diff --git a/satellite/api.go b/satellite/api.go index eb24ce4dc..91347ecd3 100644 --- a/satellite/api.go +++ b/satellite/api.go @@ -329,7 +329,7 @@ func NewAPI(log *zap.Logger, full *identity.FullIdentity, db DB, peer.Overlay.Service, peer.Orders.DB, peer.DB.Buckets(), - config.Orders.Expiration, + config.Orders, &pb.NodeAddress{ Transport: pb.NodeTransport_TCP_TLS_GRPC, Address: config.Contact.ExternalAddress, diff --git a/satellite/core.go b/satellite/core.go index 61f27e4cb..951906edc 100644 --- a/satellite/core.go +++ b/satellite/core.go @@ -269,7 +269,7 @@ func New(log *zap.Logger, full *identity.FullIdentity, db DB, peer.Overlay.Service, peer.Orders.DB, peer.DB.Buckets(), - config.Orders.Expiration, + config.Orders, &pb.NodeAddress{ Transport: pb.NodeTransport_TCP_TLS_GRPC, Address: config.Contact.ExternalAddress, diff --git a/satellite/orders/encryptionkey.go b/satellite/orders/encryptionkey.go index 7bc33df87..4191986e4 100644 --- a/satellite/orders/encryptionkey.go +++ b/satellite/orders/encryptionkey.go @@ -114,6 +114,9 @@ func (keys *EncryptionKeys) Set(s string) error { if keys.KeyByID == nil { keys.KeyByID = map[EncryptionKeyID]storj.Key{} } + if s == "" { + return nil + } for _, x := range strings.Split(s, ",") { x = strings.TrimSpace(x) diff --git a/satellite/orders/service.go b/satellite/orders/service.go index 159fc684f..b007a0199 100644 --- a/satellite/orders/service.go +++ b/satellite/orders/service.go @@ -27,6 +27,7 @@ var ErrDownloadFailedNotEnoughPieces = errs.Class("not enough pieces for downloa // Config is a configuration struct for orders Service. type Config struct { + EncryptionKeys EncryptionKeys `help:"encryption keys to encrypt info in orders" default:""` Expiration time.Duration `help:"how long until an order expires" default:"48h"` // 2 days SettlementBatchSize int `help:"how many orders to batch per transaction" default:"250"` FlushBatchSize int `help:"how many items in the rollups write cache before they are flushed to the database" devDefault:"20" releaseDefault:"10000"` @@ -46,31 +47,37 @@ type BucketsDB interface { // // architecture: Service type Service struct { - log *zap.Logger - satellite signing.Signer - overlay *overlay.Service - orders DB - buckets BucketsDB + log *zap.Logger + satellite signing.Signer + overlay *overlay.Service + orders DB + buckets BucketsDB + + encryptionKeys EncryptionKeys satelliteAddress *pb.NodeAddress orderExpiration time.Duration - rngMu sync.Mutex - rng *mathrand.Rand + + rngMu sync.Mutex + rng *mathrand.Rand } // NewService creates new service for creating order limits. func NewService( log *zap.Logger, satellite signing.Signer, overlay *overlay.Service, orders DB, buckets BucketsDB, - orderExpiration time.Duration, satelliteAddress *pb.NodeAddress, + config Config, + satelliteAddress *pb.NodeAddress, ) *Service { return &Service{ - log: log, - satellite: satellite, - overlay: overlay, - orders: orders, - buckets: buckets, + log: log, + satellite: satellite, + overlay: overlay, + orders: orders, + buckets: buckets, + + encryptionKeys: config.EncryptionKeys, satelliteAddress: satelliteAddress, - orderExpiration: orderExpiration, + orderExpiration: config.Expiration, rng: mathrand.New(mathrand.NewSource(time.Now().UnixNano())), } diff --git a/satellite/repairer.go b/satellite/repairer.go index 3f7ec052c..a1bad62c7 100644 --- a/satellite/repairer.go +++ b/satellite/repairer.go @@ -156,7 +156,7 @@ func NewRepairer(log *zap.Logger, full *identity.FullIdentity, peer.Overlay, peer.Orders.DB, bucketsDB, - config.Orders.Expiration, + config.Orders, &pb.NodeAddress{ Transport: pb.NodeTransport_TCP_TLS_GRPC, Address: config.Contact.ExternalAddress, diff --git a/scripts/testdata/satellite-config.yaml.lock b/scripts/testdata/satellite-config.yaml.lock index a1ccf7827..88c3e3966 100755 --- a/scripts/testdata/satellite-config.yaml.lock +++ b/scripts/testdata/satellite-config.yaml.lock @@ -442,6 +442,9 @@ identity.key-path: /root/.local/share/storj/identity/satellite/identity.key # path to log for oom notices # monkit.hw.oomlog: /var/log/kern.log +# encryption keys to encrypt info in orders +# orders.encryption-keys: "" + # how long until an order expires # orders.expiration: 48h0m0s