From bf7b7084a012e2cc4ec52594ffab3ac48f2aaa84 Mon Sep 17 00:00:00 2001
From: dappnodedev <diego@dappnode.io>
Date: Wed, 25 Sep 2024 17:35:57 +0200
Subject: [PATCH] Fix CORS validator

---
 services/web3signer/entrypoint.sh | 33 ++++++++++++++++---------------
 1 file changed, 17 insertions(+), 16 deletions(-)

diff --git a/services/web3signer/entrypoint.sh b/services/web3signer/entrypoint.sh
index a47c4dd..2cd95ee 100755
--- a/services/web3signer/entrypoint.sh
+++ b/services/web3signer/entrypoint.sh
@@ -12,13 +12,13 @@ generate_cors_settings() {
   CORS_ALLOWLIST="web3signer.${WEB3SIGNER_DOMAIN},brain.${WEB3SIGNER_DOMAIN}"
   CORS_ORIGINS="http://web3signer.${WEB3SIGNER_DOMAIN},http://brain.${WEB3SIGNER_DOMAIN}"
 
-  consensus_dnp=$(get_value_from_global_env "${CONSENSUS_CLIENT}" "${NETWORK}")
+  consensus_dnp=$(get_value_from_global_env "CONSENSUS_CLIENT" "${NETWORK}")
 
   consensus_domain=$(get_client_network_alias "${consensus_dnp}")
 
   if [ -n "${consensus_domain}" ]; then
-    CORS_ALLOWLIST="${CORS_ALLOWLIST},${consensus_domain}"
-    CORS_ORIGINS="${CORS_ORIGINS},http://${consensus_domain}"
+    CORS_ALLOWLIST="${CORS_ALLOWLIST},validator.${consensus_domain}"
+    CORS_ORIGINS="${CORS_ORIGINS},http://validator.${consensus_domain}"
   fi
 
   echo "[INFO - entrypoint] Generated CORS_ALLOWLIST: ${CORS_ALLOWLIST}"
@@ -35,28 +35,29 @@ prepare_keyfiles_dir() {
 }
 
 run_web3signer() {
-  echo "[INFO - entrypoint] Starting Web3Signer..."
-
-  # shellcheck disable=SC2086
-  exec /opt/web3signer/bin/web3signer \
-    --key-store-path="${KEYFILES_DIR}" \
+  FLAGS="--key-store-path=$KEYFILES_DIR \
     --http-listen-port=9000 \
     --http-listen-host=0.0.0.0 \
-    --http-host-allowlist="${CORS_ALLOWLIST}" \
-    --http-cors-origins="${CORS_ORIGINS}" \
+    --http-host-allowlist=$CORS_ALLOWLIST \
+    --http-cors-origins=$CORS_ORIGINS \
     --metrics-enabled=true \
     --metrics-host 0.0.0.0 \
     --metrics-port 9091 \
-    --metrics-host-allowlist="*" \
+    --metrics-host-allowlist=* \
     --idle-connection-timeout-seconds=900 \
     eth2 \
-    --network="${NETWORK}" \
-    --slashing-protection-db-url="jdbc:postgresql://postgres.${WEB3SIGNER_DOMAIN}:5432/${POSTGRES_DB}" \
-    --slashing-protection-db-username="${POSTGRES_USER}" \
-    --slashing-protection-db-password="${PGPASSWORD}" \
+    --network=$NETWORK \
+    --slashing-protection-db-url=jdbc:postgresql://postgres.${WEB3SIGNER_DOMAIN}:5432/${POSTGRES_DB} \
+    --slashing-protection-db-username=$POSTGRES_USER \
+    --slashing-protection-db-password=$PGPASSWORD \
     --slashing-protection-pruning-enabled=true \
     --slashing-protection-pruning-epochs-to-keep=500 \
-    --key-manager-api-enabled=true ${EXTRA_OPTS}
+    --key-manager-api-enabled=true ${EXTRA_OPTS}"
+
+  echo "[INFO - entrypoint] Starting Web3Signer with flags: $FLAGS"
+
+  # shellcheck disable=SC2086
+  exec /opt/web3signer/bin/web3signer $FLAGS
 }
 
 generate_cors_settings