From 3c223f144555bbfea7dc9457ecfef26a8e2956e1 Mon Sep 17 00:00:00 2001
From: NagyZoltanPeter <113987313+NagyZoltanPeter@users.noreply.github.com>
Date: Thu, 14 Mar 2024 13:26:18 +0100
Subject: [PATCH] Allow external configure user defined origin that allows
 proper REST-API answer for browser originated requests

---
 .env.example       | 1 +
 ADVANCED.md        | 1 +
 docker-compose.yml | 1 +
 run_node.sh        | 8 ++++++--
 4 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/.env.example b/.env.example
index b670433..d754002 100644
--- a/.env.example
+++ b/.env.example
@@ -16,3 +16,4 @@ NODEKEY=
 DOMAIN=
 EXTRA_ARGS=
 STORAGE_SIZE=
+ALLOW_ORIGIN=
\ No newline at end of file
diff --git a/ADVANCED.md b/ADVANCED.md
index 21faf2c..bc32106 100644
--- a/ADVANCED.md
+++ b/ADVANCED.md
@@ -15,6 +15,7 @@ There are multiple environment variables you can configure to modify behaviour o
 * `EXTRA_ARGS` - this variable allows you to specify additional or overriding CLI option for the Waku node which will be appended to the `wakunode2` command. (e.g. `EXTRA_ARGS="--store=false --max-connections=3000`)
 * `CERTS_DIR` - allows you to define a path where SSL certificates are/will be stored. It needs to follow the directory structure produced by Certbot in `/etc/letsencrypt`
 * `STORATE_SIZE` - overrides the default allowed DB size of waku message storage service. Current default is 1GB. (e.g. `STORAGE_SIZE=2GB` or `STORAGE_SIZE=3500MB`)
+* `ALLOW_ORIGIN` - Can set the allowed origin site that is enabled to use waku node's REST-API from browser. Great if you are connecting to the node with REST-API from a browser based app. (e.g. `ALLOW_ORIGIN=example.com` or `ALLOW_ORIGIN=localhost:*`)
 
 ## Log monitoring and troubleshooting
 
diff --git a/docker-compose.yml b/docker-compose.yml
index c77543f..ad9ad3f 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -50,6 +50,7 @@ services:
       ETH_CLIENT_ADDRESS: *eth_client_address
       EXTRA_ARGS: ${EXTRA_ARGS}
       STORAGE_SIZE: ${STORAGE_SIZE}
+      ALLOW_ORIGIN: ${ALLOW_ORIGIN}
       <<:
         - *pg_env
         - *rln_env
diff --git a/run_node.sh b/run_node.sh
index 4a3c5a0..0bd1eeb 100644
--- a/run_node.sh
+++ b/run_node.sh
@@ -48,17 +48,20 @@ fi
 
 RLN_RELAY_CRED_PATH=--rln-relay-cred-path=${RLN_RELAY_CRED_PATH:-/keystore/keystore.json}
 
-
 if [ -n "${RLN_RELAY_CRED_PASSWORD}" ]; then
     RLN_RELAY_CRED_PASSWORD=--rln-relay-cred-password="${RLN_RELAY_CRED_PASSWORD}"
 fi
 
 STORE_RETENTION_POLICY=--store-message-retention-policy=size:1GB}
-
 if [ -n "${STORAGE_SIZE}" ]; then
     STORE_RETENTION_POLICY=--store-message-retention-policy=size:"${STORAGE_SIZE}"
 fi
 
+USER_REST_ALLOW_ORIGIN=
+if [ -n "${ALLOW_ORIGIN}" ]; then
+    USER_REST_ALLOW_ORIGIN=--rest-allow-origin=\"${ALLOW_ORIGIN}\"
+fi
+
 exec /usr/bin/wakunode\
   --relay=true\
   --filter=true\
@@ -89,5 +92,6 @@ exec /usr/bin/wakunode\
   ${DNS_WSS_CMD}\
   ${NODEKEY}\
   ${STORE_RETENTION_POLICY}\
+  ${USER_REST_ALLOW_ORIGIN}\
   ${EXTRA_ARGS}