Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: use 0.0.0.0 as the default listening address for RPC and gnoweb #1657

Closed
wants to merge 1 commit into from

Conversation

thehowl
Copy link
Member

@thehowl thehowl commented Feb 14, 2024

Decided to create this PR after discussing with @zivkovicmilos.

This PR changes the default listening address for the RPC node and gnoweb to be 0.0.0.0 instead of 127.0.0.1. This entails that when starting up a gno.land node or a gnoweb server, it is accessible from any IP address (on the specified port). This includes local loopback addresses like 127.0.0.1, private network addresses like 192.0.0.X, public addresses if the machine has one and the ports are not firewalled, as well as giving the ability to expose the services in docker without having to juggle flags or configuration files.

Milos: What do you think about changing the default IP to 0.0.0.0?
In the code itself, always

Morgan: that is an option and my first thought
but I think there could be security concerns
ie. the RPC node could be an attack vector a validator might not want to expose by default, so it makes sense to expose it only with an opt-in

Milos: I have never in my life seen a production blockchain node directly exposed to the internet
without something like nginx in front of it
There are entire layers of issues that don't have to be solved node-level
The protocol can't cover everything, and it shouldn't
I'd 100% back having the default listen address 0.0.0.0
There is no argument against it really, because the node won't ever be "naked" on the internet

This PR attempts to improve the developer experience of using the two services "by default", with the risk of exposing the RPC endpoints out-of-the-box which could be undesirable for some production environments. However, as Milos has stated, and I agree, any validator who wants to launch a production-grade node

  1. without having a firewall already set up on their system
  2. without checking through the configuration and defaults for the gnoland node
  3. without putting a reverse-proxy like nginx, caddy, $what_have_you
  4. expecting that this does not expose the RPC endpoint by default

... is probably insane.

cc/ @albttx

Contributors' checklist...
  • Added new tests, or not needed, or not feasible
  • Provided an example (e.g. screenshot) to aid review or the PR is self-explanatory
  • Updated the official documentation or not needed
  • No breaking changes were made, or a BREAKING CHANGE: xxx message was included in the description
  • Added references to related issues and PRs
  • Provided any useful hints for running manual tests
  • Added new benchmarks to generated graphs, if any. More info here.

@thehowl thehowl self-assigned this Feb 14, 2024
@thehowl thehowl requested review from moul, a team, jaekwon and piux2 as code owners February 14, 2024 19:08
@github-actions github-actions bot added 📦 🌐 tendermint v2 Issues or PRs tm2 related 📦 ⛰️ gno.land Issues or PRs gno.land package related labels Feb 14, 2024
Copy link

codecov bot commented Feb 14, 2024

Codecov Report

Attention: 1 lines in your changes are missing coverage. Please review.

Comparison is base (0cce745) 56.17% compared to head (b478455) 56.57%.

Files Patch % Lines
tm2/pkg/bft/rpc/config/config.go 0.00% 1 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##           master    #1657      +/-   ##
==========================================
+ Coverage   56.17%   56.57%   +0.40%     
==========================================
  Files         439      439              
  Lines       66242    66618     +376     
==========================================
+ Hits        37209    37690     +481     
+ Misses      26143    26009     -134     
- Partials     2890     2919      +29     
Flag Coverage Δ
go-1.21.x ∅ <ø> (∅)
misc ∅ <ø> (∅)
misc-_test.genstd ∅ <ø> (∅)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Copy link
Member

@zivkovicmilos zivkovicmilos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good 💯

@@ -88,7 +88,7 @@ type RPCConfig struct {
// DefaultRPCConfig returns a default configuration for the RPC server
func DefaultRPCConfig() *RPCConfig {
return &RPCConfig{
ListenAddress: "tcp://127.0.0.1:26657",
ListenAddress: "tcp://0.0.0.0:26657",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i'm 100% Again this. This is WAY TO DANGEROUS for mainnet.

Too many validators on cosmos with having 127.0.0.1 by default expose their validator on 0.0.0.0, which is a terrible error and it's dangerous.

The result will be way worse if we set it to 0.0.0.0 by default.

@thehowl
Copy link
Member Author

thehowl commented Feb 15, 2024

After discussing with Guillhem and Albert, I think it's best if we move as follows:

  • Prefer 127.0.0.1 as it "documents" that the RPC node should not be publicly exposed by default.
  • For the docker usecase, place gnoland init and gnoland config ... rpc.laddr 0.0.0.0:26657 (in Dockerfile) so it is automatically set up in that context. This can be done with / after feat: add gnoland config command suite #1605 is merged.

Closing this PR!

@thehowl thehowl closed this Feb 15, 2024
@thehowl thehowl deleted the dev/morgan/default-any-address branch February 15, 2024 17:15
@waymobetta
Copy link
Contributor

This is how geth handles working with Docker.

Also, may need to include :: to accommodate ipv6 as well.

Copy link
Contributor

@kristovatlas kristovatlas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Resolved during call today.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
📦 🌐 tendermint v2 Issues or PRs tm2 related 📦 ⛰️ gno.land Issues or PRs gno.land package related
Projects
Status: Done
Archived in project
Development

Successfully merging this pull request may close these issues.

5 participants