ursa icon indicating copy to clipboard operation
ursa copied to clipboard

Published 20 hours ago verified publisher icon fleek-network

feat: DNS + SSL requirements, verify registration, docker setup

Open ozwaldorf opened this issue 2 years ago • 2 comments

Nodes should be required to have a valid SSL certificate setup on a DNS address and listen over https. Once ssl is enforced we can do a simple verification on the tracker by making a valid request to the registering node's /ping endpoint

TODO:

  • [ ] finalize config entry for dns (node.domain - rpc/http/metrics/index provider)
  • [ ] SSL cert/key config entries OR proxy config entries if not direct https
  • [ ] nodes include dns address for tracker registration
  • [ ] tracker should assume the supplied address and 80/443 are available for rpc/http
  • [ ] tracker makes https request to /ping on registering node to verify setup

Open Questions:

  • Will dns+ssl be a hard requirement to run the binary?

no, because those who run the node behind nginx proxy with ssl and dont need the binary to handle ssl directly

  • should nodes register tracker with a full url+port for http to support proxied nodes?

tracker should automatically assume node.address:80/443 is available

ozwaldorf avatar Dec 20 '22 00:12 ozwaldorf

https://github.com/fleek-network/ursa/issues/53#issue-1337497746

related

b0xtch avatar Dec 20 '22 21:12 b0xtch

This can be split up into different issues, especially the ones that aren't currently actionable

b0xtch avatar Dec 21 '22 23:12 b0xtch