make using worker optional

2026-02-06 09:56:05 +00:00 · 2024-12-20 15:21:04 +01:00 · 2024-12-20 15:21:04 +01:00 · 677657e23c
commit 677657e23c
parent 6f59b3a854
6 changed files with 44 additions and 18 deletions
--- a/.github/workflows/test_e2e.yml
+++ b/.github/workflows/test_e2e.yml
@ -35,7 +35,7 @@ jobs:
          cd database
          yarn && yarn dev_reset
          cd ../backend
-          yarn && yarn build && yarn seed
+          yarn && yarn seed

      - name: Boot up test system | docker-compose mailserver
        run: docker compose -f docker-compose.yml -f docker-compose.test.yml up --detach --no-deps mailserver
--- a/backend/.env.template
+++ b/backend/.env.template
@ -40,6 +40,7 @@ COMMUNITY_SUPPORT_MAIL=$COMMUNITY_SUPPORT_MAIL
 # Login Server
 LOGIN_APP_SECRET=21ffbbc616fe
 LOGIN_SERVER_KEY=a51ef8ac7ef1abf162fb7a65261acd7a
+USE_CRYPTO_WORKER=$USE_CRYPTO_WORKER

 # EMail
 EMAIL=$EMAIL
--- a/backend/src/config/index.ts
+++ b/backend/src/config/index.ts
@ -76,6 +76,7 @@ const community = {
 const loginServer = {
  LOGIN_APP_SECRET: process.env.LOGIN_APP_SECRET ?? '21ffbbc616fe',
  LOGIN_SERVER_KEY: process.env.LOGIN_SERVER_KEY ?? 'a51ef8ac7ef1abf162fb7a65261acd7a',
+  USE_CRYPTO_WORKER: process.env.USE_CRYPTO_WORKER ?? false,
 }

 const email = {
--- a/backend/src/password/EncryptionWorker.ts
+++ b/backend/src/password/EncryptionWorker.ts
@ -1,5 +1,7 @@
 import { worker } from 'workerpool'

+import { CONFIG } from '@/config'
+
 import {
  crypto_box_SEEDBYTES,
  crypto_hash_sha512_init,
@ -45,6 +47,8 @@ export const SecretKeyCryptographyCreateKey = (
  return [new Uint8Array(encryptionKeyHash), new Uint8Array(encryptionKey)]
 }

-worker({
-  SecretKeyCryptographyCreateKey,
-})
+if (CONFIG.USE_CRYPTO_WORKER) {
+  worker({
+    SecretKeyCryptographyCreateKey,
+  })
+}
--- a/backend/src/password/EncryptorUtils.ts
+++ b/backend/src/password/EncryptorUtils.ts
@ -6,7 +6,7 @@ import { cpus } from 'os'
 import path from 'path'

 import { User } from '@entity/User'
-import { pool } from 'workerpool'
+import { Pool, pool } from 'workerpool'

 import { PasswordEncryptionType } from '@enum/PasswordEncryptionType'

@ -16,16 +16,22 @@ import { backendLogger as logger } from '@/server/logger'

 import { crypto_shorthash_KEYBYTES } from 'sodium-native'

+import { SecretKeyCryptographyCreateKey as SecretKeyCryptographyCreateKeySync } from './EncryptionWorker'
+
 const configLoginAppSecret = Buffer.from(CONFIG.LOGIN_APP_SECRET, 'hex')
 const configLoginServerKey = Buffer.from(CONFIG.LOGIN_SERVER_KEY, 'hex')

-// TODO: put maxQueueSize into config
-const encryptionWorkerPool = pool(
-  path.join(__dirname, '..', '..', 'build', 'src', 'password', '/EncryptionWorker.ts'),
-  {
-    maxQueueSize: 30 * cpus().length,
-  },
-)
+let encryptionWorkerPool: Pool | undefined
+
+if (CONFIG.USE_CRYPTO_WORKER) {
+  encryptionWorkerPool = pool(
+    path.join(__dirname, '..', '..', 'build', 'src', 'password', '/EncryptionWorker.js'),
+    {
+      // TODO: put maxQueueSize into config
+      maxQueueSize: 30 * cpus().length,
+    },
+  )
+}

 // We will reuse this for changePassword
 export const isValidPassword = (password: string): boolean => {
@ -50,12 +56,25 @@ export const SecretKeyCryptographyCreateKey = async (
        crypto_shorthash_KEYBYTES,
      )
    }
-    return (await encryptionWorkerPool.exec('SecretKeyCryptographyCreateKey', [
-      salt,
-      password,
-      configLoginAppSecret,
-      configLoginServerKey,
-    ])) as Promise<Uint8Array[]>
+    let result: Promise<Uint8Array[]>
+    if (encryptionWorkerPool) {
+      result = (await encryptionWorkerPool.exec('SecretKeyCryptographyCreateKey', [
+        salt,
+        password,
+        configLoginAppSecret,
+        configLoginServerKey,
+      ])) as Promise<Uint8Array[]>
+    } else {
+      result = Promise.resolve(
+        SecretKeyCryptographyCreateKeySync(
+          salt,
+          password,
+          configLoginAppSecret,
+          configLoginServerKey,
+        ),
+      )
+    }
+    return result
  } catch (e) {
    // pool is throwing this error
    // throw new Error('Max queue size of ' + this.maxQueueSize + ' reached');
--- a/deployment/bare_metal/.env.dist
+++ b/deployment/bare_metal/.env.dist
@ -41,6 +41,7 @@ DEPLOY_SEED_DATA=false
 # if true all email will be send to EMAIL_TEST_RECEIVER instead of email address of user
 EMAIL_TEST_MODUS=false
 EMAIL_TEST_RECEIVER=test_team@gradido.net
+USE_CRYPTO_WORKER=true

 # Logging
 LOG_LEVEL=INFO