diff --git a/docs/node/mainnet/README.md b/docs/node/mainnet/README.md index 3fd007ef35..17c9a7c14b 100644 --- a/docs/node/mainnet/README.md +++ b/docs/node/mainnet/README.md @@ -67,16 +67,6 @@ This section contains parameters for various ParaTimes known to be deployed on t * [0.8.2](https://github.com/oasisprotocol/sapphire-paratime/releases/tag/v0.8.2) * Oasis Web3 Gateway version: * [5.1.0](https://github.com/oasisprotocol/oasis-web3-gateway/releases/tag/v5.1.0) -* IAS proxy address: - * `tnTwXvGbbxqlFoirBDj63xWtZHS20Lb3fCURv0YDtYw=@34.86.108.137:8650` - * `tuDyXwaajTEbNWb1QIlf8FWHsdkaB4W1+TjzP1QID/U=@131.153.243.17:8650` - -:::tip - -Feel free to use other IAS proxies besides the one provided here or -[run your own](../../node/run-your-node/ias-proxy.md). - -::: ### Cipher @@ -87,16 +77,6 @@ Feel free to use other IAS proxies besides the one provided here or * Runtime bundle version: * [3.0.5](https://github.com/oasisprotocol/cipher-paratime/releases/tag/v3.0.5) * [3.1.2](https://github.com/oasisprotocol/cipher-paratime/releases/tag/v3.1.2) -* IAS proxy address: - * `tnTwXvGbbxqlFoirBDj63xWtZHS20Lb3fCURv0YDtYw=@34.86.108.137:8650` - * `tuDyXwaajTEbNWb1QIlf8FWHsdkaB4W1+TjzP1QID/U=@131.153.243.17:8650` - -:::tip - -Feel free to use other IAS proxies besides the one provided here or -[run your own](../../node/run-your-node/ias-proxy.md). - -::: ### Emerald @@ -124,13 +104,3 @@ the public Web3 endpoint. * `4000000000000000000000000000000000000000000000008c5ea5e49b4bc9ac` * Runtime bundle version: * [0.5.0](https://github.com/oasisprotocol/keymanager-paratime/releases/tag/v0.5.0) -* IAS proxy address: - * `tnTwXvGbbxqlFoirBDj63xWtZHS20Lb3fCURv0YDtYw=@34.86.108.137:8650` - * `tuDyXwaajTEbNWb1QIlf8FWHsdkaB4W1+TjzP1QID/U=@131.153.243.17:8650` - -:::tip - -Feel free to use other IAS proxies besides the one provided here or -[run your own](../../node/run-your-node/ias-proxy.md). - -::: diff --git a/docs/node/run-your-node/ias-proxy.md b/docs/node/run-your-node/ias-proxy.md deleted file mode 100644 index 9f69c42b92..0000000000 --- a/docs/node/run-your-node/ias-proxy.md +++ /dev/null @@ -1,110 +0,0 @@ -# IAS Proxy - -This guide will cover setting up an [Intel Attestation Service (IAS)](https://software.intel.com/content/www/us/en/develop/download/intel-sgx-intel-epid-provisioning-and-attestation-services.html) -Proxy node for the Oasis Network. This guide assumes some basic knowledge on the -use of command line tools. - -## Prerequisites - -Before following this guide, make sure you've followed the -[Prerequisites](prerequisites) section and have the Oasis Node binary installed -on your system. The IAS Proxy connects to an Oasis Node, so make sure you have a -running node first. For more details, see the instructions on how to -[Run a Non-validator Node](non-validator-node.mdx#configuration). - -### Obtaining IAS Service Provider ID (SPID) and API Key - -Running the [Intel Attestation Service (IAS)](https://software.intel.com/content/www/us/en/develop/download/intel-sgx-intel-epid-provisioning-and-attestation-services.html) -Proxy requires access to the IAS API. Go to [IAS Enhanced Privacy ID (EPID) attestation](https://api.portal.trustedservices.intel.com/EPID-attestation) -page and signup for the _Production Access_. As a service provider, you will -register your TLS certificate and obtain your Service Provider ID (SPID) and API -key. The SPID and API key will be used by the IAS Proxy to communicate with the -IAS. - -:::info - -Basic understanding of SGX Remote attestation is recommended. See Intel's -[Remote Attestation End-to-End Example](https://software.intel.com/content/www/us/en/develop/articles/code-sample-intel-software-guard-extensions-remote-attestation-end-to-end-example.html) -for a short practical introduction. - -::: - -### Creating a Working Directory - -We will be using the following working directory `/node/ias` (feel free to name -your directory however you wish). - -* The directory permissions should be `rwx------`. - -To create the directory, use the following command: - -```text -mkdir -m700 -p /node/ias -``` - -## Configuration - -To avoid specifying the IAS Service Provider ID (SPID) and API key in the Oasis -Node configuration directly, IAS Proxy supports reading the SPID and API key -from environment variables. Make sure you have the following environment -variables set: - -```text -OASIS_IAS_SPID="" -OASIS_IAS_APIKEY="" -``` - -In order to configure the IAS proxy create the `/node/ias/config.yml` file with -the following content: - -```yaml -common: - data_dir: /node/ias - log: - format: JSON - level: - default: info -``` - -## Starting the IAS Proxy - -You can start the IAS Proxy using the following command: - -```bash -oasis-node ias proxy \ - --config /node/ias/config.yml \ - --address unix:{{ oasis_node_socket }} \ - --ias.production true \ - --grpc.port 8650 -``` - -Before using this configuration you should collect the following information to -replace the variables present in the invocation command: - -* `{{ oasis_node_socket }}`: Path to a running client Oasis Node socket. - -## IAS Proxy Public Key - -The TLS public key required for connecting to the IAS Proxy can be found in the -process logs where it is output on startup as following: - -```json -{"caller":"proxy.go:111","level":"info","module":"cmd/ias/proxy","msg":"loaded/generated IAS TLS certificate","public_key":"tnTwXvGbbxqlFoirBDj63xWtZHS20Lb3fCURv0YDtYw=","ts":"2023-06-20T09:43:39.592787275Z"} -``` - -The relevant item is the `public_key` which in the above case is -`tnTwXvGbbxqlFoirBDj63xWtZHS20Lb3fCURv0YDtYw=`. - -### Share IAS Proxy address - -[ParaTime nodes](paratime-node.mdx) can now use your IAS Proxy by specifying it -in configuration, e.g.: - -```yaml -ias: - proxy: - address: - - "@:8650" -``` - -Note that you can list multiple IAS proxy addresses. diff --git a/docs/node/run-your-node/keymanager-node/README.md b/docs/node/run-your-node/keymanager-node/README.md index 63c65a45f4..2be3975da0 100644 --- a/docs/node/run-your-node/keymanager-node/README.md +++ b/docs/node/run-your-node/keymanager-node/README.md @@ -103,15 +103,6 @@ worker: addresses: # The external IP that is used when registering this node to the network. - "{{ external_address }}:20104" - -# The following section is required for ParaTimes which are running inside the -# Intel SGX Trusted Execution Environment. -ias: - proxy: - address: - # List of IAS proxies to connect to. - # NOTE: You can add additional IAS proxies to this list if you want. - - "{{ ias_proxy_address }}" ``` Before using this configuration you should collect the following information to replace the `{{ ... }}` variables present in the configuration file: @@ -124,9 +115,6 @@ Before using this configuration you should collect the following information to * `{{ entity_id }}`: The node's entity ID from the `entity.json` file. * `{{ keymanager_runtime_id }}`: Runtime identified for the key manager ParaTime. * You can find the current Oasis-supported key manager ParaTime identifiers in the Network Parameters page ([Mainnet], [Testnet]). -* `{{ ias_proxy_address }}`: The IAS proxy address in the form `ID@HOST:port`. - * You can find the current Oasis IAS proxy address in the Network Parameters page ([Mainnet], [Testnet]). - * If you want, you can also [run your own IAS proxy](../ias-proxy.md). :::caution diff --git a/docs/node/run-your-node/paratime-node.mdx b/docs/node/run-your-node/paratime-node.mdx index 3b9f34792f..d2e78b360d 100644 --- a/docs/node/run-your-node/paratime-node.mdx +++ b/docs/node/run-your-node/paratime-node.mdx @@ -288,14 +288,6 @@ consensus: genesis: file: /node/etc/genesis.json -# The IAS section is required for ParaTimes which are running inside the -# Intel SGX Trusted Execution Environment. -ias: - proxy_addresses: - # List of IAS proxies to connect to. - # NOTE: You can add additional IAS proxies to this list if you want. - - {{ ias_proxy_address }} - p2p: # External P2P configuration. port: 9200 @@ -330,9 +322,6 @@ Before using this configuration you should collect the following information to * `{{ entity_id }}`: The node's entity ID from the `entity.json` file. * `{{ runtime_orc_path }}`: Path to the [ParaTime bundle](paratime-node.mdx#the-paratime-bundle) of the form `/node/runtimes/foo-paratime.orc`. * You can find the current Oasis-supported ParaTimes in the Network Parameters page ([Mainnet], [Testnet]). -* `{{ ias_proxy_address }}`: The IAS proxy address in the form `ID@HOST:port`. - * You can find the current Oasis IAS proxy address in the Network Parameters page ([Mainnet], [Testnet]). - * If you want, you can also [run your own IAS proxy](ias-proxy.md). :::caution diff --git a/docs/node/testnet/README.md b/docs/node/testnet/README.md index 78ffa9d091..c0b9b34f1c 100644 --- a/docs/node/testnet/README.md +++ b/docs/node/testnet/README.md @@ -68,15 +68,6 @@ This chapter contains parameters for various ParaTimes known to be deployed on t * [0.9.0-testnet](https://github.com/oasisprotocol/sapphire-paratime/releases/tag/v0.9.0-testnet) * Web3 Gateway version: * [5.1.0](https://github.com/oasisprotocol/oasis-web3-gateway/releases/tag/v5.1.0) -* IAS proxy address: - * `y4XO1ZETqgtHeZzLLmJLYAzpEfdGSJLvtd8bhIz+v3s=@34.86.197.181:8650` - * `jaFE5Lq6GS76ya1V7a+XlGQTgttAagXEtknO4Tv1wLs=@185.56.138.83:8650` - -:::tip - -Feel free to use other IAS proxies besides the ones provided here or [run your own](../run-your-node/ias-proxy.md). - -::: ### Cipher @@ -87,15 +78,6 @@ Feel free to use other IAS proxies besides the ones provided here or [run your o * Runtime bundle version: * [3.1.2-testnet](https://github.com/oasisprotocol/cipher-paratime/releases/tag/v3.1.2-testnet) * [3.2.0-testnet](https://github.com/oasisprotocol/cipher-paratime/releases/tag/v3.2.0-testnet) -* IAS proxy address: - * `y4XO1ZETqgtHeZzLLmJLYAzpEfdGSJLvtd8bhIz+v3s=@34.86.197.181:8650` - * `jaFE5Lq6GS76ya1V7a+XlGQTgttAagXEtknO4Tv1wLs=@185.56.138.83:8650` - -:::tip - -Feel free to use other IAS proxies besides the ones provided here or [run your own](../run-your-node/ias-proxy.md). - -::: ### Emerald @@ -116,12 +98,3 @@ Feel free to use other IAS proxies besides the ones provided here or [run your o * `4000000000000000000000000000000000000000000000004a1a53dff2ae482d` * Runtime bundle version: * [0.5.0-testnet](https://github.com/oasisprotocol/keymanager-paratime/releases/tag/v0.5.0-testnet) -* IAS proxy address: - * `y4XO1ZETqgtHeZzLLmJLYAzpEfdGSJLvtd8bhIz+v3s=@34.86.197.181:8650` - * `jaFE5Lq6GS76ya1V7a+XlGQTgttAagXEtknO4Tv1wLs=@185.56.138.83:8650` - -:::tip - -Feel free to use other IAS proxies besides the ones provided here or [run your own](../run-your-node/ias-proxy.md). - -::: diff --git a/redirects.ts b/redirects.ts index 7130de1656..6991cc98df 100644 --- a/redirects.ts +++ b/redirects.ts @@ -226,8 +226,12 @@ export const redirectsOptions: Options = { ], }, { - to: '/node/run-your-node/ias-proxy', - from: '/general/run-a-node/set-up-your-node/run-an-ias-proxy', // #200 Restructure docs + to: '/node/run-your-node', + from: '/general/run-a-node/set-up-your-node/run-an-ias-proxy', // #1076 Remove IAS Proxy + }, + { + to: '/node/run-your-node', + from: '/node/run-your-node/ias-proxy', // #1076 Remove IAS Proxy }, { to: '/node/run-your-node/non-validator-node', diff --git a/sidebarNode.ts b/sidebarNode.ts index f9c5e05e9c..853bfb161f 100644 --- a/sidebarNode.ts +++ b/sidebarNode.ts @@ -91,7 +91,6 @@ export const sidebarNode: SidebarsConfig = { 'node/run-your-node/keymanager-node/key-manager-upgrade', ], }, - 'node/run-your-node/ias-proxy', 'node/run-your-node/sentry-node', { type: 'category',