lnd: remove global cfg variable
This commit is contained in:
parent
50e86f88fe
commit
4261d3f5af
@ -719,7 +719,9 @@ func (c *chainRegistry) NumActiveChains() uint32 {
|
|||||||
|
|
||||||
// initNeutrinoBackend inits a new instance of the neutrino light client
|
// initNeutrinoBackend inits a new instance of the neutrino light client
|
||||||
// backend given a target chain directory to store the chain state.
|
// backend given a target chain directory to store the chain state.
|
||||||
func initNeutrinoBackend(chainDir string) (*neutrino.ChainService, func(), error) {
|
func initNeutrinoBackend(cfg *Config, chainDir string) (*neutrino.ChainService,
|
||||||
|
func(), error) {
|
||||||
|
|
||||||
// First we'll open the database file for neutrino, creating the
|
// First we'll open the database file for neutrino, creating the
|
||||||
// database if needed. We append the normalized network name here to
|
// database if needed. We append the normalized network name here to
|
||||||
// match the behavior of btcwallet.
|
// match the behavior of btcwallet.
|
||||||
|
55
lnd.go
55
lnd.go
@ -51,16 +51,12 @@ import (
|
|||||||
"github.com/lightningnetwork/lnd/watchtower/wtdb"
|
"github.com/lightningnetwork/lnd/watchtower/wtdb"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
|
||||||
cfg *Config
|
|
||||||
)
|
|
||||||
|
|
||||||
// WalletUnlockerAuthOptions returns a list of DialOptions that can be used to
|
// WalletUnlockerAuthOptions returns a list of DialOptions that can be used to
|
||||||
// authenticate with the wallet unlocker service.
|
// authenticate with the wallet unlocker service.
|
||||||
//
|
//
|
||||||
// NOTE: This should only be called after the WalletUnlocker listener has
|
// NOTE: This should only be called after the WalletUnlocker listener has
|
||||||
// signaled it is ready.
|
// signaled it is ready.
|
||||||
func WalletUnlockerAuthOptions() ([]grpc.DialOption, error) {
|
func WalletUnlockerAuthOptions(cfg *Config) ([]grpc.DialOption, error) {
|
||||||
creds, err := credentials.NewClientTLSFromFile(cfg.TLSCertPath, "")
|
creds, err := credentials.NewClientTLSFromFile(cfg.TLSCertPath, "")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("unable to read TLS cert: %v", err)
|
return nil, fmt.Errorf("unable to read TLS cert: %v", err)
|
||||||
@ -79,7 +75,7 @@ func WalletUnlockerAuthOptions() ([]grpc.DialOption, error) {
|
|||||||
//
|
//
|
||||||
// NOTE: This should only be called after the RPCListener has signaled it is
|
// NOTE: This should only be called after the RPCListener has signaled it is
|
||||||
// ready.
|
// ready.
|
||||||
func AdminAuthOptions() ([]grpc.DialOption, error) {
|
func AdminAuthOptions(cfg *Config) ([]grpc.DialOption, error) {
|
||||||
creds, err := credentials.NewClientTLSFromFile(cfg.TLSCertPath, "")
|
creds, err := credentials.NewClientTLSFromFile(cfg.TLSCertPath, "")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("unable to read TLS cert: %v", err)
|
return nil, fmt.Errorf("unable to read TLS cert: %v", err)
|
||||||
@ -192,8 +188,7 @@ type rpcListeners func() ([]*ListenerWithSignal, func(), error)
|
|||||||
// validated main configuration struct and an optional listener config struct.
|
// validated main configuration struct and an optional listener config struct.
|
||||||
// This function starts all main system components then blocks until a signal
|
// This function starts all main system components then blocks until a signal
|
||||||
// is received on the shutdownChan at which point everything is shut down again.
|
// is received on the shutdownChan at which point everything is shut down again.
|
||||||
func Main(config *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) error {
|
func Main(cfg *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) error {
|
||||||
cfg = config
|
|
||||||
defer func() {
|
defer func() {
|
||||||
ltndLog.Info("Shutdown complete")
|
ltndLog.Info("Shutdown complete")
|
||||||
err := RootLogWriter.Close()
|
err := RootLogWriter.Close()
|
||||||
@ -289,10 +284,7 @@ func Main(config *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) erro
|
|||||||
ctx, cancel := context.WithCancel(ctx)
|
ctx, cancel := context.WithCancel(ctx)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
tlsCfg, restCreds, restProxyDest, err := getTLSConfig(
|
tlsCfg, restCreds, restProxyDest, err := getTLSConfig(cfg)
|
||||||
cfg.TLSCertPath, cfg.TLSKeyPath, cfg.TLSExtraIPs,
|
|
||||||
cfg.TLSExtraDomains, cfg.RPCListeners,
|
|
||||||
)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
err := fmt.Errorf("unable to load TLS credentials: %v", err)
|
err := fmt.Errorf("unable to load TLS credentials: %v", err)
|
||||||
ltndLog.Error(err)
|
ltndLog.Error(err)
|
||||||
@ -324,7 +316,7 @@ func Main(config *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) erro
|
|||||||
var neutrinoCS *neutrino.ChainService
|
var neutrinoCS *neutrino.ChainService
|
||||||
if mainChain.Node == "neutrino" {
|
if mainChain.Node == "neutrino" {
|
||||||
neutrinoBackend, neutrinoCleanUp, err := initNeutrinoBackend(
|
neutrinoBackend, neutrinoCleanUp, err := initNeutrinoBackend(
|
||||||
mainChain.ChainDir,
|
cfg, mainChain.ChainDir,
|
||||||
)
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
err := fmt.Errorf("unable to initialize neutrino "+
|
err := fmt.Errorf("unable to initialize neutrino "+
|
||||||
@ -398,7 +390,7 @@ func Main(config *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) erro
|
|||||||
// for wallet encryption.
|
// for wallet encryption.
|
||||||
if !cfg.NoSeedBackup {
|
if !cfg.NoSeedBackup {
|
||||||
params, err := waitForWalletPassword(
|
params, err := waitForWalletPassword(
|
||||||
cfg.RESTListeners, serverOpts, restDialOpts,
|
cfg, cfg.RESTListeners, serverOpts, restDialOpts,
|
||||||
restProxyDest, tlsCfg, walletUnlockerListeners,
|
restProxyDest, tlsCfg, walletUnlockerListeners,
|
||||||
)
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -773,16 +765,15 @@ func Main(config *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) erro
|
|||||||
|
|
||||||
// getTLSConfig returns a TLS configuration for the gRPC server and credentials
|
// getTLSConfig returns a TLS configuration for the gRPC server and credentials
|
||||||
// and a proxy destination for the REST reverse proxy.
|
// and a proxy destination for the REST reverse proxy.
|
||||||
func getTLSConfig(tlsCertPath string, tlsKeyPath string, tlsExtraIPs,
|
func getTLSConfig(cfg *Config) (*tls.Config, *credentials.TransportCredentials,
|
||||||
tlsExtraDomains []string, rpcListeners []net.Addr) (*tls.Config,
|
string, error) {
|
||||||
*credentials.TransportCredentials, string, error) {
|
|
||||||
|
|
||||||
// Ensure we create TLS key and certificate if they don't exist.
|
// Ensure we create TLS key and certificate if they don't exist.
|
||||||
if !fileExists(tlsCertPath) && !fileExists(tlsKeyPath) {
|
if !fileExists(cfg.TLSCertPath) && !fileExists(cfg.TLSKeyPath) {
|
||||||
rpcsLog.Infof("Generating TLS certificates...")
|
rpcsLog.Infof("Generating TLS certificates...")
|
||||||
err := cert.GenCertPair(
|
err := cert.GenCertPair(
|
||||||
"lnd autogenerated cert", tlsCertPath, tlsKeyPath,
|
"lnd autogenerated cert", cfg.TLSCertPath,
|
||||||
tlsExtraIPs, tlsExtraDomains,
|
cfg.TLSKeyPath, cfg.TLSExtraIPs, cfg.TLSExtraDomains,
|
||||||
cert.DefaultAutogenValidity,
|
cert.DefaultAutogenValidity,
|
||||||
)
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -791,7 +782,9 @@ func getTLSConfig(tlsCertPath string, tlsKeyPath string, tlsExtraIPs,
|
|||||||
rpcsLog.Infof("Done generating TLS certificates")
|
rpcsLog.Infof("Done generating TLS certificates")
|
||||||
}
|
}
|
||||||
|
|
||||||
certData, parsedCert, err := cert.LoadCert(tlsCertPath, tlsKeyPath)
|
certData, parsedCert, err := cert.LoadCert(
|
||||||
|
cfg.TLSCertPath, cfg.TLSKeyPath,
|
||||||
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, "", err
|
return nil, nil, "", err
|
||||||
}
|
}
|
||||||
@ -803,7 +796,7 @@ func getTLSConfig(tlsCertPath string, tlsKeyPath string, tlsExtraIPs,
|
|||||||
refresh := false
|
refresh := false
|
||||||
if cfg.TLSAutoRefresh {
|
if cfg.TLSAutoRefresh {
|
||||||
refresh, err = cert.IsOutdated(
|
refresh, err = cert.IsOutdated(
|
||||||
parsedCert, tlsExtraIPs, tlsExtraDomains,
|
parsedCert, cfg.TLSExtraIPs, cfg.TLSExtraDomains,
|
||||||
)
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, "", err
|
return nil, nil, "", err
|
||||||
@ -816,20 +809,20 @@ func getTLSConfig(tlsCertPath string, tlsKeyPath string, tlsExtraIPs,
|
|||||||
ltndLog.Info("TLS certificate is expired or outdated, " +
|
ltndLog.Info("TLS certificate is expired or outdated, " +
|
||||||
"generating a new one")
|
"generating a new one")
|
||||||
|
|
||||||
err := os.Remove(tlsCertPath)
|
err := os.Remove(cfg.TLSCertPath)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, "", err
|
return nil, nil, "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
err = os.Remove(tlsKeyPath)
|
err = os.Remove(cfg.TLSKeyPath)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, "", err
|
return nil, nil, "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
rpcsLog.Infof("Renewing TLS certificates...")
|
rpcsLog.Infof("Renewing TLS certificates...")
|
||||||
err = cert.GenCertPair(
|
err = cert.GenCertPair(
|
||||||
"lnd autogenerated cert", tlsCertPath, tlsKeyPath,
|
"lnd autogenerated cert", cfg.TLSCertPath,
|
||||||
tlsExtraIPs, tlsExtraDomains,
|
cfg.TLSKeyPath, cfg.TLSExtraIPs, cfg.TLSExtraDomains,
|
||||||
cert.DefaultAutogenValidity,
|
cert.DefaultAutogenValidity,
|
||||||
)
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -838,19 +831,21 @@ func getTLSConfig(tlsCertPath string, tlsKeyPath string, tlsExtraIPs,
|
|||||||
rpcsLog.Infof("Done renewing TLS certificates")
|
rpcsLog.Infof("Done renewing TLS certificates")
|
||||||
|
|
||||||
// Reload the certificate data.
|
// Reload the certificate data.
|
||||||
certData, _, err = cert.LoadCert(tlsCertPath, tlsKeyPath)
|
certData, _, err = cert.LoadCert(
|
||||||
|
cfg.TLSCertPath, cfg.TLSKeyPath,
|
||||||
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, "", err
|
return nil, nil, "", err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
tlsCfg := cert.TLSConfFromCert(certData)
|
tlsCfg := cert.TLSConfFromCert(certData)
|
||||||
restCreds, err := credentials.NewClientTLSFromFile(tlsCertPath, "")
|
restCreds, err := credentials.NewClientTLSFromFile(cfg.TLSCertPath, "")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, "", err
|
return nil, nil, "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
restProxyDest := rpcListeners[0].String()
|
restProxyDest := cfg.RPCListeners[0].String()
|
||||||
switch {
|
switch {
|
||||||
case strings.Contains(restProxyDest, "0.0.0.0"):
|
case strings.Contains(restProxyDest, "0.0.0.0"):
|
||||||
restProxyDest = strings.Replace(
|
restProxyDest = strings.Replace(
|
||||||
@ -967,7 +962,7 @@ type WalletUnlockParams struct {
|
|||||||
// waitForWalletPassword will spin up gRPC and REST endpoints for the
|
// waitForWalletPassword will spin up gRPC and REST endpoints for the
|
||||||
// WalletUnlocker server, and block until a password is provided by
|
// WalletUnlocker server, and block until a password is provided by
|
||||||
// the user to this RPC server.
|
// the user to this RPC server.
|
||||||
func waitForWalletPassword(restEndpoints []net.Addr,
|
func waitForWalletPassword(cfg *Config, restEndpoints []net.Addr,
|
||||||
serverOpts []grpc.ServerOption, restDialOpts []grpc.DialOption,
|
serverOpts []grpc.ServerOption, restDialOpts []grpc.DialOption,
|
||||||
restProxyDest string, tlsConf *tls.Config,
|
restProxyDest string, tlsConf *tls.Config,
|
||||||
getListeners rpcListeners) (*WalletUnlockParams, error) {
|
getListeners rpcListeners) (*WalletUnlockParams, error) {
|
||||||
|
@ -114,7 +114,12 @@ func TestTLSAutoRegeneration(t *testing.T) {
|
|||||||
|
|
||||||
// Now let's run getTLSConfig. If it works properly, it should delete
|
// Now let's run getTLSConfig. If it works properly, it should delete
|
||||||
// the cert and create a new one.
|
// the cert and create a new one.
|
||||||
_, _, _, err = getTLSConfig(certPath, keyPath, nil, nil, rpcListeners)
|
cfg := &Config{
|
||||||
|
TLSCertPath: certPath,
|
||||||
|
TLSKeyPath: keyPath,
|
||||||
|
RPCListeners: rpcListeners,
|
||||||
|
}
|
||||||
|
_, _, _, err = getTLSConfig(cfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("couldn't retrieve TLS config")
|
t.Fatalf("couldn't retrieve TLS config")
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user