fix: when guessing domain, double check domain returns right ip (#117)

This commit is contained in:
fryorcraken 2024-08-19 20:11:06 +10:00 committed by GitHub
parent bfc5762335
commit 0d83db25fc
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 52 additions and 40 deletions

92
run_node.sh Normal file → Executable file
View File

@ -2,10 +2,10 @@
echo "I am a nwaku node" echo "I am a nwaku node"
if test -n "${ETH_CLIENT_ADDRESS}" -o ; then if [ -n "${ETH_CLIENT_ADDRESS}" ] ; then
echo "ETH_CLIENT_ADDRESS variable was renamed to RLN_RELAY_ETH_CLIENT_ADDRESS" echo "ETH_CLIENT_ADDRESS variable was renamed to RLN_RELAY_ETH_CLIENT_ADDRESS"
echo "Please update your .env file" echo "Please update your .env file"
exit 1 exit 1
fi fi
if [ -z "${RLN_RELAY_ETH_CLIENT_ADDRESS}" ]; then if [ -z "${RLN_RELAY_ETH_CLIENT_ADDRESS}" ]; then
@ -17,14 +17,15 @@ MY_EXT_IP=$(wget -qO- https://api4.ipify.org)
DNS_WSS_CMD= DNS_WSS_CMD=
if [ -z "${DOMAIN}" ]; then if [ -z "${DOMAIN}" ]; then
echo "DOMAIN is unset, trying to guess it" echo "auto-domain: DOMAIN is unset, trying to guess it"
# Check if we have an IP # Check if we have an IP
IPCHECK=$(echo "${MY_EXT_IP}" | grep -c '^[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$') IPCHECK=$(echo "${MY_EXT_IP}" | grep -c '^[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$')
if [ "${IPCHECK}" -ne 1 ]; then if [ "${IPCHECK}" -ne 1 ]; then
echo "Failed to get ip, received: '${MY_EXT_IP}'" echo "Failed to get ip, received: '${MY_EXT_IP}'"
else else
echo "auto-domain: ip is '${MY_EXT_IP}'"
# TODO: Include this in nwaku docker image # TODO: Include this in nwaku docker image
apk update apk update
apk add bind-tools apk add bind-tools
@ -38,9 +39,20 @@ if [ -z "${DOMAIN}" ]; then
if [ "${DNSCHECK}" -ne 1 ]; then if [ "${DNSCHECK}" -ne 1 ]; then
echo "Failed to get DNS, received: '${DNS}'" echo "Failed to get DNS, received: '${DNS}'"
else else
DOMAIN=$(echo "${DNS}" | sed s/\.$//) DOMAIN=$(echo "${DNS}" | sed s/\.$//)
echo "DOMAIN deduced and set to ${DOMAIN}" echo "auto-domain: DOMAIN deduced and set to ${DOMAIN}"
fi
# Double check the domain is setup to return right IP
# OpenDNS servers are used to bypass /etc/hosts as it may return loopback address
DNS_IP=$(dig +short @208.67.222.222 "${DNS}")
if [ "${DNS_IP}" != "${MY_EXT_IP}" ]; then
echo "auto-domain: DNS queried returned a different ip: '${DNS_IP}', unsetting DOMAIN"
unset DOMAIN
else
echo "auto-domain: last verification successful, DOMAIN=${DOMAIN}"
fi
fi
fi fi
fi fi
@ -92,35 +104,35 @@ if [ -n "${STORAGE_SIZE}" ]; then
fi fi
exec /usr/bin/wakunode\ exec /usr/bin/wakunode\
--relay=true\ --relay=true\
--filter=true\ --filter=true\
--lightpush=true\ --lightpush=true\
--keep-alive=true\ --keep-alive=true\
--max-connections=150\ --max-connections=150\
--cluster-id=1\ --cluster-id=1\
--discv5-discovery=true\ --discv5-discovery=true\
--discv5-udp-port=9005\ --discv5-udp-port=9005\
--discv5-enr-auto-update=True\ --discv5-enr-auto-update=True\
--log-level=DEBUG\ --log-level=DEBUG\
--tcp-port=30304\ --tcp-port=30304\
--metrics-server=True\ --metrics-server=True\
--metrics-server-port=8003\ --metrics-server-port=8003\
--metrics-server-address=0.0.0.0\ --metrics-server-address=0.0.0.0\
--rest=true\ --rest=true\
--rest-admin=true\ --rest-admin=true\
--rest-address=0.0.0.0\ --rest-address=0.0.0.0\
--rest-port=8645\ --rest-port=8645\
--rest-allow-origin="waku-org.github.io"\ --rest-allow-origin="waku-org.github.io"\
--rest-allow-origin="localhost:*"\ --rest-allow-origin="localhost:*"\
--nat=extip:"${MY_EXT_IP}"\ --nat=extip:"${MY_EXT_IP}"\
--store=true\ --store=true\
--store-message-db-url="postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/postgres"\ --store-message-db-url="postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/postgres"\
--rln-relay-eth-client-address="${RLN_RELAY_ETH_CLIENT_ADDRESS}"\ --rln-relay-eth-client-address="${RLN_RELAY_ETH_CLIENT_ADDRESS}"\
--rln-relay-tree-path="/etc/rln_tree"\ --rln-relay-tree-path="/etc/rln_tree"\
"${RLN_RELAY_CRED_PATH}"\ "${RLN_RELAY_CRED_PATH}"\
"${RLN_RELAY_CRED_PASSWORD}"\ "${RLN_RELAY_CRED_PASSWORD}"\
${DNS_WSS_CMD}\ ${DNS_WSS_CMD}\
${NODEKEY}\ ${NODEKEY}\
${STORE_RETENTION_POLICY}\ ${STORE_RETENTION_POLICY}\
${EXTRA_ARGS} ${EXTRA_ARGS}