fix: p2p-forge/client with newCertmagicConfig

this should fix race condition caused by using certmagic.Default
directly before.

core/node/groups.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"strings"
 	"time"
 
 	"github.com/dustin/go-humanize"
@@ -124,8 +125,22 @@ func LibP2P(bcfg *BuildCfg, cfg *config.Config, userResourceOverrides rcmgr.Part
 			logger.Fatal("Failed to enable `Swarm.RelayClient`, it requires `Swarm.Transports.Network.Relay` to be true.")
 		}
 	}
-	if enableAutoTLS && !cfg.Swarm.Transports.Network.Websocket.WithDefault(true) {
-		logger.Fatal("Failed to enable `Swarm.AutoTLS`, it requires `Swarm.Transports.Network.Websocket` to be true.")
+	if enableAutoTLS {
+		if !cfg.Swarm.Transports.Network.Websocket.WithDefault(true) {
+			logger.Fatal("Failed to enable `Swarm.AutoTLS`, it requires `Swarm.Transports.Network.Websocket` to be true.")
+		}
+
+		wssWildcard := fmt.Sprintf("/tls/sni/*.%s/ws", cfg.Swarm.AutoTLS.DomainSuffix.WithDefault(config.DefaultDomainSuffix))
+		wssWildcardPresent := false
+		for _, listener := range cfg.Addresses.Swarm {
+			if strings.Contains(listener, wssWildcard) {
+				wssWildcardPresent = true
+				break
+			}
+		}
+		if !wssWildcardPresent {
+			logger.Fatal(fmt.Sprintf("Failed to enable `Swarm.AutoTLS`, it requires `Addresses.Swarm` listener matching %q to be present, see https://github.com/ipfs/kubo/blob/master/docs/config.md#swarmautotls", wssWildcard))
+		}
 	}
 
 	// Gather all the options

core/node/libp2p/addrs.go

@@ -140,21 +140,16 @@ func P2PForgeCertMgr(cfg config.AutoTLS) interface{} {
 		}
 
 		forgeLogger := logging.Logger("autotls").Desugar()
-		// TODO: revisit is below is still needed.
-		// seems that certmagic is written in a way that logs things using default logger
-		// before a custom one is set, this is the only way to ensure we don't lose
-		// early logs such as 'maintenance' and 'obtain' events :-/
-		certmagic.Default.Logger = forgeLogger
-		certmagic.DefaultACME.Logger = forgeLogger
-
+		certStorage := &certmagic.FileStorage{Path: storagePath}
 		certMgr, err := p2pforge.NewP2PForgeCertMgr(
 			p2pforge.WithLogger(forgeLogger.Sugar()),
 			p2pforge.WithForgeDomain(cfg.DomainSuffix.WithDefault(config.DefaultDomainSuffix)),
 			p2pforge.WithForgeRegistrationEndpoint(cfg.RegistrationEndpoint.WithDefault(config.DefaultRegistrationEndpoint)),
 			p2pforge.WithCAEndpoint(cfg.CAEndpoint.WithDefault(config.DefaultCAEndpoint)),
 			p2pforge.WithForgeAuth(cfg.RegistrationToken.WithDefault(os.Getenv(p2pforge.ForgeAuthEnv))),
 			p2pforge.WithUserAgent(version.GetUserAgentVersion()),
-			p2pforge.WithCertificateStorage(&certmagic.FileStorage{Path: storagePath}))
+			p2pforge.WithCertificateStorage(certStorage),
+		)
 		if err != nil {
 			return nil, err
 		}

docs/examples/kubo-as-a-library/go.mod

@@ -108,7 +108,7 @@ require (
 	github.com/ipld/go-car/v2 v2.14.2 // indirect
 	github.com/ipld/go-codec-dagpb v1.6.0 // indirect
 	github.com/ipld/go-ipld-prime v0.21.0 // indirect
-	github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89 // indirect
+	github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109 // indirect
 	github.com/jackpal/go-nat-pmp v1.0.2 // indirect
 	github.com/jbenet/go-temp-err-catcher v0.1.0 // indirect
 	github.com/jbenet/goprocess v0.1.4 // indirect

docs/examples/kubo-as-a-library/go.sum

@@ -402,8 +402,8 @@ github.com/ipld/go-ipld-prime v0.21.0 h1:n4JmcpOlPDIxBcY037SVfpd1G+Sj1nKZah0m6QH
 github.com/ipld/go-ipld-prime v0.21.0/go.mod h1:3RLqy//ERg/y5oShXXdx5YIp50cFGOanyMctpPjsvxQ=
 github.com/ipld/go-ipld-prime/storage/bsadapter v0.0.0-20230102063945-1a409dc236dd h1:gMlw/MhNr2Wtp5RwGdsW23cs+yCuj9k2ON7i9MiJlRo=
 github.com/ipld/go-ipld-prime/storage/bsadapter v0.0.0-20230102063945-1a409dc236dd/go.mod h1:wZ8hH8UxeryOs4kJEJaiui/s00hDSbE37OKsL47g+Sw=
-github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89 h1:+sOmTdwTVf7v8yHJxMy8VRvVqfq80vZqb1NNfUJTMl0=
-github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89/go.mod h1:1pvFcXQQoLZCAAxV18/NElYL+32bRrhswSItX4ldd3Q=
+github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109 h1:Od9XhliY3EzRDCd/H6fMQ225+DSaS+CT0daHjEwbZTM=
+github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109/go.mod h1:taPeh3PDSO8Ual0/N2tIOAUXPV8gZoPF3uPXoUyiq14=
 github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus=
 github.com/jackpal/go-nat-pmp v1.0.2/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc=
 github.com/jbenet/go-cienv v0.1.0 h1:Vc/s0QbQtoxX8MwwSLWWh+xNNZvM3Lw7NsTcHrvvhMc=

go.mod

@@ -49,7 +49,7 @@ require (
 	github.com/ipld/go-car/v2 v2.14.2
 	github.com/ipld/go-codec-dagpb v1.6.0
 	github.com/ipld/go-ipld-prime v0.21.0
-	github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89
+	github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109
 	github.com/jbenet/go-temp-err-catcher v0.1.0
 	github.com/jbenet/goprocess v0.1.4
 	github.com/julienschmidt/httprouter v1.3.0

go.sum

@@ -469,8 +469,8 @@ github.com/ipld/go-ipld-prime v0.21.0 h1:n4JmcpOlPDIxBcY037SVfpd1G+Sj1nKZah0m6QH
 github.com/ipld/go-ipld-prime v0.21.0/go.mod h1:3RLqy//ERg/y5oShXXdx5YIp50cFGOanyMctpPjsvxQ=
 github.com/ipld/go-ipld-prime/storage/bsadapter v0.0.0-20230102063945-1a409dc236dd h1:gMlw/MhNr2Wtp5RwGdsW23cs+yCuj9k2ON7i9MiJlRo=
 github.com/ipld/go-ipld-prime/storage/bsadapter v0.0.0-20230102063945-1a409dc236dd/go.mod h1:wZ8hH8UxeryOs4kJEJaiui/s00hDSbE37OKsL47g+Sw=
-github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89 h1:+sOmTdwTVf7v8yHJxMy8VRvVqfq80vZqb1NNfUJTMl0=
-github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89/go.mod h1:1pvFcXQQoLZCAAxV18/NElYL+32bRrhswSItX4ldd3Q=
+github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109 h1:Od9XhliY3EzRDCd/H6fMQ225+DSaS+CT0daHjEwbZTM=
+github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109/go.mod h1:taPeh3PDSO8Ual0/N2tIOAUXPV8gZoPF3uPXoUyiq14=
 github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus=
 github.com/jackpal/go-nat-pmp v1.0.2/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc=
 github.com/jbenet/go-cienv v0.1.0 h1:Vc/s0QbQtoxX8MwwSLWWh+xNNZvM3Lw7NsTcHrvvhMc=

test/dependencies/go.mod

@@ -130,7 +130,7 @@ require (
 	github.com/ipfs/kubo v0.31.0 // indirect
 	github.com/ipld/go-codec-dagpb v1.6.0 // indirect
 	github.com/ipld/go-ipld-prime v0.21.0 // indirect
-	github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89 // indirect
+	github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109 // indirect
 	github.com/jackpal/go-nat-pmp v1.0.2 // indirect
 	github.com/jbenet/go-temp-err-catcher v0.1.0 // indirect
 	github.com/jbenet/goprocess v0.1.4 // indirect

test/dependencies/go.sum

@@ -358,8 +358,8 @@ github.com/ipld/go-codec-dagpb v1.6.0 h1:9nYazfyu9B1p3NAgfVdpRco3Fs2nFC72DqVsMj6
 github.com/ipld/go-codec-dagpb v1.6.0/go.mod h1:ANzFhfP2uMJxRBr8CE+WQWs5UsNa0pYtmKZ+agnUw9s=
 github.com/ipld/go-ipld-prime v0.21.0 h1:n4JmcpOlPDIxBcY037SVfpd1G+Sj1nKZah0m6QH9C2E=
 github.com/ipld/go-ipld-prime v0.21.0/go.mod h1:3RLqy//ERg/y5oShXXdx5YIp50cFGOanyMctpPjsvxQ=
-github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89 h1:+sOmTdwTVf7v8yHJxMy8VRvVqfq80vZqb1NNfUJTMl0=
-github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89/go.mod h1:1pvFcXQQoLZCAAxV18/NElYL+32bRrhswSItX4ldd3Q=
+github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109 h1:Od9XhliY3EzRDCd/H6fMQ225+DSaS+CT0daHjEwbZTM=
+github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109/go.mod h1:taPeh3PDSO8Ual0/N2tIOAUXPV8gZoPF3uPXoUyiq14=
 github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus=
 github.com/jackpal/go-nat-pmp v1.0.2/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc=
 github.com/jbenet/go-cienv v0.1.0/go.mod h1:TqNnHUmJgXau0nCzC7kXWeotg3J9W34CUv5Djy1+FlA=