feat: refactor wss and instead of using wss port use entire wss addr

Author: martinconic

cmd/bee/cmd/cmd.go

@@ -84,7 +84,7 @@ const (
 	optionSkipPostageSnapshot              = "skip-postage-snapshot"
 	optionNameMinimumGasTipCap             = "minimum-gas-tip-cap"
 	optionAutoTLSEnabled                   = "autotls-enabled"
-	optionP2PWSSPort                       = "p2p-wss-port"
+	optionP2PWSSAddr                       = "p2p-wss-addr"
 	optionNATWSSAddr                       = "nat-wss-addr"
 	optionAutoTLSStorageDir                = "autotls-storage-dir"
 	optionAutoTLSDomain                    = "autotls-domain"
@@ -301,7 +301,7 @@ func (c *command) setAllFlags(cmd *cobra.Command) {
 	cmd.Flags().Bool(optionSkipPostageSnapshot, false, "skip postage snapshot")
 	cmd.Flags().Uint64(optionNameMinimumGasTipCap, 0, "minimum gas tip cap in wei for transactions, 0 means use suggested gas tip cap")
 	cmd.Flags().Bool(optionAutoTLSEnabled, false, "Enable AutoTLS for secure WebSocket connections")
-	cmd.Flags().String(optionP2PWSSPort, "1635", "p2p wss port")
+	cmd.Flags().String(optionP2PWSSAddr, ":1635", "p2p wss address")
 	cmd.Flags().String(optionNATWSSAddr, "", "WSS NAT exposed address")
 	cmd.Flags().String(optionAutoTLSStorageDir, "./p2p-tls-certs", "Data directory for certificate storage (default ./p2p-tls-certs)")
 	cmd.Flags().String(optionAutoTLSDomain, p2pforge.DefaultForgeDomain, "autotls domain")

cmd/bee/cmd/start.go

@@ -282,7 +282,7 @@ func buildBeeNode(ctx context.Context, c *command, cmd *cobra.Command, logger lo
 		AllowPrivateCIDRs:             c.config.GetBool(optionNameAllowPrivateCIDRs),
 		APIAddr:                       c.config.GetString(optionNameAPIAddr),
 		AutoTLSEnabled:                c.config.GetBool(optionAutoTLSEnabled),
-		WSSPort:                       c.config.GetString(optionP2PWSSPort),
+		WSSAddr:                       c.config.GetString(optionP2PWSSAddr),
 		AutoTLSStorageDir:             c.config.GetString(optionAutoTLSStorageDir),
 		BlockchainRpcEndpoint:         c.config.GetString(optionNameBlockchainRpcEndpoint),
 		BlockProfile:                  c.config.GetBool(optionNamePProfBlock),

packaging/bee.yaml

@@ -122,8 +122,8 @@ password-file: "/var/lib/bee/password"
 # withdrawal-addresses-whitelist: []
 ## enable autotls (default: false)
 # autotls-enabled: false
-## wss port (default: 1635)
-# p2p-wss-port: "1635"
+## wss address (default: :1635)
+# p2p-wss-addr: :1635
 ## WSS NAT exposed address
 # nat-wss-addr: ""
 ## autotls certificate storage directory (default: ./p2p-tls-certs)

packaging/homebrew-amd64/bee.yaml

@@ -122,8 +122,8 @@ password-file: "/usr/local/var/lib/swarm-bee/password"
 # withdrawal-addresses-whitelist: []
 ## enable autotls (default: false)
 # autotls-enabled: false
-## wss port (default: 1635)
-# p2p-wss-port: "1635"
+## wss address (default: :1635)
+# p2p-wss-addr: :1635
 ## WSS NAT exposed address
 # nat-wss-addr: ""
 ## autotls certificate storage directory (default: ./p2p-tls-certs)

packaging/homebrew-arm64/bee.yaml

@@ -122,8 +122,8 @@ password-file: "/opt/homebrew/var/lib/swarm-bee/password"
 # withdrawal-addresses-whitelist: []
 ## enable autotls (default: false)
 # autotls-enabled: false
-## wss port (default: 1635)
-# p2p-wss-port: "1635"
+## wss address (default: :1635)
+# p2p-wss-addr: :1635
 ## WSS NAT exposed address
 # nat-wss-addr: ""
 ## autotls certificate storage directory (default: ./p2p-tls-certs)

packaging/scoop/bee.yaml

@@ -122,8 +122,8 @@ password-file: "./password"
 # withdrawal-addresses-whitelist: []
 ## enable autotls (default: false)
 # autotls-enabled: false
-## wss port (default: 1635)
-# p2p-wss-port: "1635"
+## wss address (default: :1635)
+# p2p-wss-addr: :1635
 ## WSS NAT exposed address
 # nat-wss-addr: ""
 ## autotls certificate storage directory (default: ./p2p-tls-certs)

pkg/node/bootstrap.go

@@ -101,7 +101,7 @@ func bootstrapNode(
 		NATAddr:                     o.NATAddr,
 		EnableWS:                    o.EnableWS,
 		AutoTLSEnabled:              o.AutoTLSEnabled,
-		WSSPort:                     o.WSSPort,
+		WSSAddr:                     o.WSSAddr,
 		AutoTLSStorageDir:           o.AutoTLSStorageDir,
 		AutoTLSDomain:               o.AutoTLSDomain,
 		AutoTLSRegistrationEndpoint: o.AutoTLSRegistrationEndpoint,

pkg/node/node.go

@@ -129,7 +129,7 @@ type Options struct {
 	AllowPrivateCIDRs             bool
 	APIAddr                       string
 	AutoTLSEnabled                bool
-	WSSPort                       string
+	WSSAddr                       string
 	AutoTLSStorageDir             string
 	BlockchainRpcEndpoint         string
 	BlockProfile                  bool
@@ -660,7 +660,7 @@ func NewBee(
 		NATAddr:                     o.NATAddr,
 		EnableWS:                    o.EnableWS,
 		AutoTLSEnabled:              o.AutoTLSEnabled,
-		WSSPort:                     o.WSSPort,
+		WSSAddr:                     o.WSSAddr,
 		AutoTLSStorageDir:           o.AutoTLSStorageDir,
 		AutoTLSDomain:               o.AutoTLSDomain,
 		AutoTLSRegistrationEndpoint: o.AutoTLSRegistrationEndpoint,

pkg/p2p/libp2p/libp2p.go

@@ -144,7 +144,7 @@ type Options struct {
 	WSSNATAddr                  string
 	EnableWS                    bool
 	AutoTLSEnabled              bool
-	WSSPort                     string
+	WSSAddr                     string
 	AutoTLSStorageDir           string
 	AutoTLSCAEndpoint           string
 	AutoTLSDomain               string
@@ -161,43 +161,38 @@ type Options struct {
 }
 
 func New(ctx context.Context, signer beecrypto.Signer, networkID uint64, overlay swarm.Address, addr string, ab addressbook.Putter, storer storage.StateStorer, lightNodes *lightnode.Container, logger log.Logger, tracer *tracing.Tracer, o Options) (*Service, error) {
-	host, port, err := net.SplitHostPort(addr)
+	parsedAddr, err := parseAddress(addr)
 	if err != nil {
-		return nil, fmt.Errorf("address: %w", err)
+		return nil, err
 	}
 
-	ip4Addr := "0.0.0.0"
-	ip6Addr := "::"
-
-	if host != "" {
-		ip := net.ParseIP(host)
-		if ip4 := ip.To4(); ip4 != nil {
-			ip4Addr = ip4.String()
-			ip6Addr = ""
-		} else if ip6 := ip.To16(); ip6 != nil {
-			ip6Addr = ip6.String()
-			ip4Addr = ""
+	var listenAddrs []string
+	if parsedAddr.IP4 != "" {
+		listenAddrs = append(listenAddrs, fmt.Sprintf("/ip4/%s/tcp/%s", parsedAddr.IP4, parsedAddr.Port))
+		if o.EnableWS {
+			listenAddrs = append(listenAddrs, fmt.Sprintf("/ip4/%s/tcp/%s/ws", parsedAddr.IP4, parsedAddr.Port))
 		}
 	}
 
-	var listenAddrs []string
-	if ip4Addr != "" {
-		listenAddrs = append(listenAddrs, fmt.Sprintf("/ip4/%s/tcp/%s", ip4Addr, port))
+	if parsedAddr.IP6 != "" {
+		listenAddrs = append(listenAddrs, fmt.Sprintf("/ip6/%s/tcp/%s", parsedAddr.IP6, parsedAddr.Port))
 		if o.EnableWS {
-			listenAddrs = append(listenAddrs, fmt.Sprintf("/ip4/%s/tcp/%s/ws", ip4Addr, port))
-			if o.AutoTLSEnabled {
-				listenAddrs = append(listenAddrs, fmt.Sprintf("/ip4/%s/tcp/%s/tls/sni/*.%s/ws", ip4Addr, o.WSSPort, o.AutoTLSDomain))
-			}
+			listenAddrs = append(listenAddrs, fmt.Sprintf("/ip6/%s/tcp/%s/ws", parsedAddr.IP6, parsedAddr.Port))
 		}
 	}
 
-	if ip6Addr != "" {
-		listenAddrs = append(listenAddrs, fmt.Sprintf("/ip6/%s/tcp/%s", ip6Addr, port))
-		if o.EnableWS {
-			listenAddrs = append(listenAddrs, fmt.Sprintf("/ip6/%s/tcp/%s/ws", ip6Addr, port))
-			if o.AutoTLSEnabled {
-				listenAddrs = append(listenAddrs, fmt.Sprintf("/ip6/%s/tcp/%s/tls/sni/*.%s/ws", ip6Addr, o.WSSPort, o.AutoTLSDomain))
-			}
+	if o.AutoTLSEnabled {
+		parsedWssAddr, err := parseAddress(o.WSSAddr)
+		if err != nil {
+			return nil, err
+		}
+
+		if parsedWssAddr.IP4 != "" {
+			listenAddrs = append(listenAddrs, fmt.Sprintf("/ip4/%s/tcp/%s/tls/sni/*.%s/ws", parsedWssAddr.IP4, parsedWssAddr.Port, o.AutoTLSDomain))
+		}
+
+		if parsedWssAddr.IP6 != "" {
+			listenAddrs = append(listenAddrs, fmt.Sprintf("/ip6/%s/tcp/%s/tls/sni/*.%s/ws", parsedWssAddr.IP6, parsedWssAddr.Port, o.AutoTLSDomain))
 		}
 	}
 
@@ -476,7 +471,7 @@ func New(ctx context.Context, signer beecrypto.Signer, networkID uint64, overlay
 
 	if o.AutoTLSEnabled && o.EnableWS {
 		// Check reachability for AutoTLS
-		logger.Debug("Reachability for AutoTLS: ", autoNAT.Status())
+		logger.Debug("Reachability for AutoTLS: ", "status", autoNAT.Status().String())
 		if autoNAT.Status() != network.ReachabilityPublic {
 			logger.Warning("Node not publicly reachable; AutoTLS may fail")
 		}
@@ -518,6 +513,37 @@ func New(ctx context.Context, signer beecrypto.Signer, networkID uint64, overlay
 	return s, nil
 }
 
+type parsedAddress struct {
+	IP4  string
+	IP6  string
+	Port string
+}
+
+func parseAddress(addr string) (*parsedAddress, error) {
+	host, port, err := net.SplitHostPort(addr)
+	if err != nil {
+		return nil, fmt.Errorf("address: %w", err)
+	}
+
+	res := &parsedAddress{
+		IP4:  "0.0.0.0",
+		IP6:  "::",
+		Port: port,
+	}
+
+	if host != "" {
+		ip := net.ParseIP(host)
+		if ip4parsed := ip.To4(); ip4parsed != nil {
+			res.IP4 = ip4parsed.String()
+			res.IP6 = ""
+		} else if ip6parsed := ip.To16(); ip6parsed != nil {
+			res.IP6 = ip6parsed.String()
+			res.IP4 = ""
+		}
+	}
+	return res, nil
+}
+
 func (s *Service) reachabilityWorker() error {
 	sub, err := s.host.EventBus().Subscribe([]any{new(event.EvtLocalReachabilityChanged)})
 	if err != nil {
@@ -847,14 +873,8 @@ func (s *Service) Addresses() (addresses []ma.Multiaddr, err error) {
 
 	s.logger.Debug("host listen addresses", "addresses", uniqueAddrs)
 
-	// if a resolver is configured, add resolved addresses.
 	if s.advertisableAddresser != nil {
-		// Iterate over non-loopback listen addresses to resolve them.
 		for _, addr := range s.host.Addrs() {
-			if manet.IsIPLoopback(addr) {
-				continue
-			}
-
 			resolved, err := s.advertisableAddresser.Resolve(addr)
 			if err != nil {
 				s.logger.Warning("could not resolve address", "addr", addr, "error", err)