With the multichannel support, the handling of auth, gossip, and btc-src
messages has been migrated to the single shared production Satellite API
server. There are separate logical channels now for these streams.
Hence, the previous dedicated servers used for them are no longer
required.
The auth channel does not allow users to get messages (access them over
the internet). Hence, a regular SSE client should not be able to monitor
the events generated on the auth channel. In contrast, an admin host
should be able to monitor the auth events. For that, this patch adds an
/admin/subscribe endpoint that is SSL-authenticated in production, so
only the admin hosts can connect to it.
The same server now can handle multiple logical channels, on which the
transmitter logic runs independently. That is, while previously a single
message would be in transmitting state at a time, now multiple messages
can be in transmitting state as long as they belong to distinct logical
channels.
The supported channels each have different permissions. The user channel
is where users can post, get, and delete messages as needed. In
contrast, the other channels do not grant all permissions to users. Some
are read-only (users can get but not post) and there is a channel (the
auth channel) on which users have no permissions (neither get nor post).
For the channels on which users do not have all permissions (get, post,
and delete), this patch adds admin-specific routes, which are prefixed
by /admin/. The /admin/ route is protected via SSL in production and
allows the admin host to send GET/POST/DELETE requests normally. Hence,
for instance, the admin host can post a message on the auth channel
(with POST /admin/order) and read it (with GET /admin/order) for
transmission over satellite, whereas regulars cannot. With this scheme,
the auth channel messages are accessible exclusively over satellite (and
not over the internet).
The admin routes were added to the following endpoints:
- /order/<uuid> (GET and DELETE requests)
- /order (POST request)
- /orders/<state> (GET request)
- /message/<tx_seq_num> (GET request)
The messages posted by the admin are not paid, so this patch removes the
requirement of invoice generation and payment. Only paid orders now
generate an invoice. Thus, the POST request to the /order/ endpoint does
not return an invoice for non-paid (admin-only) messages.
Also, this patch updates the queue page to display the orders separately
for each channel. The query string channel parameter determines which
channel the page shows.
Finally, this patch updates the events published into the Redis db on
transmission. The event includes the corresponding logical channel so
that SSE events can be subscribed independently for each channel.
The former daemon.sh script was replaced by the workers.sh script in
2cfc398. Update on the terraform setup and also rename the service now
that it no longer consists of only Tx-related daemon workers.
If the env var is not defined, fall back to a random string. However,
note the random string won't work over gunicorn if using multiple
workers. In this case, it is necessary to define the env var.