rpc: support https
Allow to start TLS RPC server on a separate port. Closes #702.
This commit is contained in:
parent
93236e0cfa
commit
dfbb84ef38
5 changed files with 62 additions and 2 deletions
|
@ -111,6 +111,16 @@ type (
|
|||
// MaxGasInvoke is a maximum amount of gas which
|
||||
// can be spent during RPC call.
|
||||
MaxGasInvoke util.Fixed8 `yaml:"MaxGasInvoke"`
|
||||
TLSConfig TLSConfig `yaml:"TLSConfig"`
|
||||
}
|
||||
|
||||
// TLSConfig describes SSL/TLS configuration.
|
||||
TLSConfig struct {
|
||||
Enabled bool `yaml:"Enabled"`
|
||||
Address string `yaml:"Address"`
|
||||
Port uint16 `yaml:"Port"`
|
||||
CertFile string `yaml:"CertFile"`
|
||||
KeyFile string `yaml:"KeyFile"`
|
||||
}
|
||||
|
||||
// NetMode describes the mode the blockchain will operate on.
|
||||
|
|
|
@ -65,6 +65,11 @@ ApplicationConfiguration:
|
|||
Enabled: true
|
||||
EnableCORSWorkaround: false
|
||||
Port: 10332
|
||||
TLSConfig:
|
||||
Enabled: false
|
||||
Port: 10331
|
||||
CertFile: serv.crt
|
||||
KeyFile: serv.key
|
||||
Prometheus:
|
||||
Enabled: true
|
||||
Port: 2112
|
||||
|
|
|
@ -51,6 +51,11 @@ ApplicationConfiguration:
|
|||
Enabled: true
|
||||
EnableCORSWorkaround: false
|
||||
Port: 20331
|
||||
TLSConfig:
|
||||
Enabled: false
|
||||
Port: 20330
|
||||
CertFile: serv.crt
|
||||
KeyFile: serv.key
|
||||
Prometheus:
|
||||
Enabled: true
|
||||
Port: 2112
|
||||
|
|
|
@ -65,6 +65,11 @@ ApplicationConfiguration:
|
|||
Enabled: true
|
||||
EnableCORSWorkaround: false
|
||||
Port: 20332
|
||||
TLSConfig:
|
||||
Enabled: false
|
||||
Port: 20331
|
||||
CertFile: serv.crt
|
||||
KeyFile: serv.key
|
||||
Prometheus:
|
||||
Enabled: true
|
||||
Port: 2112
|
||||
|
|
|
@ -6,6 +6,7 @@ import (
|
|||
"encoding/json"
|
||||
"fmt"
|
||||
"math"
|
||||
"net"
|
||||
"net/http"
|
||||
"strconv"
|
||||
|
||||
|
@ -37,6 +38,7 @@ type (
|
|||
config config.RPCConfig
|
||||
coreServer *network.Server
|
||||
log *zap.Logger
|
||||
https *http.Server
|
||||
}
|
||||
)
|
||||
|
||||
|
@ -50,12 +52,20 @@ func New(chain core.Blockchainer, conf config.RPCConfig, coreServer *network.Ser
|
|||
Addr: conf.Address + ":" + strconv.FormatUint(uint64(conf.Port), 10),
|
||||
}
|
||||
|
||||
var tlsServer *http.Server
|
||||
if cfg := conf.TLSConfig; cfg.Enabled {
|
||||
tlsServer = &http.Server{
|
||||
Addr: net.JoinHostPort(cfg.Address, strconv.FormatUint(uint64(cfg.Port), 10)),
|
||||
}
|
||||
}
|
||||
|
||||
return Server{
|
||||
Server: httpServer,
|
||||
chain: chain,
|
||||
config: conf,
|
||||
coreServer: coreServer,
|
||||
log: log,
|
||||
https: tlsServer,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -69,14 +79,39 @@ func (s *Server) Start(errChan chan error) {
|
|||
s.Handler = http.HandlerFunc(s.requestHandler)
|
||||
s.log.Info("starting rpc-server", zap.String("endpoint", s.Addr))
|
||||
|
||||
errChan <- s.ListenAndServe()
|
||||
if cfg := s.config.TLSConfig; cfg.Enabled {
|
||||
s.https.Handler = http.HandlerFunc(s.requestHandler)
|
||||
s.log.Info("starting rpc-server (https)", zap.String("endpoint", s.https.Addr))
|
||||
go func() {
|
||||
err := s.https.ListenAndServeTLS(cfg.CertFile, cfg.KeyFile)
|
||||
if err != nil {
|
||||
s.log.Error("failed to start TLS RPC server", zap.Error(err))
|
||||
}
|
||||
errChan <- err
|
||||
}()
|
||||
}
|
||||
err := s.ListenAndServe()
|
||||
if err != nil {
|
||||
s.log.Error("failed to start RPC server", zap.Error(err))
|
||||
}
|
||||
errChan <- err
|
||||
}
|
||||
|
||||
// Shutdown overrides the http.Server Shutdown
|
||||
// method.
|
||||
func (s *Server) Shutdown() error {
|
||||
var httpsErr error
|
||||
if s.config.TLSConfig.Enabled {
|
||||
s.log.Info("shutting down rpc-server (https)", zap.String("endpoint", s.https.Addr))
|
||||
httpsErr = s.https.Shutdown(context.Background())
|
||||
}
|
||||
|
||||
s.log.Info("shutting down rpc-server", zap.String("endpoint", s.Addr))
|
||||
return s.Server.Shutdown(context.Background())
|
||||
err := s.Server.Shutdown(context.Background())
|
||||
if err == nil {
|
||||
return httpsErr
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
func (s *Server) requestHandler(w http.ResponseWriter, httpRequest *http.Request) {
|
||||
|
|
Loading…
Reference in a new issue