cmd/geth: make authrpc listening address settable from command line (#24522)

The default listening address "localhost" is not sufficient when running
geth in Docker.
This commit is contained in:
Felix Lange 2022-03-09 14:45:39 +01:00 committed by GitHub
parent 65ed1a6871
commit 5079e3c6e5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 25 additions and 8 deletions

View File

@ -165,6 +165,7 @@ var (
utils.HTTPListenAddrFlag,
utils.HTTPPortFlag,
utils.HTTPCORSDomainFlag,
utils.AuthHostFlag,
utils.AuthPortFlag,
utils.JWTSecretFlag,
utils.HTTPVirtualHostsFlag,

View File

@ -136,7 +136,6 @@ var AppHelpFlagGroups = []flags.FlagGroup{
Flags: []cli.Flag{
utils.IPCDisabledFlag,
utils.IPCPathFlag,
utils.JWTSecretFlag,
utils.HTTPEnabledFlag,
utils.HTTPListenAddrFlag,
utils.HTTPPortFlag,
@ -150,6 +149,9 @@ var AppHelpFlagGroups = []flags.FlagGroup{
utils.WSApiFlag,
utils.WSPathPrefixFlag,
utils.WSAllowedOriginsFlag,
utils.JWTSecretFlag,
utils.AuthHostFlag,
utils.AuthPortFlag,
utils.GraphQLEnabledFlag,
utils.GraphQLCORSDomainFlag,
utils.GraphQLVirtualHostsFlag,

View File

@ -522,11 +522,16 @@ var (
Usage: "Sets a cap on transaction fee (in ether) that can be sent via the RPC APIs (0 = no cap)",
Value: ethconfig.Defaults.RPCTxFeeCap,
}
// Authenticated port settings
// Authenticated RPC HTTP settings
AuthHostFlag = cli.StringFlag{
Name: "authrpc.host",
Usage: "Listening address for authenticated APIs",
Value: node.DefaultConfig.AuthHost,
}
AuthPortFlag = cli.IntFlag{
Name: "authrpc.port",
Usage: "Listening port for authenticated APIs",
Value: node.DefaultAuthPort,
Value: node.DefaultConfig.AuthPort,
}
JWTSecretFlag = cli.StringFlag{
Name: "authrpc.jwtsecret",
@ -965,6 +970,9 @@ func setHTTP(ctx *cli.Context, cfg *node.Config) {
cfg.HTTPPort = ctx.GlobalInt(HTTPPortFlag.Name)
}
if ctx.GlobalIsSet(AuthHostFlag.Name) {
cfg.AuthHost = ctx.GlobalString(AuthHostFlag.Name)
}
if ctx.GlobalIsSet(AuthPortFlag.Name) {
cfg.AuthPort = ctx.GlobalInt(AuthPortFlag.Name)
}

View File

@ -113,9 +113,6 @@ type Config struct {
// for ephemeral nodes).
HTTPPort int `toml:",omitempty"`
// Authport is the port number on which the authenticated API is provided.
AuthPort int `toml:",omitempty"`
// HTTPCors is the Cross-Origin Resource Sharing header to send to requesting
// clients. Please be aware that CORS is a browser enforced security, it's fully
// useless for custom HTTP clients.
@ -142,6 +139,12 @@ type Config struct {
// HTTPPathPrefix specifies a path prefix on which http-rpc is to be served.
HTTPPathPrefix string `toml:",omitempty"`
// AuthHost is the listening address on which authenticated APIs are provided.
AuthHost string `toml:",omitempty"`
// AuthPort is the port number on which authenticated APIs are provided.
AuthPort int `toml:",omitempty"`
// WSHost is the host interface on which to start the websocket RPC server. If
// this field is empty, no websocket API endpoint will be started.
WSHost string

View File

@ -50,6 +50,7 @@ var (
var DefaultConfig = Config{
DataDir: DefaultDataDir(),
HTTPPort: DefaultHTTPPort,
AuthHost: DefaultAuthHost,
AuthPort: DefaultAuthPort,
HTTPModules: []string{"net", "web3"},
HTTPVirtualHosts: []string{"localhost"},

View File

@ -419,6 +419,7 @@ func (n *Node) startRPC() error {
servers = append(servers, server)
return nil
}
initWS := func(apis []rpc.API, port int) error {
server := n.wsServerForPort(port, false)
if err := server.setListenAddr(n.config.WSHost, port); err != nil {
@ -438,7 +439,7 @@ func (n *Node) startRPC() error {
initAuth := func(apis []rpc.API, port int, secret []byte) error {
// Enable auth via HTTP
server := n.httpAuth
if err := server.setListenAddr(DefaultAuthHost, port); err != nil {
if err := server.setListenAddr(n.config.AuthHost, port); err != nil {
return err
}
if err := server.enableRPC(apis, httpConfig{
@ -453,7 +454,7 @@ func (n *Node) startRPC() error {
servers = append(servers, server)
// Enable auth via WS
server = n.wsServerForPort(port, true)
if err := server.setListenAddr(DefaultAuthHost, port); err != nil {
if err := server.setListenAddr(n.config.AuthHost, port); err != nil {
return err
}
if err := server.enableWS(apis, wsConfig{
@ -467,6 +468,7 @@ func (n *Node) startRPC() error {
servers = append(servers, server)
return nil
}
// Set up HTTP.
if n.config.HTTPHost != "" {
// Configure legacy unauthenticated HTTP.