README - add infromation about enabling TLS

elpiel · elpiel · commit c1dc08e4ff37 · 2022-07-02T10:23:29.000+02:00
Docker-sentry - add env. variables for TLS
diff --git a/Dockerfile-sentry b/Dockerfile-sentry
@@ -65,6 +65,11 @@ ENV KEYSTORE_PWD=
 # Only applicable if you use the `--adapter dummy`
 ENV DUMMY_IDENTITY=
 
+# To setup TLS supply both `PRIVATE_KEYS` & `CERTIFICATES`
+# Otherwise you will get an error
+ENV PRIVATE_KEYS=
+ENV CERTIFICATES=
+
 # If set it will override the configuration file used
 ENV CONFIG=
 
@@ -85,4 +90,6 @@ ENTRYPOINT ["./scripts/entrypoint.sh"]
 CMD sentry -a ${ADAPTER:-ethereum} \
             ${KEYSTORE_FILE:+-k $KEYSTORE_FILE} \
             ${DUMMY_IDENTITY:+-i $DUMMY_IDENTITY} \
+            ${PRIVATE_KEYS:+--privateKeys $PRIVATE_KEYS} \
+            ${CERTIFICATES:+--certificates $CERTIFICATES} \
             ${CONFIG}
diff --git a/README.md b/README.md
@@ -57,7 +57,13 @@ cargo run -p sentry -- --help
 
 Starting the Sentry API in will always run migrations, this will make sure the database is always up to date with the latest migrations, before starting and exposing the web server.
 
-By default, we use the `development` environment ( [`ENV` environment variable](#environment-variables) ) as it will also seed the database.
+By default, we use the `development` environment ( [`ENV` environment variable](#environment-variables) ) ~~as it will also seed the database~~ (seeding is disabled, see #514).
+
+To enable TLS for the sentry server you need to pass both `--privateKeys` and
+`--certificates` cli options (paths to `.pem` files) otherwise the cli will
+exit with an error.
+
+For full list of available addresses see [primitives/src/test_util.rs#L39-L118](./primitives/src/test_util.rs#L39-L118)
 
 #### Using the `Ethereum` adapter
 
@@ -100,7 +106,7 @@ POSTGRES_DB="sentry_follower" PORT=8006 KEYSTORE_PWD=ganache1 cargo run -p sentr
 IP_ADDR=127.0.0.1 REDIS_URL="redis://127.0.0.1:6379/1" \
 POSTGRES_DB="sentry_leader" PORT=8005 cargo run -p sentry -- \
     --adapter dummy \
-    --dummyIdentity 80690751969B234697e9059e04ed72195c3507fa \
+    --dummyIdentity 0x80690751969B234697e9059e04ed72195c3507fa \
     ./docs/config/prod.toml
 ```
 ##### Follower (`0xf3f583AEC5f7C030722Fe992A5688557e1B86ef7`)
@@ -109,19 +115,18 @@ POSTGRES_DB="sentry_leader" PORT=8005 cargo run -p sentry -- \
 IP_ADDR=127.0.0.1 REDIS_URL="redis://127.0.0.1:6379/2" \
 POSTGRES_DB="sentry_follower" PORT=8006 cargo run -p sentry -- \
     --adapter dummy \
-    --dummyIdentity f3f583AEC5f7C030722Fe992A5688557e1B86ef7 \
+    --dummyIdentity 0xf3f583AEC5f7C030722Fe992A5688557e1B86ef7 \
     ./docs/config/prod.toml
 ```
 
-For full list, check out [primitives/src/util/tests/prep_db.rs#L29-L43](./primitives/src/util/tests/prep_db.rs#L29-L43)
-
 #### Environment variables
 
 - `ENV` - `production` or `development`; *default*: `development` - passing this env. variable will use the default configuration paths - [`docs/config/dev.toml`](./docs/config/dev.toml) (for `development`) or [`docs/config/prod.toml`](./docs/config/prod.toml) (for `production`). Otherwise you can pass your own configuration file path to the binary (check `cargo run -p sentry --help` for more information). In `development` it will make sure Sentry to seed the database.
 - `PORT` - *default*: `8005` - The local port that Sentry API will be accessible at
 - `IP_ADDR` - *default*: `0.0.0.0` - the IP address that the API should be listening to
 
 ##### Adapter
+
 - `KEYSTORE_PWD` - Password for the `Keystore file`, only available when using `Ethereum` adapter (`--adapter ethereum`)
 
 ##### Redis
