feat: add flag to enable TLS (#28)

* add config enable tls

* add config enable tls 2

* add enable TLS flag

README.md

@@ -14,6 +14,14 @@ FEEDER_MNEMONIC="guard cream sadness conduct invite crumble clock pudding hole g
 EXCHANGE_SYMBOLS_MAP='{"bitfinex": {"ubtc:unusd": "tBTCUSD", "ueth:unusd": "tETHUSD", "uusd:unusd": "tUSTUSD"}}'
 ```
 
+### Enabling TLS
+
+To enable TLS, you need to set the following env vars:
+
+```ini
+TLS_ENABLED="true"
+```
+
 ### Delegating post pricing
 
 In order to be able to delegate the post pricing you need to set the

cmd/feeder/main.go

@@ -34,14 +34,14 @@ func main() {
 
 	c := config.MustGet()
 
-	eventStream := eventstream.Dial(c.WebsocketEndpoint, c.GRPCEndpoint, logger)
+	eventStream := eventstream.Dial(c.WebsocketEndpoint, c.GRPCEndpoint, c.EnableTLS, logger)
 	priceProvider := priceprovider.NewAggregatePriceProvider(c.ExchangesToPairToSymbolMap, c.DataSourceConfigMap, logger)
 	kb, valAddr, feederAddr := config.GetAuth(c.FeederMnemonic)
 
 	if c.ValidatorAddr != nil {
 		valAddr = *c.ValidatorAddr
 	}
-	pricePoster := priceposter.Dial(c.GRPCEndpoint, c.ChainID, kb, valAddr, feederAddr, logger)
+	pricePoster := priceposter.Dial(c.GRPCEndpoint, c.ChainID, c.EnableTLS, kb, valAddr, feederAddr, logger)
 
 	f := feeder.NewFeeder(eventStream, priceProvider, pricePoster, logger)
 	f.Run()

config/config.go

@@ -35,6 +35,7 @@ func Get() (*Config, error) {
 	conf.GRPCEndpoint = os.Getenv("GRPC_ENDPOINT")
 	conf.WebsocketEndpoint = os.Getenv("WEBSOCKET_ENDPOINT")
 	conf.FeederMnemonic = os.Getenv("FEEDER_MNEMONIC")
+	conf.EnableTLS = os.Getenv("ENABLE_TLS") == "true"
 	exchangeSymbolsMapJson := os.Getenv("EXCHANGE_SYMBOLS_MAP")
 	exchangeSymbolsMap := map[string]map[string]string{}
 	err := json.Unmarshal([]byte(exchangeSymbolsMapJson), &exchangeSymbolsMap)
@@ -82,6 +83,7 @@ type Config struct {
 	FeederMnemonic             string
 	ChainID                    string
 	ValidatorAddr              *sdk.ValAddress
+	EnableTLS                  bool
 }
 
 func (c *Config) Validate() error {

feeder/eventstream/stream.go

@@ -3,7 +3,6 @@ package eventstream
 import (
 	"context"
 	"crypto/tls"
-	"strings"
 	"sync"
 	"sync/atomic"
 	"time"
@@ -24,16 +23,17 @@ type wsI interface {
 }
 
 // Dial opens two connections to the given endpoint, one for the websocket and one for the oracle grpc.
-func Dial(tendermintRPCEndpoint string, grpcEndpoint string, logger zerolog.Logger) *Stream {
-	transportDialOpt := grpc.WithTransportCredentials(
-		credentials.NewTLS(
-			&tls.Config{
-				InsecureSkipVerify: false,
-			},
-		),
-	)
-	if strings.Contains(grpcEndpoint, "localhost") {
-		transportDialOpt = grpc.WithInsecure()
+func Dial(tendermintRPCEndpoint string, grpcEndpoint string, enableTLS bool, logger zerolog.Logger) *Stream {
+	transportDialOpt := grpc.WithInsecure()
+
+	if enableTLS {
+		transportDialOpt = grpc.WithTransportCredentials(
+			credentials.NewTLS(
+				&tls.Config{
+					InsecureSkipVerify: false,
+				},
+			),
+		)
 	}
 
 	conn, err := grpc.Dial(grpcEndpoint, transportDialOpt)

feeder/priceposter/client.go

@@ -3,7 +3,6 @@ package priceposter
 import (
 	"context"
 	"crypto/tls"
-	"strings"
 	"time"
 
 	"github.com/NibiruChain/nibiru/app"
@@ -44,17 +43,17 @@ type deps struct {
 	chainID      string
 }
 
-func Dial(grpcEndpoint string, chainID string, keyBase keyring.Keyring, validator sdk.ValAddress, feeder sdk.AccAddress, logger zerolog.Logger) *Client {
-
-	transportDialOpt := grpc.WithTransportCredentials(
-		credentials.NewTLS(
-			&tls.Config{
-				InsecureSkipVerify: false,
-			},
-		),
-	)
-	if strings.Contains(grpcEndpoint, "localhost") {
-		transportDialOpt = grpc.WithInsecure()
+func Dial(grpcEndpoint string, chainID string, enableTLS bool, keyBase keyring.Keyring, validator sdk.ValAddress, feeder sdk.AccAddress, logger zerolog.Logger) *Client {
+	transportDialOpt := grpc.WithInsecure()
+
+	if enableTLS {
+		transportDialOpt = grpc.WithTransportCredentials(
+			credentials.NewTLS(
+				&tls.Config{
+					InsecureSkipVerify: false,
+				},
+			),
+		)
 	}
 
 	conn, err := grpc.Dial(grpcEndpoint, transportDialOpt)