mleku/next.orly.dev
1
0
Fork 1
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3e7cc01d2704467e4b5270667022cac80427b858
next.orly.dev/scripts/docker-policy
History

README.md

ORLY Policy Engine Docker Test

This directory contains a Docker-based test environment to verify that the cs-policy.js script is executed by the ORLY relay's policy engine when events are received.

Test Structure

test-docker-policy/
├── Dockerfile           # Ubuntu 22.04.5 based image
├── docker-compose.yml   # Container orchestration
├── cs-policy.js         # Policy script that writes to a file
├── policy.json          # Policy configuration pointing to the script
├── env                  # Environment variables for ORLY
├── start.sh            # Container startup script
├── test-policy.sh      # Automated test runner
└── README.md           # This file

What the Test Does

  1. Builds an Ubuntu 22.04.5 Docker image with ORLY relay
  2. Configures the policy engine with cs-policy.js
  3. Starts the relay with policy engine enabled
  4. Tests EVENT messages (write control) using the policytest tool
  5. Tests REQ messages (read control) using the policytest tool
  6. Verifies that cs-policy.js created /home/orly/cs-policy-output.txt
  7. Reports success or failure

How cs-policy-daemon.js Works

The policy script is a long-lived process that:

  1. Reads events from stdin (one JSON event per line)
  2. Processes each event and returns a JSON response to stdout
  3. Logs debug information to:
    • /home/orly/cs-policy-output.txt (file output)
    • stderr (appears in relay log with prefix [policy script /path])

Key Features:

  • Logs event details including kind, ID, and access type (read/write)
  • Writes debug output to stderr which appears in the relay log
  • Returns JSON responses to stdout for policy decisions

Quick Start

Run the automated test:

./scripts/docker-policy/test-policy.sh

Policy Test Tool

The policytest tool is a command-line utility for testing policy enforcement:

# Test write control (EVENT messages)
./policytest -url ws://localhost:8777 -type event -kind 1

# Test read control (REQ messages)
./policytest -url ws://localhost:8777 -type req -kind 1

# Test both write and read control
./policytest -url ws://localhost:8777 -type both -kind 1

Options

  • -url - Relay WebSocket URL (default: ws://127.0.0.1:3334)
  • -type - Test type: event for write control, req for read control, both for both (default: event)
  • -kind - Event kind to test (default: 4678)
  • -timeout - Operation timeout (default: 20s)

Manual Testing

1. Build and Start Container

cd /home/mleku/src/next.orly.dev
docker-compose -f test-docker-policy/docker-compose.yml up -d

2. Check Relay Logs

docker logs orly-policy-test -f

3. Send Test Event

# Using websocat
echo '["EVENT",{"id":"test123","pubkey":"4db2c42f3c02079dd6feae3f88f6c8693940a00ade3cc8e5d72050bd6e577cd5","created_at":'$(date +%s)',"kind":1,"tags":[],"content":"Test","sig":"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"}]' | websocat ws://localhost:8777

4. Verify Output File

# Check if file exists
docker exec orly-policy-test test -f /home/orly/cs-policy-output.txt && echo "File exists!"

# View contents
docker exec orly-policy-test cat /home/orly/cs-policy-output.txt

5. Cleanup

# Stop container
docker-compose -f test-docker-policy/docker-compose.yml down

# Remove volumes
docker-compose -f test-docker-policy/docker-compose.yml down -v

Troubleshooting

Policy Script Not Running

Check if policy is enabled:

docker exec orly-policy-test cat /home/orly/env | grep POLICY

Check policy configuration:

docker exec orly-policy-test cat /home/orly/.config/ORLY/policy.json

Node.js Issues

Verify Node.js is installed:

docker exec orly-policy-test node --version

Test the script manually:

docker exec orly-policy-test node /home/orly/cs-policy.js
docker exec orly-policy-test cat /home/orly/cs-policy-output.txt

Relay Not Starting

View full logs:

docker logs orly-policy-test

Check if relay is listening:

docker exec orly-policy-test netstat -tlnp | grep 8777

Expected Output

When successful, you should see:

✓ SUCCESS: cs-policy-output.txt file exists!

Output file contents:
1704123456789: Hey there!

✓ Policy script is working correctly!

Each line in the output file represents one execution of the policy script, with a Unix timestamp.

Configuration Files

env

Environment variables for ORLY relay:

  • ORLY_PORT=8777 - WebSocket port
  • ORLY_POLICY_ENABLED=true - Enable policy engine
  • ORLY_LOG_LEVEL=debug - Verbose logging

policy.json

Policy configuration:

{
  "script": "/home/orly/cs-policy.js"
}

Points to the policy script that will be executed for each event.

Reference in New Issue View Git Blame Copy Permalink