feat: add websocket for celestia-node
#14
Conversation
aWN4Y25pa2EK
changed the title
celestia-nodecelestia-node
| @@ -326,6 +338,14 @@ spec: | |||
| path: OAZHALLLMV4Q | |||
| - key: my_celes_key_info | |||
| path: my_celes_key.info | |||
| - name: tls-certs | |||
| secret: | |||
| secretName: tls-da-wss | |||
There was a problem hiding this comment.
Make the secret name configurable via the values.
It should be optional to use.
There was a problem hiding this comment.
Also, document what the secret should contain.
| @@ -272,6 +276,14 @@ spec: | |||
| - name: home-dir # This is needed so that the process has permissions to create files in the home directory | |||
| mountPath: {{ .Values.node.settings.home }} | |||
| readOnly: false | |||
| - name: tls-certs | |||
| mountPath: /home/celestia/tls/cert.pem | |||
There was a problem hiding this comment.
Use {{ .Values.node.settings.home }} instead of /home/celestia
| subPath: fullchain.pem | ||
| readOnly: true | ||
| - name: tls-certs | ||
| mountPath: /home/celestia/tls/key.pem |
There was a problem hiding this comment.
Use {{ .Values.node.settings.home }} instead of /home/celestia
| secret: | ||
| secretName: tls-da-wss | ||
| items: | ||
| - key: fullchain.pem |
| items: | ||
| - key: fullchain.pem | ||
| path: fullchain.pem | ||
| - key: privkey.pem |
|
Can we close this, as websocket is not yet supported by libp2p? |
.tls-wildcard-arabica.yaml.swp
Outdated
charts/celestia-node/values.yaml
Outdated
| ListenAddresses: | ||
| # IPv4 | ||
| - /ip4/0.0.0.0/udp/2121/quic-v1/webtransport | ||
| - /ip6/::/udp/2121/quic-v1/webtransport | ||
| - /ip4/0.0.0.0/udp/2121/quic-v1 | ||
| - /ip6/::/udp/2121/quic-v1 | ||
| #- /ip4/0.0.0.0/tcp/2122/wss | ||
| - /ip4/0.0.0.0/tcp/2121 | ||
| # IPv6 | ||
| - /ip6/::/udp/2121/quic-v1/webtransport | ||
| - /ip6/::/udp/2121/quic-v1 | ||
| #- /ip6/::/tcp/2122/wss | ||
| - /ip6/::/tcp/2121 | ||
| AnnounceAddresses: [] | ||
| NoAnnounceAddresses: | ||
| # IPv4 | ||
| - /ip4/127.0.0.1/udp/2121/quic-v1/webtransport | ||
| - /ip4/0.0.0.0/udp/2121/quic-v1/webtransport | ||
| - /ip6/::/udp/2121/quic-v1/webtransport | ||
| - /ip4/0.0.0.0/udp/2121/quic-v1 | ||
| - /ip4/127.0.0.1/udp/2121/quic-v1 | ||
| - /ip6/::/udp/2121/quic-v1 | ||
| - /ip4/0.0.0.0/tcp/2121 | ||
| - /ip4/127.0.0.1/tcp/2122/wss | ||
| - /ip4/127.0.0.1/tcp/2121 | ||
| - /ip6/::/tcp/2121 | ||
| # IPv6 | ||
| - /ip6/::1/udp/2121/quic-v1/webtransport | ||
| - /ip6/::1/udp/2121/quic-v1 | ||
| - /ip6/::1/tcp/2122/wss | ||
| - /ip6/::1/tcp/2121 |
There was a problem hiding this comment.
Before merging, we need to check this.
| livenessProbe: | ||
| enabled: true | ||
| periodSeconds: 10 | ||
| failureThreshold: 3 | ||
| readinessProbe: | ||
| enabled: true | ||
| periodSeconds: 10 | ||
| failureThreshold: 30 | ||
| startupProbe: | ||
| enabled: true | ||
| periodSeconds: 10 | ||
| failureThreshold: 60 |
There was a problem hiding this comment.
are these values different from the default?, if not, we could get rid of them to make it even easier
There was a problem hiding this comment.
We need to add a env variable CELESTIA_TLS_PATH : /home/celestia/tls
There was a problem hiding this comment.
There is a scenario where we want to deploy a helm chart without an tls certificate.
I propose to add a boolean to the setting, which will mount the secret and set the env var if it is set to true.
node:
settings
tls:
enabled: <true/false>
secretName: <secretName>
There was a problem hiding this comment.
Co-authored-by: tty47 <[email protected]>
…rts into task/add-web-socket
No description provided.