From 8dde304da533318f1bac51add1bed1e6367bbe48 Mon Sep 17 00:00:00 2001 From: positiveblue Date: Sun, 28 May 2023 14:31:41 -0700 Subject: [PATCH] config: support config for LNC connections --- config.go | 64 +++++++++++++++++++++++++++++++++++++++++++++--- sample-conf.yaml | 13 +++++++++- 2 files changed, 72 insertions(+), 5 deletions(-) diff --git a/config.go b/config.go index eaab3f5..c607d21 100644 --- a/config.go +++ b/config.go @@ -37,6 +37,10 @@ type EtcdConfig struct { } type AuthConfig struct { + Network string `long:"network" description:"The network LND is connected to." choice:"regtest" choice:"simnet" choice:"testnet" choice:"mainnet"` + + Disable bool `long:"disable" description:"Whether to disable auth."` + // LndHost is the hostname of the LND instance to connect to. LndHost string `long:"lndhost" description:"Hostname of the LND instance to connect to"` @@ -44,9 +48,17 @@ type AuthConfig struct { MacDir string `long:"macdir" description:"Directory containing LND instance's macaroons"` - Network string `long:"network" description:"The network LND is connected to." choice:"regtest" choice:"simnet" choice:"testnet" choice:"mainnet"` + // The one-time-use passphrase used to set up the connection. This field + // identifies the connection that will be used. + Passphrase string `long:"passphrase" description:"the lnc passphrase"` - Disable bool `long:"disable" description:"Whether to disable LND auth."` + // MailboxAddress is the address of the mailbox that the client will + // use for the LNC connection. + MailboxAddress string `long:"mailboxaddress" description:"the host:port of the mailbox server to be used"` + + // DevServer set to true to skip verification of the mailbox server's + // tls cert. + DevServer bool `long:"devserver" description:"set to true to skip verification of the server's tls cert."` } func (a *AuthConfig) validate() error { @@ -55,6 +67,30 @@ func (a *AuthConfig) validate() error { return nil } + switch { + // If LndHost is set we connect directly to the LND node. + case a.LndHost != "": + log.Info("Validating lnd configuration") + + if a.Passphrase != "" { + return errors.New("passphrase field cannot be set " + + "when connecting directly to the lnd node") + } + + return a.validateLNDAuth() + + // If Passphrase is set we connect to the LND node through LNC. + case a.Passphrase != "": + log.Info("Validating lnc configuration") + return a.validateLNCAuth() + + default: + return errors.New("invalid authenticator configuration") + } +} + +// validateLNDAuth validates the direct LND auth configuration. +func (a *AuthConfig) validateLNDAuth() error { if a.LndHost == "" { return errors.New("lnd host required") } @@ -70,6 +106,22 @@ func (a *AuthConfig) validate() error { return nil } +// validateLNCAuth validates the LNC auth configuration. +func (a *AuthConfig) validateLNCAuth() error { + switch { + case a.Passphrase == "": + return errors.New("lnc passphrase required") + + case a.MailboxAddress == "": + return errors.New("lnc mailbox address required") + + case a.Network == "": + return errors.New("lnc network required") + } + + return nil +} + type HashMailConfig struct { Enabled bool `long:"enabled"` MessageRate time.Duration `long:"messagerate" description:"The average minimum time that should pass between each message."` @@ -120,6 +172,8 @@ type Config struct { // Etcd is the configuration section for the Etcd database backend. Etcd *EtcdConfig `group:"etcd" namespace:"etcd"` + // Authenticator is the configuration section for connecting directly + // to the LND node. Authenticator *AuthConfig `group:"authenticator" namespace:"authenticator"` Tor *TorConfig `group:"tor" namespace:"tor"` @@ -151,8 +205,10 @@ type Config struct { } func (c *Config) validate() error { - if err := c.Authenticator.validate(); err != nil { - return err + if !c.Authenticator.Disable { + if err := c.Authenticator.validate(); err != nil { + return err + } } if c.ListenAddr == "" { diff --git a/sample-conf.yaml b/sample-conf.yaml index 48411d4..b01bca6 100644 --- a/sample-conf.yaml +++ b/sample-conf.yaml @@ -37,6 +37,18 @@ authenticator: # The chain network the lnd is active on. network: "simnet" + + # The LNC connection passphrase. + passphrase: "my-own-passphrase" + + # The host:port of the mailbox server to be used. + mailboxaddress: "mailbox.terminal.lightning.today:443" + + # Set to true to skip verification of the mailbox server's tls cert. + devserver: false + + # Set to true to disable any auth. + disable: false # The selected database backend. The current default backend is "sqlite". # Aperture also has support for postgres and etcd. @@ -65,7 +77,6 @@ postgres: # server. requireSSL: true - # Settings for the etcd instance which the proxy will use to reliably store and # retrieve token information. etcd: