feat(dashmate)!: move ssl dir (dashpay#1502)

packages/dashmate/configs/getConfigFileMigrationsFactory.js

@@ -1,4 +1,6 @@
 /* eslint-disable no-param-reassign */
+const fs = require('fs');
+const path = require('path');
 
 const { NETWORK_LOCAL, NETWORK_TESTNET, NETWORK_MAINNET } = require('../src/constants');
 
@@ -240,6 +242,32 @@ function getConfigFileMigrationsFactory(homeDir, defaultConfigs) {
             options.platform.drive.abci.logs = base.get('platform.drive.abci.logs');
           });
 
+        return configFile;
+      },
+      '0.25.7': (configFile) => {
+        Object.entries(configFile.configs)
+          .forEach(([name, options]) => {
+            if (options.network !== NETWORK_MAINNET) {
+              const filenames = ['private.key', 'bundle.crt', 'bundle.csr', 'csr.pem'];
+
+              for (const filename of filenames) {
+                const oldFilePath = homeDir.joinPath('ssl', name, filename);
+                const newFilePath = homeDir.joinPath(name,
+                  'platform', 'dapi', 'envoy', 'ssl', filename);
+
+                if (fs.existsSync(oldFilePath)) {
+                  fs.mkdirSync(path.dirname(newFilePath), { recursive: true });
+                  fs.copyFileSync(oldFilePath, newFilePath);
+                  fs.rmSync(oldFilePath, { recursive: true });
+                }
+              }
+            }
+          });
+
+        if (fs.existsSync(homeDir.joinPath('ssl'))) {
+          fs.rmSync(homeDir.joinPath('ssl'), { recursive: true });
+        }
+
         return configFile;
       },
     };

packages/dashmate/docker-compose.yml

@@ -164,8 +164,8 @@ services:
       - ENVOY_GID=${LOCAL_GID:?err}
     volumes:
       - ${DASHMATE_HOME_DIR:?err}/${CONFIG_NAME:?err}/platform/dapi/envoy/envoy.yaml:/etc/envoy/envoy.yaml:ro
-      - ${DASHMATE_HOME_DIR:?err}/ssl/${CONFIG_NAME:?err}/bundle.crt:/etc/ssl/bundle.crt:ro
-      - ${DASHMATE_HOME_DIR:?err}/ssl/${CONFIG_NAME:?err}/private.key:/etc/ssl/private.key:ro
+      - ${DASHMATE_HOME_DIR:?err}/${CONFIG_NAME:?err}/platform/dapi/envoy/ssl/bundle.crt:/etc/ssl/bundle.crt:ro
+      - ${DASHMATE_HOME_DIR:?err}/${CONFIG_NAME:?err}/platform/dapi/envoy/ssl/private.key:/etc/ssl/private.key:ro
     stop_grace_period: 10s
     profiles:
       - platform

packages/dashmate/package.json

@@ -37,10 +37,15 @@
       "name": "Konstantin Shuplenkov",
       "email": "[email protected]",
       "url": "https://github.com/shuplenkov"
+    },
+    {
+      "name": "Mikhail Pshenichnikov",
+      "email": "[email protected]",
+      "url": "https://github.com/pshenmic"
     }
   ],
   "engines": {
-    "node": ">=12"
+    "node": ">=18"
   },
   "license": "MIT",
   "bugs": {

packages/dashmate/src/listr/tasks/resetNodeTaskFactory.js

@@ -142,12 +142,6 @@ function resetNodeTaskFactory(
             recursive: true,
             force: true,
           });
-
-          // Remove SSL files
-          fs.rmSync(homeDir.joinPath('ssl', baseConfigName), {
-            recursive: true,
-            force: true,
-          });
         },
       },
     ]);

packages/dashmate/src/listr/tasks/ssl/saveCertificateTask.js

@@ -17,15 +17,16 @@ function saveCertificateTaskFactory(homeDir) {
       {
         title: 'Save certificates',
         task: async (ctx) => {
-          const configDir = homeDir.joinPath('ssl', config.getName());
+          const certificatesDir = homeDir.joinPath(config.getName(),
+            'platform', 'dapi', 'envoy', 'ssl');
 
-          fs.mkdirSync(configDir, { recursive: true });
+          fs.mkdirSync(certificatesDir, { recursive: true });
 
-          const crtFile = path.join(configDir, 'bundle.crt');
+          const crtFile = path.join(certificatesDir, 'bundle.crt');
 
           fs.writeFileSync(crtFile, ctx.certificateFile, 'utf8');
 
-          const keyFile = path.join(configDir, 'private.key');
+          const keyFile = path.join(certificatesDir, 'private.key');
           fs.writeFileSync(keyFile, ctx.privateKeyFile, 'utf8');
 
           config.set('platform.dapi.envoy.ssl.enabled', true);