e10981a7d3
Add TLS to config. Add server side encryption if it is configured so. Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
61 lines
1.2 KiB
Go
61 lines
1.2 KiB
Go
package main
|
|
|
|
import (
|
|
"fmt"
|
|
"net"
|
|
|
|
"github.com/nspcc-dev/neofs-node/pkg/util/logger"
|
|
"go.uber.org/zap"
|
|
"google.golang.org/grpc"
|
|
"google.golang.org/grpc/credentials"
|
|
)
|
|
|
|
func initGRPC(c *cfg) {
|
|
var err error
|
|
|
|
c.cfgGRPC.listener, err = net.Listen("tcp", c.viper.GetString(cfgListenAddress))
|
|
fatalOnErr(err)
|
|
|
|
serverOpts := []grpc.ServerOption{
|
|
grpc.MaxSendMsgSize(maxMsgSize),
|
|
}
|
|
|
|
if c.cfgGRPC.tlsEnabled {
|
|
creds, err := credentials.NewServerTLSFromFile(c.cfgGRPC.tlsCertFile, c.cfgGRPC.tlsKeyFile)
|
|
if err != nil {
|
|
fatalOnErr(fmt.Errorf("could not read credentionals from file: %w", err))
|
|
}
|
|
|
|
serverOpts = append(serverOpts, grpc.Creds(creds))
|
|
}
|
|
|
|
c.cfgGRPC.server = grpc.NewServer(serverOpts...)
|
|
|
|
c.onShutdown(func() {
|
|
stopGRPC("NeoFS Public API", c.cfgGRPC.server, c.log)
|
|
})
|
|
}
|
|
|
|
func serveGRPC(c *cfg) {
|
|
c.wg.Add(1)
|
|
|
|
go func() {
|
|
defer func() {
|
|
c.wg.Done()
|
|
}()
|
|
|
|
if err := c.cfgGRPC.server.Serve(c.cfgGRPC.listener); err != nil {
|
|
fmt.Println("gRPC server error", err)
|
|
}
|
|
}()
|
|
}
|
|
|
|
func stopGRPC(name string, s *grpc.Server, l *logger.Logger) {
|
|
l = l.With(zap.String("name", name))
|
|
|
|
l.Info("stopping gRPC server...")
|
|
|
|
s.GracefulStop()
|
|
|
|
l.Info("gRPC server stopped successfully")
|
|
}
|