whitelist configs moved to it's own yml file

2024-11-22 00:27:14 +00:00 · 2024-10-16 09:57:58 -04:00 · 2024-10-16 09:57:58 -04:00 · 5133c3a005
commit 5133c3a005
parent 9df03646db
13 changed files with 226 additions and 178 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,5 +1,6 @@
 /tmp
 config.yml
 whitelist.yml
 relay_metadata.json
 grain.exe
 /build
--- a/app/static/examples/config.example.yml
+++ b/app/static/examples/config.example.yml
@ -63,19 +63,6 @@ rate_limit:
      limit: 25
      burst: 50
 pubkey_whitelist:
  enabled: false
  pubkeys: [] # List of allowed public keys
  npubs: [] # List of allowed npubs (Nostr public keys in bech32 format)
 kind_whitelist:
  enabled: false
  kinds: [] # List of allowed event kinds
 domain_whitelist:
  enabled: false
  domains: [] # List of allowed domains
 blacklist: #Removing a pubkey from the Blacklist requires a hard restart; Blacklist overides the Whitelist
  enabled: true
  permanent_ban_words: [] # Words that trigger a permanent ban
--- a/app/static/examples/whitelist.example.yml
+++ b/app/static/examples/whitelist.example.yml
@ -0,0 +1,20 @@
 pubkey_whitelist:
  enabled: false
  pubkeys:
    - pubkey1
    - pubkey2
  npubs:
    - npub18ls2km9aklhzw9yzqgjfu0anhz2z83hkeknw7sl22ptu8kfs3rjq54am44
    - npub2
 kind_whitelist:
  enabled: false
  kinds:
    - "1"
    - "2"
 domain_whitelist:
  enabled: false
  domains:
    - "example.com"
    - "anotherdomain.com"
--- a/config/Whitelist.go
+++ b/config/Whitelist.go
@ -6,21 +6,19 @@ import (
 	"strconv"
 )
-// Helper function to check if a pubkey or npub is whitelisted
+// Check if a pubkey or npub is whitelisted
 func IsPubKeyWhitelisted(pubKey string) bool {
-	cfg := GetConfig()
+    cfg := GetWhitelistConfig()
    if !cfg.PubkeyWhitelist.Enabled {
        return true
    }
 	// Check pubkeys
    for _, whitelistedKey := range cfg.PubkeyWhitelist.Pubkeys {
        if pubKey == whitelistedKey {
            return true
        }
    }
 	// Check npubs
    for _, npub := range cfg.PubkeyWhitelist.Npubs {
        decodedPubKey, err := utils.DecodeNpub(npub)
        if err != nil {
@ -35,13 +33,13 @@ func IsPubKeyWhitelisted(pubKey string) bool {
    return false
 }
 // Check if a kind is whitelisted
 func IsKindWhitelisted(kind int) bool {
-	cfg := GetConfig()
+    cfg := GetWhitelistConfig()
    if !cfg.KindWhitelist.Enabled {
        return true
    }
 	// Check event kinds
    for _, whitelistedKindStr := range cfg.KindWhitelist.Kinds {
        whitelistedKind, err := strconv.Atoi(whitelistedKindStr)
        if err != nil {
--- a/config/loadConfig.go
+++ b/config/loadConfig.go
@ -11,9 +11,12 @@ import (
 var (
    cfg            *configTypes.ServerConfig
    whitelistCfg   *configTypes.WhitelistConfig
    once           sync.Once
    whitelistOnce  sync.Once
 )
 // LoadConfig loads the server configuration from config.yml
 func LoadConfig(filename string) (*configTypes.ServerConfig, error) {
    data, err := os.ReadFile(filename)
    if err != nil {
@ -33,6 +36,30 @@ func LoadConfig(filename string) (*configTypes.ServerConfig, error) {
    return cfg, nil
 }
 // LoadWhitelistConfig loads the whitelist configuration from whitelist.yml
 func LoadWhitelistConfig(filename string) (*configTypes.WhitelistConfig, error) {
    data, err := os.ReadFile(filename)
    if err != nil {
        return nil, err
    }
    var config configTypes.WhitelistConfig
    err = yaml.Unmarshal(data, &config)
    if err != nil {
        return nil, err
    }
    whitelistOnce.Do(func() {
        whitelistCfg = &config
    })
    return whitelistCfg, nil
 }
 func GetConfig() *configTypes.ServerConfig {
    return cfg
 }
 func GetWhitelistConfig() *configTypes.WhitelistConfig {
    return whitelistCfg
 }
--- a/config/types/serverConfig.go
+++ b/config/types/serverConfig.go
@ -14,9 +14,6 @@ type ServerConfig struct {
 		MaxSubscriptionsPerClient int    `yaml:"max_subscriptions_per_client"` // Maximum number of subscriptions per client
 	} `yaml:"server"`
 	RateLimit      RateLimitConfig  `yaml:"rate_limit"`
 	PubkeyWhitelist PubkeyWhitelistConfig `yaml:"pubkey_whitelist"`
 	KindWhitelist   KindWhitelistConfig   `yaml:"kind_whitelist"`
 	DomainWhitelist DomainWhitelistConfig `yaml:"domain_whitelist"`
 	Blacklist      BlacklistConfig  `yaml:"blacklist"`
 	ResourceLimits ResourceLimits   `yaml:"resource_limits"`
 	Auth           AuthConfig       `yaml:"auth"`
--- a/config/types/whitelistConfig.go
+++ b/config/types/whitelistConfig.go
@ -0,0 +1,19 @@
 package config
 type WhitelistConfig struct {
 	PubkeyWhitelist struct {
 		Enabled bool     `yaml:"enabled"`
 		Pubkeys []string `yaml:"pubkeys"`
 		Npubs   []string `yaml:"npubs"`
 	} `yaml:"pubkey_whitelist"`
 	KindWhitelist struct {
 		Enabled bool     `yaml:"enabled"`
 		Kinds   []string `yaml:"kinds"`
 	} `yaml:"kind_whitelist"`
 	DomainWhitelist struct {
 		Enabled bool     `yaml:"enabled"`
 		Domains []string `yaml:"domains"`
 	} `yaml:"domain_whitelist"`
 }
--- a/config/types/whitelistDomainConfig.go
+++ b/config/types/whitelistDomainConfig.go
@ -1,6 +0,0 @@
 package config
 type DomainWhitelistConfig struct {
 	Enabled bool     `yaml:"enabled"`
 	Domains []string `yaml:"domains"`
 }
--- a/config/types/whitelistKindConfig.go
+++ b/config/types/whitelistKindConfig.go
@ -1,6 +0,0 @@
 package config
 type KindWhitelistConfig struct {
 	Enabled bool     `yaml:"enabled"`
 	Kinds   []string `yaml:"kinds"`
 }
--- a/config/types/whitelistPubkeyConfig.go
+++ b/config/types/whitelistPubkeyConfig.go
@ -1,7 +0,0 @@
 package config
 type PubkeyWhitelistConfig struct {
 	Enabled bool     `yaml:"enabled"`
 	Pubkeys []string `yaml:"pubkeys"`
 	Npubs   []string `yaml:"npubs"`
 }
--- a/main.go
+++ b/main.go
@ -22,28 +22,32 @@ import (
 func main() {
    utils.EnsureFileExists("config.yml", "app/static/examples/config.example.yml")
    utils.EnsureFileExists("whitelist.yml", "app/static/examples/whitelist.example.yml")
    utils.EnsureFileExists("relay_metadata.json", "app/static/examples/relay_metadata.example.json")
    restartChan := make(chan struct{})
-	go config.WatchConfigFile("config.yml", restartChan) // Critical goroutine
+    go config.WatchConfigFile("config.yml", restartChan)
    signalChan := make(chan os.Signal, 1)
    signal.Notify(signalChan, syscall.SIGINT, syscall.SIGTERM)
    var wg sync.WaitGroup
    for {
-		wg.Add(1) // Add to WaitGroup for the server goroutine
+        wg.Add(1)
        cfg, err := config.LoadConfig("config.yml")
        if err != nil {
            log.Fatal("Error loading config: ", err)
        }
-		// Start event purging in the background
+        _, err = config.LoadWhitelistConfig("whitelist.yml")
        if err != nil {
            log.Fatal("Error loading whitelist config: ", err)
        }
        go mongo.ScheduleEventPurging(cfg)
-		config.SetResourceLimit(&cfg.ResourceLimits) // Apply limits once before starting the server
+        config.SetResourceLimit(&cfg.ResourceLimits)
        client, err := mongo.InitDB(cfg)
        if err != nil {
            log.Fatal("Error initializing database: ", err)
@ -51,7 +55,6 @@ func main() {
        config.SetRateLimit(cfg)
        config.SetSizeLimit(cfg)
        config.ClearTemporaryBans()
        err = utils.LoadRelayMetadataJSON()
@ -60,22 +63,19 @@ func main() {
        }
        mux := setupRoutes()
 		// Start the server
        server := startServer(cfg, mux, &wg)
        select {
        case <-restartChan:
            log.Println("Restarting server...")
-			server.Close() // Stop the current server instance
+            server.Close()
-			wg.Wait()      // Wait for the server goroutine to finish
+            wg.Wait()
            time.Sleep(3 * time.Second)
        case <-signalChan:
            log.Println("Shutting down server...")
-			server.Close()             // Stop the server
+            server.Close()
-			mongo.DisconnectDB(client) // Disconnect from MongoDB
+            mongo.DisconnectDB(client)
-			wg.Wait()                  // Wait for all goroutines to finish
+            wg.Wait()
            return
        }
    }
--- a/server/db/mongo/purgeEvents.go
+++ b/server/db/mongo/purgeEvents.go
@ -2,6 +2,7 @@ package mongo
 import (
 	"context"
 	"grain/config"
 	types "grain/config/types"
 	"grain/server/utils"
 	"log"
@ -10,6 +11,7 @@ import (
 	"go.mongodb.org/mongo-driver/bson"
 )
 // PurgeOldEvents removes old events based on the configuration and a list of whitelisted pubkeys.
 func PurgeOldEvents(cfg *types.EventPurgeConfig, whitelist []string) {
 	if !cfg.Enabled {
 		return
@ -21,10 +23,12 @@ func PurgeOldEvents(cfg *types.EventPurgeConfig, whitelist []string) {
 	// Calculate the cutoff time
 	cutoff := time.Now().AddDate(0, 0, -cfg.KeepDurationDays).Unix()
 	// Create the filter for purging old events
 	filter := bson.M{
 		"created_at": bson.M{"$lt": cutoff}, // Filter older events
 	}
 	// Exclude whitelisted pubkeys if specified in the config
 	if cfg.ExcludeWhitelisted && len(whitelist) > 0 {
 		filter["pubkey"] = bson.M{"$nin": whitelist} // Exclude whitelisted pubkeys
 	}
@ -52,7 +56,6 @@ func PurgeOldEvents(cfg *types.EventPurgeConfig, whitelist []string) {
 	}
 }
 // Example of a periodic purging task
 // ScheduleEventPurging runs the event purging at a configurable interval.
 func ScheduleEventPurging(cfg *types.ServerConfig) {
 	// Use the purge interval from the configuration
@ -61,22 +64,33 @@ func ScheduleEventPurging(cfg *types.ServerConfig) {
 	defer ticker.Stop()
 	for range ticker.C {
-		whitelist := getWhitelistedPubKeys(cfg)
+		// Fetch the whitelisted pubkeys without passing cfg directly
 		whitelist := getWhitelistedPubKeys()
 		PurgeOldEvents(&cfg.EventPurge, whitelist)
 		log.Printf("Purged old events, keeping whitelisted pubkeys: %v", whitelist)
 	}
 }
-// Fetch whitelisted pubkeys from both the config and any additional domains.
+// Fetch whitelisted pubkeys from both the whitelist config and any additional domains.
-func getWhitelistedPubKeys(cfg *types.ServerConfig) []string {
+func getWhitelistedPubKeys() []string {
-	whitelistedPubkeys := cfg.PubkeyWhitelist.Pubkeys
+	// Get the whitelist configuration
 	whitelistCfg := config.GetWhitelistConfig()
 	if whitelistCfg == nil {
 		log.Println("whitelistCfg is nil, returning an empty list of whitelisted pubkeys.")
 		return []string{}
 	}
 	// Start with the statically defined pubkeys
 	whitelistedPubkeys := whitelistCfg.PubkeyWhitelist.Pubkeys
 	// Fetch pubkeys from domains if domain whitelist is enabled
-	if cfg.DomainWhitelist.Enabled {
+	if whitelistCfg.DomainWhitelist.Enabled {
-		domains := cfg.DomainWhitelist.Domains
+		domains := whitelistCfg.DomainWhitelist.Domains
 		pubkeys, err := utils.FetchPubkeysFromDomains(domains)
 		if err != nil {
 			log.Printf("Error fetching pubkeys from domains: %v", err)
-			return whitelistedPubkeys // Return existing whitelisted pubkeys in case of error
+			// Return the existing statically whitelisted pubkeys in case of an error
 			return whitelistedPubkeys
 		}
 		// Append fetched pubkeys from domains to the whitelisted pubkeys
 		whitelistedPubkeys = append(whitelistedPubkeys, pubkeys...)
--- a/server/handlers/event.go
+++ b/server/handlers/event.go
@ -68,37 +68,41 @@ func HandleEvent(ws *websocket.Conn, message []interface{}) {
 }
 func handleBlacklistAndWhitelist(ws *websocket.Conn, evt nostr.Event) bool {
-	if config.GetConfig().DomainWhitelist.Enabled {
+    whitelistCfg := config.GetWhitelistConfig()
-		domains := config.GetConfig().DomainWhitelist.Domains
+
    // If domain whitelisting is enabled, dynamically fetch pubkeys from domains
    if whitelistCfg.DomainWhitelist.Enabled {
        domains := whitelistCfg.DomainWhitelist.Domains
        pubkeys, err := utils.FetchPubkeysFromDomains(domains)
        if err != nil {
            fmt.Println("Error fetching pubkeys from domains:", err)
            response.SendNotice(ws, "", "Error fetching pubkeys from domains")
            return false
        }
-		for _, pubkey := range pubkeys {
+        // Update the whitelisted pubkeys dynamically
-			config.GetConfig().PubkeyWhitelist.Pubkeys = append(config.GetConfig().PubkeyWhitelist.Pubkeys, pubkey)
+        whitelistCfg.PubkeyWhitelist.Pubkeys = append(whitelistCfg.PubkeyWhitelist.Pubkeys, pubkeys...)
 		}
    }
    // Check if the event's pubkey or content is blacklisted
    if blacklisted, msg := config.CheckBlacklist(evt.PubKey, evt.Content); blacklisted {
        response.SendOK(ws, evt.ID, false, msg)
        return false
    }
-	if config.GetConfig().KindWhitelist.Enabled && !config.IsKindWhitelisted(evt.Kind) {
+    // Check if the event's kind is whitelisted
    if whitelistCfg.KindWhitelist.Enabled && !config.IsKindWhitelisted(evt.Kind) {
        response.SendOK(ws, evt.ID, false, "not allowed: event kind is not whitelisted")
        return false
    }
-	if config.GetConfig().PubkeyWhitelist.Enabled && !config.IsPubKeyWhitelisted(evt.PubKey) {
+    // Check if the event's pubkey is whitelisted
    if whitelistCfg.PubkeyWhitelist.Enabled && !config.IsPubKeyWhitelisted(evt.PubKey) {
        response.SendOK(ws, evt.ID, false, "not allowed: pubkey or npub is not whitelisted")
        return false
    }
    return true
 }
 func handleRateAndSizeLimits(ws *websocket.Conn, evt nostr.Event, eventSize int) bool {
 	rateLimiter := config.GetRateLimiter()
 	sizeLimiter := config.GetSizeLimiter()