123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383 |
- // Copyright © 2022 Ettore Di Giacinto <[email protected]>
- //
- // This program is free software; you can redistribute it and/or modify
- // it under the terms of the GNU General Public License as published by
- // the Free Software Foundation; either version 2 of the License, or
- // (at your option) any later version.
- //
- // This program is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- // GNU General Public License for more details.
- //
- // You should have received a copy of the GNU General Public License along
- // with this program; if not, see <http://www.gnu.org/licenses/>.
- package config
- import (
- "fmt"
- "math/bits"
- "os"
- "time"
- "github.com/ipfs/go-log"
- "github.com/libp2p/go-libp2p"
- connmanager "github.com/libp2p/go-libp2p-connmgr"
- "github.com/libp2p/go-libp2p-core/network"
- "github.com/libp2p/go-libp2p-core/peer"
- dht "github.com/libp2p/go-libp2p-kad-dht"
- mplex "github.com/libp2p/go-libp2p-mplex"
- rcmgr "github.com/libp2p/go-libp2p-resource-manager"
- yamux "github.com/libp2p/go-libp2p-yamux"
- "github.com/libp2p/go-libp2p/p2p/host/autorelay"
- "github.com/mudler/edgevpn/pkg/blockchain"
- "github.com/mudler/edgevpn/pkg/crypto"
- "github.com/mudler/edgevpn/pkg/discovery"
- "github.com/mudler/edgevpn/pkg/logger"
- "github.com/mudler/edgevpn/pkg/node"
- "github.com/mudler/edgevpn/pkg/services"
- "github.com/mudler/edgevpn/pkg/vpn"
- "github.com/peterbourgon/diskv"
- "github.com/songgao/water"
- )
- // Config is the config struct for the node and the default EdgeVPN services
- // It is used to generate opts for the node and the services before start.
- type Config struct {
- NetworkConfig, NetworkToken string
- Address string
- Router string
- Interface string
- Libp2pLogLevel, LogLevel string
- LowProfile, VPNLowProfile, BootstrapIface bool
- Blacklist []string
- Concurrency int
- FrameTimeout string
- ChannelBufferSize, InterfaceMTU, PacketMTU int
- NAT NAT
- Connection Connection
- Discovery Discovery
- Ledger Ledger
- Limit ResourceLimit
- }
- type ResourceLimit struct {
- FileLimit string
- LimitConfig *node.NetLimitConfig
- Scope string
- MaxConns int
- StaticMin int64
- StaticMax int64
- Enable bool
- }
- // Ledger is the ledger configuration structure
- type Ledger struct {
- AnnounceInterval, SyncInterval time.Duration
- StateDir string
- }
- // Discovery allows to enable/disable discovery and
- // set bootstrap peers
- type Discovery struct {
- DHT, MDNS bool
- BootstrapPeers []string
- Interval time.Duration
- }
- // Connection is the configuration section
- // relative to the connection services
- type Connection struct {
- HolePunch bool
- AutoRelay bool
- AutoRelayDiscoveryInterval time.Duration
- RelayV1 bool
- StaticRelays []string
- Mplex bool
- MaxConnections int
- MaxStreams int
- }
- // NAT is the structure relative to NAT configuration settings
- // It allows to enable/disable the service and NAT mapping, and rate limiting too.
- type NAT struct {
- Service bool
- Map bool
- RateLimit bool
- RateLimitGlobal, RateLimitPeer int
- RateLimitInterval time.Duration
- }
- // Validate returns error if the configuration is not valid
- func (c Config) Validate() error {
- if c.NetworkConfig == "" &&
- c.NetworkToken == "" {
- return fmt.Errorf("EDGEVPNCONFIG or EDGEVPNTOKEN not supplied. At least a config file is required")
- }
- return nil
- }
- func peers2List(peers []string) discovery.AddrList {
- addrsList := discovery.AddrList{}
- for _, p := range peers {
- addrsList.Set(p)
- }
- return addrsList
- }
- func peers2AddrInfo(peers []string) []peer.AddrInfo {
- addrsList := []peer.AddrInfo{}
- for _, p := range peers {
- pi, err := peer.AddrInfoFromString(p)
- if err == nil {
- addrsList = append(addrsList, *pi)
- }
- }
- return addrsList
- }
- // ToOpts returns node and vpn options from a configuration
- func (c Config) ToOpts(l *logger.Logger) ([]node.Option, []vpn.Option, error) {
- if err := c.Validate(); err != nil {
- return nil, nil, err
- }
- config := c.NetworkConfig
- address := c.Address
- router := c.Router
- iface := c.Interface
- logLevel := c.LogLevel
- libp2plogLevel := c.Libp2pLogLevel
- dhtE, mDNS := c.Discovery.DHT, c.Discovery.MDNS
- ledgerState := c.Ledger.StateDir
- peers := c.Discovery.BootstrapPeers
- lvl, err := log.LevelFromString(logLevel)
- if err != nil {
- lvl = log.LevelError
- }
- llger := logger.New(lvl)
- libp2plvl, err := log.LevelFromString(libp2plogLevel)
- if err != nil {
- libp2plvl = log.LevelFatal
- }
- token := c.NetworkToken
- addrsList := peers2List(peers)
- dhtOpts := []dht.Option{}
- if c.LowProfile {
- dhtOpts = append(dhtOpts, dht.BucketSize(20))
- }
- opts := []node.Option{
- node.WithDiscoveryInterval(c.Discovery.Interval),
- node.WithLedgerAnnounceTime(c.Ledger.AnnounceInterval),
- node.WithLedgerInterval(c.Ledger.SyncInterval),
- node.Logger(llger),
- node.WithDiscoveryBootstrapPeers(addrsList),
- node.WithBlacklist(c.Blacklist...),
- node.LibP2PLogLevel(libp2plvl),
- node.WithInterfaceAddress(address),
- node.WithSealer(&crypto.AESSealer{}),
- node.FromBase64(mDNS, dhtE, token, dhtOpts...),
- node.FromYaml(mDNS, dhtE, config, dhtOpts...),
- }
- vpnOpts := []vpn.Option{
- vpn.WithConcurrency(c.Concurrency),
- vpn.WithInterfaceAddress(address),
- vpn.WithLedgerAnnounceTime(c.Ledger.AnnounceInterval),
- vpn.Logger(llger),
- vpn.WithTimeout(c.FrameTimeout),
- vpn.WithInterfaceType(water.TUN),
- vpn.NetLinkBootstrap(c.BootstrapIface),
- vpn.WithChannelBufferSize(c.ChannelBufferSize),
- vpn.WithInterfaceMTU(c.InterfaceMTU),
- vpn.WithPacketMTU(c.PacketMTU),
- vpn.WithRouterAddress(router),
- vpn.WithInterfaceName(iface),
- vpn.WithMaxStreams(c.Connection.MaxStreams),
- }
- if c.VPNLowProfile {
- vpnOpts = append(vpnOpts, vpn.LowProfile)
- }
- libp2pOpts := []libp2p.Option{libp2p.UserAgent("edgevpn")}
- // AutoRelay section configuration
- if c.Connection.AutoRelay {
- relayOpts := []autorelay.Option{}
- if c.Connection.RelayV1 {
- relayOpts = append(relayOpts, autorelay.WithCircuitV1Support())
- }
- // If no relays are specified and no discovery interval, then just use default static relays (to be deprecated)
- if len(c.Connection.StaticRelays) == 0 && c.Connection.AutoRelayDiscoveryInterval == 0 {
- relayOpts = append(relayOpts, autorelay.WithDefaultStaticRelays())
- } else if len(c.Connection.StaticRelays) > 0 {
- relayOpts = append(relayOpts, autorelay.WithStaticRelays(peers2AddrInfo(c.Connection.StaticRelays)))
- } else {
- peerChan := make(chan peer.AddrInfo)
- // Add AutoRelayFeederService (needs a DHT Service discovery)
- opts = append(opts, func(cfg *node.Config) error {
- for _, sd := range cfg.ServiceDiscovery {
- switch d := sd.(type) {
- case *discovery.DHT:
- llger.Debugf("DHT automatic relay discovery configured every '%s'\n", c.Connection.AutoRelayDiscoveryInterval.String())
- cfg.NetworkServices = append(cfg.NetworkServices, services.AutoRelayFeederService(llger, peerChan, d, c.Connection.AutoRelayDiscoveryInterval))
- }
- }
- return nil
- })
- relayOpts = append(relayOpts, autorelay.WithPeerSource(peerChan))
- }
- libp2pOpts = append(libp2pOpts,
- libp2p.EnableAutoRelay(relayOpts...))
- }
- if c.Connection.Mplex {
- libp2pOpts = append(libp2pOpts,
- libp2p.ChainOptions(
- libp2p.Muxer("/yamux/1.0.0", yamux.DefaultTransport),
- libp2p.Muxer("/mplex/6.7.0", mplex.DefaultTransport),
- ))
- }
- if c.NAT.RateLimit {
- libp2pOpts = append(libp2pOpts, libp2p.AutoNATServiceRateLimit(
- c.NAT.RateLimitGlobal,
- c.NAT.RateLimitPeer,
- c.NAT.RateLimitInterval,
- ))
- }
- if c.Connection.MaxConnections != 0 {
- cm, err := connmanager.NewConnManager(
- 1,
- c.Connection.MaxConnections,
- connmanager.WithGracePeriod(80*time.Second),
- )
- if err != nil {
- llger.Fatal("could not create connection manager")
- }
- libp2pOpts = append(libp2pOpts, libp2p.ConnectionManager(cm))
- }
- if !c.Limit.Enable {
- libp2pOpts = append(libp2pOpts, libp2p.ResourceManager(network.NullResourceManager))
- } else {
- var limiter *rcmgr.BasicLimiter
- if c.Limit.FileLimit != "" {
- limitFile, err := os.Open(c.Limit.FileLimit)
- if err != nil {
- return opts, vpnOpts, err
- }
- defer limitFile.Close()
- limiter, err = rcmgr.NewDefaultLimiterFromJSON(limitFile)
- if err != nil {
- return opts, vpnOpts, err
- }
- } else if c.Limit.MaxConns != 0 {
- min := int64(1 << 30)
- max := int64(4 << 30)
- if c.Limit.StaticMin != 0 {
- min = c.Limit.StaticMin
- }
- if c.Limit.StaticMax != 0 {
- max = c.Limit.StaticMax
- }
- defaultLimits := rcmgr.DefaultLimits.WithSystemMemory(.125, min, max)
- maxconns := int(c.Limit.MaxConns)
- if 2*maxconns > defaultLimits.SystemBaseLimit.ConnsInbound {
- // adjust conns to 2x to allow for two conns per peer (TCP+QUIC)
- defaultLimits.SystemBaseLimit.ConnsInbound = logScale(2 * maxconns)
- defaultLimits.SystemBaseLimit.ConnsOutbound = logScale(2 * maxconns)
- defaultLimits.SystemBaseLimit.Conns = logScale(4 * maxconns)
- defaultLimits.SystemBaseLimit.StreamsInbound = logScale(16 * maxconns)
- defaultLimits.SystemBaseLimit.StreamsOutbound = logScale(64 * maxconns)
- defaultLimits.SystemBaseLimit.Streams = logScale(64 * maxconns)
- if 2*maxconns > defaultLimits.SystemBaseLimit.FD {
- defaultLimits.SystemBaseLimit.FD = logScale(2 * maxconns)
- }
- defaultLimits.ServiceBaseLimit.StreamsInbound = logScale(8 * maxconns)
- defaultLimits.ServiceBaseLimit.StreamsOutbound = logScale(32 * maxconns)
- defaultLimits.ServiceBaseLimit.Streams = logScale(32 * maxconns)
- defaultLimits.ProtocolBaseLimit.StreamsInbound = logScale(8 * maxconns)
- defaultLimits.ProtocolBaseLimit.StreamsOutbound = logScale(32 * maxconns)
- defaultLimits.ProtocolBaseLimit.Streams = logScale(32 * maxconns)
- }
- limiter = rcmgr.NewStaticLimiter(defaultLimits)
- } else {
- limiter = rcmgr.NewDefaultLimiter()
- }
- libp2p.SetDefaultServiceLimits(limiter)
- rc, err := rcmgr.NewResourceManager(limiter)
- if err != nil {
- llger.Fatal("could not create resource manager")
- }
- if c.Limit.LimitConfig != nil {
- if err := node.NetSetLimit(rc, c.Limit.Scope, *c.Limit.LimitConfig); err != nil {
- return opts, vpnOpts, err
- }
- }
- libp2pOpts = append(libp2pOpts, libp2p.ResourceManager(rc))
- }
- if c.Connection.HolePunch {
- libp2pOpts = append(libp2pOpts, libp2p.EnableHolePunching())
- }
- if c.NAT.Service {
- libp2pOpts = append(libp2pOpts, libp2p.EnableNATService())
- }
- if c.NAT.Map {
- libp2pOpts = append(libp2pOpts, libp2p.NATPortMap())
- }
- opts = append(opts, node.WithLibp2pOptions(libp2pOpts...))
- if ledgerState != "" {
- opts = append(opts, node.WithStore(blockchain.NewDiskStore(diskv.New(diskv.Options{
- BasePath: ledgerState,
- CacheSizeMax: uint64(50), // 50MB
- }))))
- } else {
- opts = append(opts, node.WithStore(&blockchain.MemoryStore{}))
- }
- return opts, vpnOpts, nil
- }
- func logScale(val int) int {
- bitlen := bits.Len(uint(val))
- return 1 << bitlen
- }
|