diff --git a/install/generator-cyphernode/generators/app/index.js b/install/generator-cyphernode/generators/app/index.js index 622b837..1a4bf0e 100644 --- a/install/generator-cyphernode/generators/app/index.js +++ b/install/generator-cyphernode/generators/app/index.js @@ -1,4 +1,3 @@ -'use strict'; const Generator = require('yeoman-generator'); const chalk = require('chalk'); const wrap = require('wrap-ansi'); @@ -191,8 +190,8 @@ module.exports = class extends Generator { return; } - // save auth key password to check if it changed - this.auth_clientkeyspassword = this.props.auth_clientkeyspassword; + // save gatekeeper key password to check if it changed + this.gatekeeper_clientkeyspassword = this.props.gatekeeper_clientkeyspassword; let r = await this.prompt([{ type: 'confirm', @@ -219,9 +218,9 @@ module.exports = class extends Generator { async configuring() { - if( this.props.auth_recreatekeys || - this.props.auth_keys.configEntries.length===0 ) { - delete this.props.auth_recreatekeys; + if( this.props.gatekeeper_recreatekeys || + this.props.gatekeeper_keys.configEntries.length===0 ) { + delete this.props.gatekeeper_recreatekeys; const apikey = new ApiKey(); let configEntries = []; @@ -245,7 +244,7 @@ module.exports = class extends Generator { configEntries.push(apikey.getConfigEntry()); clientInformation.push(apikey.getClientInformation()); - this.props.auth_keys = { + this.props.gatekeeper_keys = { configEntries: configEntries, clientInformation: clientInformation } @@ -272,15 +271,15 @@ module.exports = class extends Generator { } } - if( this.props.auth_keys && this.props.auth_keys.clientInformation ) { + if( this.props.gatekeeper_keys && this.props.gatekeeper_keys.clientInformation ) { - if( this.auth_clientkeyspassword !== this.props.auth_clientkeyspassword ) { + if( this.gatekeeper_clientkeyspassword !== this.props.gatekeeper_clientkeyspassword ) { fs.unlinkSync( this.destinationPath('clientKeys.7z') ); } - const archive = new Archive( this.destinationPath('clientKeys.7z'), this.props.auth_clientkeyspassword ); - if( !await archive.writeEntry( 'keys.txt', this.props.auth_keys.clientInformation.join('\n') ) ) { - console.log(chalk.bold.red( 'error! Client auth key archive was not written' )); + const archive = new Archive( this.destinationPath('clientKeys.7z'), this.props.gatekeeper_clientkeyspassword ); + if( !await archive.writeEntry( 'keys.txt', this.props.gatekeeper_keys.clientInformation.join('\n') ) ) { + console.log(chalk.bold.red( 'error! Client gatekeeper key archive was not written' )); } } @@ -293,9 +292,9 @@ module.exports = class extends Generator { _hasAuthKeys() { return this.props && - this.props.auth_keys && - this.props.auth_keys.configEntries && - this.props.auth_keys.configEntries.length > 0; + this.props.gatekeeper_keys && + this.props.gatekeeper_keys.configEntries && + this.props.gatekeeper_keys.configEntries.length > 0; } _assignConfigDefaults() { @@ -318,9 +317,9 @@ module.exports = class extends Generator { bitcoin_node_ip: '', bitcoin_mode: 'internal', bitcoin_expose: false, - auth_apiproperties: defaultAPIProperties, - auth_ipwhitelist: '', - auth_keys: { configEntries: [], clientInformation: [] }, + gatekeeper_apiproperties: defaultAPIProperties, + gatekeeper_ipwhitelist: '', + gatekeeper_keys: { configEntries: [], clientInformation: [] }, proxy_datapath: '', lightning_implementation: 'c-lightning', lightning_datapath: '', diff --git a/install/generator-cyphernode/generators/app/lib/help.js b/install/generator-cyphernode/generators/app/lib/help.js deleted file mode 100644 index 4d70ea6..0000000 --- a/install/generator-cyphernode/generators/app/lib/help.js +++ /dev/null @@ -1,69 +0,0 @@ -const chalk = require('chalk'); -const wrap = require('wrap-ansi'); - -module.exports = { - text: function( topic ) { - let r=wrap('Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam', 82); - switch( topic ) { - case 'features': - break; - case 'net': - break; - case 'username': - break; - case 'xpub': - break; - case 'derivation_path': - break; - case 'auth_clientkeyspassword': - break; - case 'auth_recreatekeys': - break; - case 'auth_edit_ipwhitelist': - break; - case 'auth_ipwhitelist': - break; - case 'auth_edit_apiproperties': - break; - case 'auth_apiproperties': - break; - case 'bitcoin_mode': - break; - case 'bitcoin_node_ip': - break; - case 'bitcoin_rpcuser': - break; - case 'bitcoin_rpcpassword': - break; - case 'bitcoin_prune': - break; - case 'bitcoin_uacomment': - break; - case 'lightning_implementation': - break; - case 'lightning_external_ip': - break; - case 'lightning_nodename': - break; - case 'lightning_nodecolor': - break; - case 'electrum_implementation': - break; - case 'proxy_datapath': - break; - case 'bitcoin_datapath': - break; - case 'lightning_datapath': - break; - case 'bitcoin_expose': - break; - case 'docker_mode': - break; - } - return r; - } -} - - - - \ No newline at end of file diff --git a/install/generator-cyphernode/generators/app/prompters/010_authapi.js b/install/generator-cyphernode/generators/app/prompters/010_authapi.js deleted file mode 100644 index 499dd52..0000000 --- a/install/generator-cyphernode/generators/app/prompters/010_authapi.js +++ /dev/null @@ -1,72 +0,0 @@ -const chalk = require('chalk'); - -const name = 'authentication'; - -const capitalise = function( txt ) { - return txt.charAt(0).toUpperCase() + txt.substr(1); -}; - -const prefix = function() { - return chalk.bold.red(capitalise(name)+': '); -}; - -module.exports = { - name: function() { - return name; - }, - prompts: function( utils ) { - // TODO: delete clientKeys archive when password chnages - return [{ - type: 'password', - name: 'auth_clientkeyspassword', - default: utils._getDefault( 'auth_clientkeyspassword' ), - message: prefix()+'Enter a password to protect your client keys with'+utils._getHelp('auth_clientkeyspassword'), - filter: utils._trimFilter, - validate: utils._notEmptyValidator - }, - { - when: utils._hasAuthKeys, - type: 'confirm', - name: 'auth_recreatekeys', - default: false, - message: prefix()+'Recreate auth keys?'+utils._getHelp('auth_recreatekeys') - }, - { - type: 'confirm', - name: 'auth_edit_ipwhitelist', - default: false, - message: prefix()+'Edit IP whitelist?'+utils._getHelp('auth_edit_ipwhitelist') - }, - { - when: function( props ) { - const r = props.auth_edit_ipwhitelist; - delete props.auth_edit_ipwhitelist; - return r; - }, - type: 'editor', - name: 'auth_ipwhitelist', - message: prefix()+'IP whitelist'+utils._getHelp('auth_ipwhitelist'), - default: utils._getDefault( 'auth_ipwhitelist' ) - }, - { - type: 'confirm', - name: 'auth_edit_apiproperties', - default: false, - message: prefix()+'Edit API properties?'+utils._getHelp('auth_edit_apiproperties') - }, - { - when: function( props ) { - const r = props.auth_edit_apiproperties; - delete props.auth_edit_apiproperties; - return r; - }, - type: 'editor', - name: 'auth_apiproperties', - message: prefix()+'API properties'+utils._getHelp('auth_apiproperties'), - default: utils._getDefault( 'auth_apiproperties' ) - }]; - }, - templates: function( props ) { - return [ 'keys.properties', 'api.properties', 'ip-whitelist.conf' ]; - } -}; \ No newline at end of file diff --git a/install/generator-cyphernode/generators/app/prompters/010_gatekeeper.js b/install/generator-cyphernode/generators/app/prompters/010_gatekeeper.js new file mode 100644 index 0000000..3f0beb7 --- /dev/null +++ b/install/generator-cyphernode/generators/app/prompters/010_gatekeeper.js @@ -0,0 +1,72 @@ +const chalk = require('chalk'); + +const name = 'gatekeeper'; + +const capitalise = function( txt ) { + return txt.charAt(0).toUpperCase() + txt.substr(1); +}; + +const prefix = function() { + return chalk.bold.red(capitalise(name)+': '); +}; + +module.exports = { + name: function() { + return name; + }, + prompts: function( utils ) { + // TODO: delete clientKeys archive when password chnages + return [{ + type: 'password', + name: 'gatekeeper_clientkeyspassword', + default: utils._getDefault( 'gatekeeper_clientkeyspassword' ), + message: prefix()+'Enter a password to protect your client keys with'+utils._getHelp('gatekeeper_clientkeyspassword'), + filter: utils._trimFilter, + validate: utils._notEmptyValidator + }, + { + when: utils._hasAuthKeys, + type: 'confirm', + name: 'gatekeeper_recreatekeys', + default: false, + message: prefix()+'Recreate gatekeeper keys?'+utils._getHelp('gatekeeper_recreatekeys') + }, + { + type: 'confirm', + name: 'gatekeeper_edit_ipwhitelist', + default: false, + message: prefix()+'Edit IP whitelist?'+utils._getHelp('gatekeeper_edit_ipwhitelist') + }, + { + when: function( props ) { + const r = props.gatekeeper_edit_ipwhitelist; + delete props.gatekeeper_edit_ipwhitelist; + return r; + }, + type: 'editor', + name: 'gatekeeper_ipwhitelist', + message: utils._getHelp('gatekeeper_ipwhitelist')||' ', + default: utils._getDefault( 'gatekeeper_ipwhitelist' ) + }, + { + type: 'confirm', + name: 'gatekeeper_edit_apiproperties', + default: false, + message: prefix()+'Edit API properties?'+utils._getHelp('gatekeeper_edit_apiproperties') + }, + { + when: function( props ) { + const r = props.gatekeeper_edit_apiproperties; + delete props.gatekeeper_edit_apiproperties; + return r; + }, + type: 'editor', + name: 'gatekeeper_apiproperties', + message: utils._getHelp('gatekeeper_apiproperties')||' ', + default: utils._getDefault( 'gatekeeper_apiproperties' ) + }]; + }, + templates: function( props ) { + return [ 'keys.properties', 'api.properties', 'ip-whitelist.conf' ]; + } +}; \ No newline at end of file diff --git a/install/generator-cyphernode/generators/app/prompters/999_installer.js b/install/generator-cyphernode/generators/app/prompters/999_installer.js index 7f4d7f2..355fbb8 100644 --- a/install/generator-cyphernode/generators/app/prompters/999_installer.js +++ b/install/generator-cyphernode/generators/app/prompters/999_installer.js @@ -40,6 +40,15 @@ module.exports = { }*/ ] }, + { + when: installerDocker, + type: 'input', + name: 'gatekeeper_datapath', + default: utils._getDefault( 'gatekeeper_datapath' ), + filter: utils._trimFilter, + validate: utils._pathValidator, + message: prefix()+'Where to store your gatekeeper data?'+utils._getHelp('gatekeeper_datapath'), + }, { when: installerDocker, type: 'input', diff --git a/install/generator-cyphernode/generators/app/templates/authentication/keys.properties b/install/generator-cyphernode/generators/app/templates/authentication/keys.properties deleted file mode 100644 index 8144e69..0000000 --- a/install/generator-cyphernode/generators/app/templates/authentication/keys.properties +++ /dev/null @@ -1 +0,0 @@ -<%- auth_keys.configEntries.join('\n') %> diff --git a/install/generator-cyphernode/generators/app/templates/authentication/api.properties b/install/generator-cyphernode/generators/app/templates/gatekeeper/api.properties similarity index 81% rename from install/generator-cyphernode/generators/app/templates/authentication/api.properties rename to install/generator-cyphernode/generators/app/templates/gatekeeper/api.properties index 4899c6b..aa952a1 100644 --- a/install/generator-cyphernode/generators/app/templates/authentication/api.properties +++ b/install/generator-cyphernode/generators/app/templates/gatekeeper/api.properties @@ -3,4 +3,4 @@ # Spender can do what the watcher can do plus more stuff # Admin can do what the spender can do plus even more stuff -<%- auth_apiproperties %> +<%- gatekeeper_apiproperties %> diff --git a/install/generator-cyphernode/generators/app/templates/authentication/ip-whitelist.conf b/install/generator-cyphernode/generators/app/templates/gatekeeper/ip-whitelist.conf similarity index 86% rename from install/generator-cyphernode/generators/app/templates/authentication/ip-whitelist.conf rename to install/generator-cyphernode/generators/app/templates/gatekeeper/ip-whitelist.conf index 4c961e3..f26314c 100644 --- a/install/generator-cyphernode/generators/app/templates/authentication/ip-whitelist.conf +++ b/install/generator-cyphernode/generators/app/templates/gatekeeper/ip-whitelist.conf @@ -7,4 +7,4 @@ #allow 45.56.67.78; #deny all; -<%- auth_ipwhitelist %> \ No newline at end of file +<%- gatekeeper_ipwhitelist %> \ No newline at end of file diff --git a/install/generator-cyphernode/generators/app/templates/gatekeeper/keys.properties b/install/generator-cyphernode/generators/app/templates/gatekeeper/keys.properties new file mode 100644 index 0000000..dc4c8c8 --- /dev/null +++ b/install/generator-cyphernode/generators/app/templates/gatekeeper/keys.properties @@ -0,0 +1 @@ +<%- gatekeeper_keys.configEntries.join('\n') %> diff --git a/install/generator-cyphernode/generators/app/templates/installer/config.sh b/install/generator-cyphernode/generators/app/templates/installer/config.sh index b89579c..e4cb587 100644 --- a/install/generator-cyphernode/generators/app/templates/installer/config.sh +++ b/install/generator-cyphernode/generators/app/templates/installer/config.sh @@ -7,5 +7,6 @@ LIGHTNING_IMPLEMENTATION=<%= lightning_implementation %> BITCOIN_DATAPATH=<%= bitcoin_datapath %> LIGHTNING_DATAPATH=<%= lightning_datapath %> PROXY_DATAPATH=<%= proxy_datapath %> +GATEKEEPER_DATAPATH=<%= gatekeeper_datapath %> DOCKER_MODE=<%= docker_mode %> USERNAME=<%= username %> diff --git a/install/generator-cyphernode/generators/app/templates/installer/docker/docker-compose.yaml b/install/generator-cyphernode/generators/app/templates/installer/docker/docker-compose.yaml index f270d54..be3a87b 100644 --- a/install/generator-cyphernode/generators/app/templates/installer/docker/docker-compose.yaml +++ b/install/generator-cyphernode/generators/app/templates/installer/docker/docker-compose.yaml @@ -1,6 +1,25 @@ version: "3" services: + gatekeeper: + # HTTP authentication API gate + environment: + - "TRACING=1" + image: cyphernode/gatekeeper + ports: + - "443:443" + volumes: + - "<%= gatekeeper_datapath %>/certs:/etc/ssl/certs" + - "<%= gatekeeper_datapath %>/private:/etc/ssl/private" + - "<%= gatekeeper_datapath %>/keys.properties:/etc/nginx/conf.d/keys.properties" + - "<%= gatekeeper_datapath %>/api.properties:/etc/nginx/conf.d/api.properties" + +# deploy: +# placement: +# constraints: [node.hostname==dev] + networks: + - cyphernodenet + restart: always proxy: command: $USER ./startproxy.sh # Bitcoin Mini Proxy