tlsConfig passed via launcherConfig

Author: disassembler

cardano-launcher/app/Main.hs

@@ -39,8 +39,7 @@ import           Cardano.BM.Tracing
 import           Cardano.Shell.Application (checkIfApplicationIsRunning)
 import           Cardano.Shell.CLI (LauncherOptionPath, getDefaultConfigPath,
                                     getLauncherOptions, launcherArgsParser)
-import           Cardano.Shell.Configuration (ConfigurationOptions (..),
-                                              LauncherOptions (..),
+import           Cardano.Shell.Configuration (LauncherOptions (..),
                                               DaedalusBin (..), getUpdaterData,
                                               getDPath,
                                               setWorkingDirectory)
@@ -51,6 +50,7 @@ import           Cardano.Shell.Launcher (LoggingDependencies (..), TLSError,
 import           Cardano.Shell.Launcher.Types (nullLogging)
 import           Cardano.Shell.Update.Lib (UpdaterData (..),
                                            runDefaultUpdateProcess)
+import           Cardano.X509.Configuration (TLSConfiguration)
 
 --------------------------------------------------------------------------------
 -- Main
@@ -172,8 +172,8 @@ main = silence $ do
             throwM . WorkingDirectoryDoesNotExist $ workingDir
 
         -- Configuration from the launcher options.
-        let mConfigurationOptions :: Maybe ConfigurationOptions
-            mConfigurationOptions = loConfiguration launcherOptions
+        let mTlsConfig :: Maybe TLSConfiguration
+            mTlsConfig = loTlsConfig launcherOptions
 
         let daedalusBin :: DaedalusBin
             daedalusBin = getDPath launcherOptions
@@ -187,14 +187,14 @@ main = silence $ do
             mTlsPath = TLSPath <$> loTlsPath launcherOptions
 
         -- If the path doesn't exist, then TLS has been disabled!
-        case (mTlsPath, mConfigurationOptions) of
-            (Just tlsPath, Just configurationOptions) -> do
+        case (mTlsPath, mTlsConfig) of
+            (Just tlsPath, Just tlsConfig) -> do
                 -- | If we need to, we first check if there are certificates so we don't have
                 -- to generate them. Since the function is called `generate...`, that's what
                 -- it does, it generates the certificates.
                 eTLSGeneration <- generateTlsCertificates
                     loggingDependencies
-                    configurationOptions
+                    tlsConfig
                     tlsPath
 
                 case eTLSGeneration of

cardano-launcher/cardano-launcher.cabal

@@ -74,6 +74,7 @@ executable cardano-launcher
       base >=4.7 && <5
     , cardano-prelude
     , cardano-launcher
+    , cardano-sl-x509
     -- formatting
     , filepath
     , formatting

cardano-launcher/src/Cardano/Shell/Configuration.hs

@@ -20,6 +20,7 @@ import           Data.Yaml (FromJSON (..), withObject, (.:), (.:?))
 import           System.Directory (doesDirectoryExist, setCurrentDirectory)
 
 import           Cardano.Shell.Update.Lib (UpdaterData (..))
+import           Cardano.X509.Configuration (TLSConfiguration)
 
 --------------------------------------------------------------------------------
 -- Configuration
@@ -43,6 +44,7 @@ newtype DaedalusBin = DaedalusBin
 data LauncherOptions = LauncherOptions
     { loConfiguration       :: !(Maybe ConfigurationOptions)
     , loTlsPath             :: !(Maybe FilePath)
+    , loTlsConfig           :: !(Maybe TLSConfiguration)
     , loUpdaterPath         :: !FilePath
     , loUpdaterArgs         :: ![Text]
     , loUpdateArchive       :: !FilePath
@@ -62,13 +64,15 @@ instance FromJSON LauncherOptions where
         updateArchive       <- o .: "updateArchive"
         configuration       <- o .:? "configuration"
         tlsPath             <- o .:? "tlsPath"
+        tlsConfig           <- o .:? "tlsConfig"
         workingDir          <- o .: "workingDir"
         stateDir            <- o .: "stateDir"
         logsPrefix          <- o .: "logsPrefix"
 
         pure $ LauncherOptions
             configuration
             tlsPath
+            tlsConfig
             updaterPath
             updaterArgs
             updateArchive

cardano-launcher/src/Cardano/Shell/Launcher.hs

@@ -30,24 +30,20 @@ import           Prelude (Show (..))
 import qualified System.Process as Process
 import           Turtle (system)
 
-import           Cardano.Shell.Configuration (ConfigurationOptions (..),
-                                              WalletArguments (..),
+import           Cardano.Shell.Configuration (WalletArguments (..),
                                               DaedalusBin (..))
 import           Cardano.Shell.Launcher.Types (LoggingDependencies (..))
 import           Cardano.Shell.Update.Lib (RemoveArchiveAfterInstall (..),
                                            RunUpdateFunc, UpdaterData (..),
                                            runUpdater)
-import           Cardano.X509.Configuration (ConfigurationKey (..),
-                                             DirConfiguration (..), certChecks,
+import           Cardano.X509.Configuration (DirConfiguration (..), certChecks,
                                              certFilename, certOutDir,
-                                             decodeConfigFile,
+                                             TLSConfiguration,
                                              fromConfiguration, genCertificate)
-import           Control.Exception.Safe (onException)
 import           Data.X509.Extra (genRSA256KeyPair, validateCertificate,
                                   writeCertificate, writeCredentials)
 import           Data.X509.Validation (FailedReason)
-import           System.Directory (createDirectoryIfMissing, doesDirectoryExist,
-                                   doesFileExist)
+import           System.Directory (createDirectoryIfMissing)
 import           System.FilePath ((</>))
 
 --------------------------------------------------------------------------------
@@ -297,21 +293,18 @@ runLauncher loggingDependencies walletRunner daedalusBin runUpdateFunc updaterDa
 -- This just covers the generation of the TLS certificates and nothing else.
 generateTlsCertificates
     :: LoggingDependencies
-    -> ConfigurationOptions
+    -> TLSConfiguration
     -> TLSPath
     -> IO (Either TLSError ())
-generateTlsCertificates externalDependencies' configurationOptions (TLSPath tlsPath) = runExceptT $ do
-    doesCertConfigExist <- liftIO $ doesFileExist (cfoFilePath configurationOptions)
-    doesTLSPathExist <- liftIO $ doesDirectoryExist tlsPath
-    unless doesCertConfigExist $ throwError . CertConfigNotFound . cfoFilePath $ configurationOptions
-    unless doesTLSPathExist $ throwError . TLSDirectoryNotFound $ tlsPath
+generateTlsCertificates externalDependencies' tlsConfig (TLSPath tlsPath) = runExceptT $ do
 
     let tlsServer = tlsPath </> "server"
     let tlsClient = tlsPath </> "client"
 
     -- Create the directories.
     liftIO $ do
         logInfo externalDependencies' $ "Generating the certificates!"
+        createDirectoryIfMissing True tlsPath
         createDirectoryIfMissing True tlsServer
         createDirectoryIfMissing True tlsClient
 
@@ -322,23 +315,13 @@ generateTlsCertificates externalDependencies' configurationOptions (TLSPath tlsP
     -- `cardano-sl`.
     generateCertificates :: FilePath -> FilePath -> ExceptT TLSError IO ()
     generateCertificates tlsServer' tlsClient = do
-
-        let configFile = cfoFilePath configurationOptions
-        -- Configuration key within the config file
-        let configKey :: ConfigurationKey
-            configKey = ConfigurationKey . textToFilePath . cfoKey $ configurationOptions
-
         let outDirectories :: DirConfiguration -- ^ Output directories configuration
             outDirectories = DirConfiguration
                 { outDirServer  = tlsServer'
                 , outDirClients = tlsClient
-                , outDirCA      = Nothing -- TODO(KS): AFAIK, we don't output the CA.
+                , outDirCA      = Nothing
                 }
 
-        -- TLS configuration
-        tlsConfig <- decodeConfigFile configKey configFile `onException`
-            (throwError . InvalidKey . cfoKey $ configurationOptions)
-
         -- From configuraiton
         (caDesc, descs) <-
             liftIO $ fromConfiguration tlsConfig outDirectories genRSA256KeyPair <$> genRSA256KeyPair
@@ -366,9 +349,6 @@ generateTlsCertificates externalDependencies' configurationOptions (TLSPath tlsP
             liftIO $ do
                 writeCredentials (certOutDir desc </> certFilename desc) (key, cert)
                 writeCertificate (certOutDir desc </> caName) caCert
-    -- Utility function.
-    textToFilePath :: Text -> FilePath
-    textToFilePath = strConv Strict
 
 -- | Error that can be thrown when generating TSL certificates
 data TLSError =