Noor
9d643867a4
Updates the brain connection logic to randomly select from a list of available URLs for staging and testnet environments.
150 lines
5.1 KiB
Rust
150 lines
5.1 KiB
Rust
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
use anyhow::Result;
|
|
use ed25519_dalek::SigningKey;
|
|
use log::{info, warn};
|
|
use rand::Rng;
|
|
use sha2::{Digest, Sha256};
|
|
use std::fs::File;
|
|
use std::io::{Read, Write};
|
|
use std::sync::LazyLock;
|
|
|
|
pub const DETEE_ROOT_CA: &str = "/etc/detee/root_ca.pem";
|
|
pub(crate) const BRAIN_STAGING_URLS: [&str; 3] = [
|
|
"https://184.107.169.199:49092",
|
|
"https://149.22.95.1:47855",
|
|
"https://149.36.48.99:48843",
|
|
];
|
|
pub(crate) const BRAIN_TESTING_URLS: [&str; 3] = [
|
|
"https://184.107.169.199:45223",
|
|
"https://149.22.95.1:44522",
|
|
"https://149.36.48.99:48638",
|
|
];
|
|
pub const PACKAGE_ARCHIVE_POSTFIX: &str = "-enclave_package.tar.gz";
|
|
pub const PACKAGE_ARCHIVE_DIR_PATH: &str = "/var/lib/detee/archives";
|
|
pub const PACKAGE_DIR_PATH: &str = "/var/lib/detee/enclaves";
|
|
|
|
pub const APP_NAME_PREFIX: &str = "dtpm";
|
|
|
|
pub static BRAIN_STAGING: LazyLock<(&str, &str)> = LazyLock::new(|| {
|
|
(
|
|
BRAIN_STAGING_URLS[rand::thread_rng().gen_range(0..BRAIN_STAGING_URLS.len())],
|
|
"staging-brain",
|
|
)
|
|
});
|
|
|
|
pub static BRAIN_TESTING: LazyLock<(&str, &str)> = LazyLock::new(|| {
|
|
(
|
|
BRAIN_TESTING_URLS[rand::thread_rng().gen_range(0..BRAIN_TESTING_URLS.len())],
|
|
"testnet-brain",
|
|
)
|
|
});
|
|
|
|
// const DETEE_DIR_ENV_NAME: &str = "DETEE_DIR";
|
|
|
|
pub static IP_INFO: LazyLock<IPInfo> =
|
|
LazyLock::new(|| tokio::task::block_in_place(|| get_ip_info().unwrap()));
|
|
|
|
pub static DAEMON_CONFIG_BASE_DIR: LazyLock<String> =
|
|
LazyLock::new(|| "/etc/detee/app_daemon".to_string());
|
|
|
|
pub static USED_RESOURCES_PATH: LazyLock<String> = LazyLock::new(|| {
|
|
// let home = home::home_dir().unwrap().to_string_lossy().into_owned();
|
|
// std::env::var(DETEE_DIR_ENV_NAME)
|
|
// .unwrap_or(format!("{home}/.detee/app_daemon/used_resources.yaml"))
|
|
let base_dir = DAEMON_CONFIG_BASE_DIR.to_string();
|
|
format!("{base_dir}/used_resources.yaml")
|
|
});
|
|
|
|
pub static DAEMON_CONFIG_PATH: LazyLock<String> = LazyLock::new(|| {
|
|
// let home = home::home_dir().unwrap().to_string_lossy().into_owned();
|
|
// std::env::var(DETEE_DIR_ENV_NAME).unwrap_or(format!("{home}/.detee/app_daemon/config.yaml"))
|
|
let base_dir = DAEMON_CONFIG_BASE_DIR.to_string();
|
|
format!("{base_dir}/config.yaml")
|
|
});
|
|
|
|
pub static DEPLOYED_APPS_CONFIG_DIR: LazyLock<String> = LazyLock::new(|| {
|
|
// let home = home::home_dir().unwrap().to_string_lossy().into_owned();
|
|
// std::env::var(DETEE_DIR_ENV_NAME).unwrap_or(format!("{home}/.detee/app_daemon/deployed_apps/"))
|
|
let base_dir = DAEMON_CONFIG_BASE_DIR.to_string();
|
|
format!("{base_dir}/deployed_apps")
|
|
});
|
|
|
|
pub static SECRET_KEY_PATH: LazyLock<String> = LazyLock::new(|| {
|
|
// let home = home::home_dir().unwrap().to_string_lossy().into_owned();
|
|
// std::env::var(DETEE_DIR_ENV_NAME)
|
|
// .unwrap_or(format!("{home}/.detee/app_daemon/node_secret_key.pem"))
|
|
let base_dir = DAEMON_CONFIG_BASE_DIR.to_string();
|
|
format!("{base_dir}/node_secret_key.pem")
|
|
});
|
|
|
|
pub static PUBLIC_KEY: LazyLock<String> = LazyLock::new(get_public_key);
|
|
|
|
#[derive(serde::Deserialize, Clone)]
|
|
pub struct IPInfo {
|
|
pub country: String,
|
|
pub region: String,
|
|
pub city: String,
|
|
pub ip: String,
|
|
}
|
|
|
|
fn get_ip_info() -> anyhow::Result<IPInfo> {
|
|
let body = reqwest::blocking::get("https://ipinfo.io/".to_string())?.text()?;
|
|
log::info!("Got the following data from ipinfo.io: {body}");
|
|
Ok(serde_json::de::from_str(&body)?)
|
|
}
|
|
|
|
fn create_secret_key() -> Result<SigningKey> {
|
|
let key_path = SECRET_KEY_PATH.to_string();
|
|
info!("Creating new secret key at {}", key_path);
|
|
let sk = SigningKey::generate(&mut rand::rngs::OsRng);
|
|
let private_key_string = bs58::encode(sk.to_bytes()).into_string();
|
|
let mut file = File::create(key_path)?;
|
|
file.write_all(private_key_string.as_bytes())?;
|
|
Ok(sk)
|
|
}
|
|
|
|
fn load_secret_key() -> Result<ed25519_dalek::SigningKey> {
|
|
let secret_key_string = match std::fs::read_to_string(SECRET_KEY_PATH.to_string()) {
|
|
Ok(secret_key_pem) => secret_key_pem,
|
|
Err(e) => {
|
|
warn!("Could not load secret key due to error: {e:?}");
|
|
// TODO: fix this, if new node spawns its throwing error
|
|
return create_secret_key();
|
|
}
|
|
};
|
|
Ok(SigningKey::from_bytes(
|
|
&bs58::decode(secret_key_string)
|
|
.into_vec()?
|
|
.try_into()
|
|
.map_err(|_| bs58::decode::Error::BufferTooSmall)?,
|
|
))
|
|
}
|
|
|
|
pub fn sign_message(msg: &str) -> Result<String> {
|
|
use ed25519_dalek::Signer;
|
|
let key = load_secret_key()?;
|
|
Ok(bs58::encode(key.sign(msg.as_bytes()).to_bytes()).into_string())
|
|
}
|
|
|
|
pub fn get_public_key() -> String {
|
|
let pubkey = bs58::encode(load_secret_key().unwrap().verifying_key().to_bytes()).into_string();
|
|
log::info!("Loaded the following public key: {pubkey}");
|
|
pubkey
|
|
}
|
|
|
|
pub fn compute_sha256<P: AsRef<std::path::Path>>(path: P) -> Result<String> {
|
|
let mut file = File::open(path)?;
|
|
let mut hasher = Sha256::new();
|
|
let mut buffer = [0u8; 8192];
|
|
loop {
|
|
let bytes_read = file.read(&mut buffer).unwrap();
|
|
if bytes_read == 0 {
|
|
break;
|
|
}
|
|
hasher.update(&buffer[..bytes_read]);
|
|
}
|
|
let result = hasher.finalize();
|
|
Ok(format!("{:x}", result))
|
|
}
|