Source file rpc_server.ml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
(*****************************************************************************)
(*                                                                           *)
(* Open Source License                                                       *)
(* Copyright (c) 2022 Nomadic Labs, <contact@nomadic-labs.com>               *)
(* Copyright (c) 2022-2023 TriliTech <contact@trili.tech>                    *)
(* Copyright (c) 2023 Functori, <contact@functori.com>                       *)
(*                                                                           *)
(* Permission is hereby granted, free of charge, to any person obtaining a   *)
(* copy of this software and associated documentation files (the "Software"),*)
(* to deal in the Software without restriction, including without limitation *)
(* the rights to use, copy, modify, merge, publish, distribute, sublicense,  *)
(* and/or sell copies of the Software, and to permit persons to whom the     *)
(* Software is furnished to do so, subject to the following conditions:      *)
(*                                                                           *)
(* The above copyright notice and this permission notice shall be included   *)
(* in all copies or substantial portions of the Software.                    *)
(*                                                                           *)
(* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR*)
(* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,  *)
(* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL   *)
(* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER*)
(* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING   *)
(* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER       *)
(* DEALINGS IN THE SOFTWARE.                                                 *)
(*                                                                           *)
(*****************************************************************************)

open Tezos_rpc_http
open Tezos_rpc_http_server

type t = {
  server : RPC_server.server;
  host : string;
  node : Conduit_lwt_unix.server;
  acl : Resto_acl.Acl.t;
}

module Acl = struct
  open Resto_acl.Acl

  let allow_all = RPC_server.Acl.allow_all

  let secure =
    Allow_all
      {
        except =
          List.map
            parse
            [
              "GET /global/block/*/durable/wasm_2_0_0/subkeys";
              "/local/batcher/**";
              "/admin/**";
              "/stats/**";
              "/config";
            ];
      }

  let default (address : P2p_addr.t) =
    let open Ipaddr in
    if V6.scope address = Interface then allow_all else secure
end

let start ~rpc_addr ~rpc_port ~acl ~cors dir =
  let open Lwt_result_syntax in
  let rpc_addr = P2p_addr.of_string_exn rpc_addr in
  let host = Ipaddr.V6.to_string rpc_addr in
  let node = `TCP (`Port rpc_port) in
  let*! acl_policy = RPC_server.Acl.resolve_domain_names acl in
  let acl =
    RPC_server.Acl.find_policy acl_policy (host, Some rpc_port)
    |> Option.value_f ~default:(fun () -> Acl.default rpc_addr)
  in
  let server =
    RPC_server.init_server
      dir
      ~cors
      ~acl
      ~media_types:Media_type.all_media_types
  in
  protect @@ fun () ->
  let*! () =
    RPC_server.launch
      ~host
      server
      ~callback:(RPC_server.resto_callback server)
      node
  in
  return {server; host; node; acl}

let shutdown {server; _} = RPC_server.shutdown server