Add controls for permissioning (onchain and local)

Signed-off-by: Edward Evans <edward.evans@consensys.net>
5 years ago · b1bcce90e5
parent e1ca8aaa82
commit b1bcce90e5
2 changed files with 29 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -67,7 +67,11 @@ All variables which can be overridden are stored in [defaults/main.yml](defaults
 | `besu_metrics_host` | 0.0.0.0 | Specifies the host on which Prometheus accesses Besu metrics. The metrics server respects the `besu_whitelist` option |
 | `besu_metrics_port` | 9545 | Specifies the port on which Prometheus accesses Besu metrics |
 | `besu_bootnodes` | [] | List of comma-separated enode URLs for P2P discovery bootstrap. When connecting to MainNet or public testnets, the default is a predefined list of enode URLs |
-| `besu_host_whitelist` | ["*"] | Comma-separated list of hostnames to allow access to the JSON-RPC API. By default, access from localhost and 127.0.0.1 is accepted. |
+| `besu_host_whitelist` | `["*"]` | Comma-separated list of hostnames to allow access to the JSON-RPC API. By default, access from localhost and 127.0.0.1 is accepted. |
 | `besu_permissions_accounts_config_file` | ___unset___ | Path to the [local accounts permissioning file](http://besu.hyperledger.org/en/stable/HowTo/Limit-Access/Local-Permissioning/#permissions-configuration-file) |
 | `besu_permissions_nodes_config_file` | ___unset___ | Path to the [local nodes permissioning file](http://besu.hyperledger.org/en/stable/HowTo/Limit-Access/Local-Permissioning/#permissions-configuration-file) |
 | `besu_permissions_accounts_contract_address` | ___unset___ | The contract address for onchain accounts permissioning |
 | `besu_permissions_nodes_contract_address` | ___unset___ | The contract address for onchain nodes permissioning |
 | `besu_cmdline_args` | "" | Command line args that are passed in as overrides |
 | `besu_env_opts` | "" | Environmental variable BESU_OPTS that gets passed to the JVM. eg: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005 |
 | `orion_version` | ___unset___ | Version of Orion installed. When supplied, adds required privacy config items and requires `orion_config_dir` and `orion_key_name` to be set |
--- a/templates/config.toml.j2
+++ b/templates/config.toml.j2
@ -55,6 +55,30 @@ metrics-enabled=true
 metrics-host="{{besu_metrics_host}}"
 metrics-port={{besu_metrics_port}}
 {% if besu_permissions_accounts_config_file is defined %}
 # local account permissions
 permissions-accounts-config-file-enabled=true
 permissions-accounts-config-file="{{ besu_permissions_accounts_config_file }}"
 {% endif %}
 {% if besu_permissions_nodes_config_file is defined %}
 # local node permissions
 permissions-nodes-config-file-enabled=true
 permissions-nodes-config-file="{{ besu_permissions_nodes_config_file }}"
 {% endif %}
 {% if besu_permissions_accounts_contract_address is defined %}
 # onchain account permissions
 permissions-accounts-contract-enabled=true
 permissions-accounts-contract-address="{{ besu_permissions_accounts_contract_address }}"
 {% endif %}
 {% if besu_permissions_nodes_contract_address is defined %}
 # onchain node permissions
 permissions-nodes-contract-enabled=true
 permissions-nodes-contract-address="{{ besu_permissions_nodes_contract_address }}"
 {% endif %}
 {% if besu_bootnodes|length > 0 %}
 # bootnodes
 bootnodes={{besu_bootnodes}}