refactor(iroh-net)!: Rework relay-server binary, more configurable, r…

…everse-proxy support (n0-computer#2341) ## Description This re-architects the relay-server binary. There is now a struct with detailed configuration which runs the entire server and aborts the server on drop. This simplifies running the server in various situations, including tests. The configuration is now done using a declarative struct, which supports more control over how it runs so it can be more easily used behind a reverse proxy, without TLS etc. This is aiming to fix n0-computer#2177, n0-computer#2179 and n0-computer#2178. ## Breaking Changes The configuration file format has changed, deployments will need to updated. For the full format see `struct Config` in `iroh-net/src/bin/iroh-relay.rs`. Here a summary: - The 3 parts of the server now have an independent enable setting: `enable_relay`, `enable_stun` and `enable_metrics`. If omitted they default to `true`. - The way to specify which addresses the server listens on has changed: `http_bind_addr` is for the relay server, `stun_bind_addr` for the STUN server, `metrics_bind_addr` is for the optional metrics server and `tls.https_bind_addr` is for when TLS is enabled. Note these are now all full socket addresses. All have sensible defaults if omitted. - There are new options in `tls.cert_path` and `tls.key_path` which allow more control over where the manual TLS keys are to be read from. - `iroh_net::defaults::DEFAULT_RELAY_STUN_PORT` has been renamed to `iroh_net::defaults::DEFAULT_STUN_PORT`. TBD: some APIs changed as well. Why are they not all private? ## Notes & open questions * The `iroh_net::relay::iroh_relay` crate name is a bit weird. But `iroh_net::relay::server` is already taken. Maybe `iroh_net::relay::bin` could work, but that would be weird when using it from code in other places. * The `ServerConfig` struct is a declarative way of controlling the new server interface. It's kind of nice to use. Bu it is a public API that will be a breaking change every time it changes, and it will change. Maybe it's worth creating a builder API for this. But maybe that's something to only tackle when it is a real demand. I feel like the `iroh_net::relay::server` builders are an attempt at doing this earlier than needed. ## Change checklist - [x] Self-review. - [x] Documentation updates if relevant. - [x] Tests if relevant. - [x] All breaking changes documented.
izihawa · Jun 22, 2024 · 4fa4617 · 4fa4617
1 parent fe5e195
commit 4fa4617
Show file tree

Hide file tree

Showing 13 changed files with 1,396 additions and 986 deletions.
diff --git a/iroh-cli/src/commands/doctor.rs b/iroh-cli/src/commands/doctor.rs
@@ -27,7 +27,7 @@ use iroh::{
     },
     docs::{Capability, DocTicket},
     net::{
-        defaults::DEFAULT_RELAY_STUN_PORT,
+        defaults::DEFAULT_STUN_PORT,
         discovery::{
             dns::DnsDiscovery, pkarr_publish::PkarrPublisher, ConcurrentDiscovery, Discovery,
         },
@@ -93,7 +93,7 @@ pub enum Commands {
         #[clap(long)]
         stun_host: Option<String>,
         /// The port of the STUN server.
-        #[clap(long, default_value_t = DEFAULT_RELAY_STUN_PORT)]
+        #[clap(long, default_value_t = DEFAULT_STUN_PORT)]
         stun_port: u16,
     },
     /// Wait for incoming requests from iroh doctor connect
@@ -631,7 +631,7 @@ async fn passive_side(gui: Gui, connection: Connection) -> anyhow::Result<()> {
 }
 
 fn configure_local_relay_map() -> RelayMap {
-    let stun_port = DEFAULT_RELAY_STUN_PORT;
+    let stun_port = DEFAULT_STUN_PORT;
     let url = "http://localhost:3340".parse().unwrap();
     RelayMap::default_from_node(url, stun_port)
 }