-
Notifications
You must be signed in to change notification settings - Fork 20.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow configuration via a config file #3332
Comments
I'm guessing that there is already an issue for this but I could not find it so... maybe I'm the first to request this? |
See #2067 for reference. |
I'm not opposed to a config file btw. The request has come up multiple times in the past and I see how it can be useful. We didn't do it so far because startup scripts are a good enough workaround. The same goes for the "daemon mode" (#2608) and "log file" (#2646) requests. We have not implemented these because they're not useful with most process managers (launchd, systemd, supervisord, docker, ...) and you can always do |
@pipermerriam comment from #2067, to keep the discussion here:
|
Huzzah! Thanks for clarifying @fjl |
Hippos are fucking dangerous and evil, they are far from cute. |
Seriously, I still think this is a terrible idea for the same reasons I mentioned then. What's wrong with creating an Anyways, I'll give it some more thought. But FTR, default configs are out of the question. EDIT: Hippos are still evil as fuck |
Would be nice to know some use cases. The format and how geth loads the file is not important for this. If geth supported a config file:
You already have two examples in the description:
|
My main concern with configuration files is that they are error prone and generally dangerous in critical systems and maybe even more so in programs where there's actual value involved. Having an additional file means that you need to make sure that an additional file is protected (e.g. write protected and maybe even read only by you). There are certainly ways that we can accommodate but we can't help everyone from making silly mistakes. Here's one such an example that might seem OK at first. Let's assume the following configuration file:
This is neat, we bind the rpcaddr to localhost on port 8080. This configuration option is extremely dangerous, especially if someone gains access to this "silly" configuration file. I'm sure there are other such scenarios where attacks become plausible, and for what, because we are lazy? Because it's trivial to have configuration files? Security is way more important. |
I'm sorry @obscuren but I don't feel like your argument against config files holds up. You say that config files are dangerous because an attacker with access can modify something like the There are plenty of critical systems that use config files. I don't know if this helps or hurts my case, but I recall the bitcoin client allowing configuration via config file. Parity has config file support. Every database that I know of has a config file. Most software that I've used supports configuration via a config file and while I understand that you feel it's a security hole or foot gun or something, I think the prevalence of configuration via config file across the software world is evidence to the contrary. I've made my case for this and said what I have to say. I understand that this may not be a feature that the go team supports and I'll respect that decision. Thank you very much for creating the go ethereum client. It's awesome and I appreciate all the hard work you and the rest of the team have done in creating it. How about this cute animal????!??! |
Probably in |
Hah, much better. We had some form of priliminary discussion about this. @holiman had a few suggestions and I'll let him elaborate. |
I usually end up writing a bash-file which contains the flags I want, e.g. start_geth_testnet.sh. But it's a bit pita. I'd prefer to have orderly configuration files. If we're concerned about protection and erroneous configs or whatever, we could do something like this:
For any security related options, we could print a warning and prompt:
People may configure strange defaults, but anyone running a 'complex' setup is likely to just shove it in a script anyway. So I think providing warnings and user-prompts may enhance security from where we are now. A bit like providing password managers; the alternatives (easy passwords, password reuse, txt-files) that people will use otherwise are worse. We could also do it so that security defaults are not even, e.g. setting the rpc to non-localhost isn't even possible, whereas setting chaindata folder maybe should. |
A proposed implementation #3424 |
@karalabe this is great and very much inline with what I was looking for. |
Added in #13875, released in 1.6.0. |
What is wrong?
Parity allows configuration via a config file. This is very convenient for a number of reasons.
--bootnodes
. Being able to hide these within a config file makes command line interaction easier.--config
allows for pre-saved configurations.How could it be implemented
geth
load defaults for cli options from a config file from somewhere like./data-dir/<config-file>
.--config
Cute animal picture
The text was updated successfully, but these errors were encountered: