders []string `toml:"cors_allowed_headers" comment:"A list of non simple headers the client is allowed to use with cross-domain requests"`
    35  
    36  	// TCP or UNIX socket address for the gRPC server to listen on
    37  	// NOTE: This server only supports /broadcast_tx_commit
    38  	GRPCListenAddress string `toml:"grpc_laddr" comment:"TCP or UNIX socket address for the gRPC server to listen on\n NOTE: This server only supports /broadcast_tx_commit"`
    39  
    40  	// Maximum number of simultaneous connections.
    41  	// Does not include RPC (HTTP&WebSocket) connections. See max_open_connections
    42  	// If you want to accept a larger number than the default, make sure
    43  	// you increase your OS limits.
    44  	// 0 - unlimited.
    45  	GRPCMaxOpenConnections int `toml:"grpc_max_open_connections" comment:"Maximum number of simultaneous connections.\n Does not include RPC (HTTP&WebSocket) connections. See max_open_connections\n If you want to accept a larger number than the default, make sure\n you increase your OS limits.\n 0 - unlimited.\n Should be < {ulimit -Sn} - {MaxNumInboundPeers} - {MaxNumOutboundPeers} - {N of wal, db and other open files}\n 1024 - 40 - 10 - 50 = 924 = ~900"`
    46  
    47  	// Activate unsafe RPC commands like /dial_persistent_peers and /unsafe_flush_mempool
    48  	Unsafe bool `toml:"unsafe" comment:"Activate unsafe RPC commands like /dial_seeds and /unsafe_flush_mempool"`
    49  
    50  	// Maximum number of simultaneous connections (including WebSocket).
    51  	// Does not include gRPC connections. See grpc_max_open_connections
    52  	// If you want to accept a larger number than the default, make sure
    53  	// you increase your OS limits.
    54  	// 0 - unlimited.
    55  	// Should be < {ulimit -Sn} - {MaxNumInboundPeers} - {MaxNumOutboundPeers} - {N of wal, db and other open files}
    56  	// 1024 - 40 - 10 - 50 = 924 = ~900
    57  	MaxOpenConnections int `toml:"max_open_connections" comment:"Maximum number of simultaneous connections (including WebSocket).\n Does not include gRPC connections. See grpc_max_open_connections\n If you want to accept a larger number than the default, make sure\n you increase your OS limits.\n 0 - unlimited.\n Should be < {ulimit -Sn} - {MaxNumInboundPeers} - {MaxNumOutboundPeers} - {N of wal, db and other open files}\n 1024 - 40 - 10 - 50 = 924 = ~900"`
    58  
    59  	// How long to wait for a tx to be committed during /broadcast_tx_commit
    60  	// WARNING: Using a value larger than 10s will result in increasing the
    61  	// global HTTP write timeout, which applies to all connections and endpoints.
    62  	// See https://github.com/gnolang/gno/tm2/pkg/bft/issues/3435
    63  	TimeoutBroadcastTxCommit time.Duration `toml:"timeout_broadcast_tx_commit" comment:"How long to wait for a tx to be committed during /broadcast_tx_commit.\n WARNING: Using a value larger than 10s will result in increasing the\n global HTTP write timeout, which applies to all connections and endpoints.\n See https://github.com/tendermint/classic/issues/3435"`
    64  
    65  	// Maximum size of request body, in bytes
    66  	MaxBodyBytes int64 `toml:"max_body_bytes" comment:"Maximum size of request body, in bytes"`
    67  
    68  	// Maximum size of request header, in bytes
    69  	MaxHeaderBytes int `toml:"max_header_bytes" comment:"Maximum size of request header, in bytes"`
    70  
    71  	// The path to a file containing certificate that is used to create the HTTPS server.
    72  	// Might be either absolute path or path related to tendermint's config directory.
    73  	//
    74  	// If the certificate is signed by a certificate authority,
    75  	// the certFile should be the concatenation of the server's certificate, any intermediates,
    76  	// and the CA's certificate.
    77  	//
    78  	// NOTE: both tls_cert_file and tls_key_file must be present for Tendermint to create HTTPS server. Otherwise, HTTP server is run.
    79  	TLSCertFile string `toml:"tls_cert_file" comment:"The path to a file containing certificate that is used to create the HTTPS server.\n Might be either absolute path or path related to tendermint's config directory.\n If the certificate is signed by a certificate authority,\n the certFile should be the concatenation of the server's certificate, any intermediates,\n and the CA's certificate.\n NOTE: both tls_cert_file and tls_key_file must be present for Tendermint to create HTTPS server. Otherwise, HTTP server is run."`
    80  
    81  	// The path to a file containing matching private key that is used to create the HTTPS server.
    82  	// Might be either absolute path or path related to tendermint's config directory.
    83  	//
    84  	// NOTE: both tls_cert_file and tls_key_file must be present for Tendermint to create HTTPS server. Otherwise, HTTP server is run.
    85  	TLSKeyFile string `toml:"tls_key_file" comment:"The path to a file containing matching private key that is used to create the HTTPS server.\n Might be either absolute path or path related to tendermint's config directory.\n NOTE: both tls_cert_file and tls_key_file must be present for Tendermint to create HTTPS server. Otherwise, HTTP server is run."`
    86  }
    87  
    88  // DefaultRPCConfig returns a default configuration for the RPC server
    89  func DefaultRPCConfig() *RPCConfig {
    90  	return &RPCConfig{
    91  		ListenAddress:          "tcp://127.0.0.1:26657",
    92  		CORSAllowedOrigins:     []string{"*"},
    93  		CORSAllowedMethods:     []string{http.MethodHead, http.MethodGet, http.MethodPost, http.MethodOptions},
    94  		CORSAllowedHeaders:     []string{"Origin", "Accept", "Content-Type", "X-Requested-With", "X-Server-Time"},
    95  		GRPCListenAddress:      "",
    96  		GRPCMaxOpenConnections: 900,
    97  
    98  		Unsafe:             false,
    99  		MaxOpenConnections: 900,
   100  
   101  		TimeoutBroadcastTxCommit: 10 * time.Second,
   102  
   103  		MaxBodyBytes:   int64(1000000), // 1MB
   104  		MaxHeaderBytes: 1 << 20,        // same as the net/http default
   105  
   106  		TLSCertFile: "",
   107  		TLSKeyFile:  "",
   108  	}
   109  }
   110  
   111  // TestRPCConfig returns a configuration for testing the RPC server
   112  func TestRPCConfig() *RPCConfig {
   113  	cfg := DefaultRPCConfig()
   114  	cfg.ListenAddress = "tcp://0.0.0.0:36657"
   115  	cfg.GRPCListenAddress = "tcp://0.0.0.0:36658"
   116  	cfg.Unsafe = true
   117  	return cfg
   118  }
   119  
   120  // ValidateBasic performs basic validation (checking param bounds, etc.) and
   121  // returns an error if any check fails.
   122  func (cfg *RPCConfig) ValidateBasic() error {
   123  	if cfg.GRPCMaxOpenConnections < 0 {
   124  		return errors.New("grpc_max_open_connections can't be negative")
   125  	}
   126  	if cfg.MaxOpenConnections < 0 {
   127  		return errors.New("max_open_connections can't be negative")
   128  	}
   129  	if cfg.TimeoutBroadcastTxCommit < 0 {
   130  		return errors.New("timeout_broadcast_tx_commit can't be negative")
   131  	}
   132  	if cfg.MaxBodyBytes < 0 {
   133  		return errors.New("max_body_bytes can't be negative")
   134  	}
   135  	if cfg.MaxHeaderBytes < 0 {
   136  		return errors.New("max_header_bytes can't be negative")
   137  	}
   138  	return nil
   139  }
   140  
   141  // IsCorsEnabled returns true if cross-origin resource sharing is enabled.
   142  // XXX review.
   143  func (cfg *RPCConfig) IsCorsEnabled() bool {
   144  	return len(cfg.CORSAllowedOrigins) != 0
   145  }
   146  
   147  func (cfg RPCConfig) KeyFile() string {
   148  	path := cfg.TLSKeyFile
   149  	if filepath.IsAbs(path) {
   150  		return path
   151  	}
   152  	return join(cfg.RootDir, filepath.Join(defaultConfigDir, path))
   153  }
   154  
   155  func (cfg RPCConfig) CertFile() string {
   156  	path := cfg.TLSCertFile
   157  	if filepath.IsAbs(path) {
   158  		return path
   159  	}
   160  	return join(cfg.RootDir, filepath.Join(defaultConfigDir, path))
   161  }
   162  
   163  func (cfg RPCConfig) IsTLSEnabled() bool {
   164  	return cfg.TLSCertFile != "" && cfg.TLSKeyFile != ""
   165  }
   166  
   167  // helper function to make config creation independent of root dir
   168  func join(root, path string) string {
   169  	if filepath.IsAbs(path) {
   170  		return path
   171  	}
   172  
   173  	return filepath.Join(root, path)
   174  }