diff --git a/.env.prod.example b/.env.prod.example
index 0d64db4a07f44a409ac65d8f0c4b18d9f00623bd..17a5ab250b7b76aefad424799a0af0c17b0d49b5 100644
--- a/.env.prod.example
+++ b/.env.prod.example
@@ -12,6 +12,7 @@ HASURA_GRAPHQL_ADMIN_SECRET=hasura_admin_secret
# kubo configuration
KUBO_PORT=4001 # should be open to incoming connections
KUBO_DOMAIN=datapod.coinduf.eu # domain (used in p2p peering)
+KUBO_WEBSOCKET_DOMAIN=websocket.datapod.coinduf.eu # p2p through websocket (not webtransport ou webrtc)
KUBO_GATEWAY_PORT=8080 # listen port of ipfs http gateway
KUBO_GATEWAY_DOMAIN=gateway.datapod.coinduf.eu # domain for kubo reverse proxy ipfs http gateway reverse proxy
KUBO_GATEWAY_SUBDOMAIN=pagu.re # domain for subdomain gateway (provides origin isolation but requires wildcard)
diff --git a/doc/nginx/ipfs-websocket.nginx.conf b/doc/nginx/ipfs-websocket.nginx.conf
new file mode 100644
index 0000000000000000000000000000000000000000..c4b8edeaaa6b4f2f38cdeaebd9903fab3b641d07
--- /dev/null
+++ b/doc/nginx/ipfs-websocket.nginx.conf
@@ -0,0 +1,23 @@
+# websocket connection to p2p
+server {
+ listen 443 ssl;
+ listen [::]:443 ssl;
+
+ ssl_certificate /etc/letsencrypt/live/KUBO_WEBSOCKET_DOMAIN/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/KUBO_WEBSOCKET_DOMAIN/privkey.pem;
+
+ server_name KUBO_WEBSOCKET_DOMAIN;
+
+ access_log /var/log/nginx/KUBO_WEBSOCKET_DOMAIN_access.log;
+ error_log /var/log/nginx/KUBO_WEBSOCKET_DOMAIN_error.log;
+
+ # redirect to websocket
+ location / {
+ add_header X-Robots-Tag "noindex";
+ proxy_pass http://localhost:4002;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header Host $host;
+ }
+}
\ No newline at end of file
diff --git a/docker/Dockerfile.Kubo b/docker/Dockerfile.Kubo
index a7efab50e4a4d931a995616fa6cea5723f070485..c21eac36e34267139e40faacd57c602ff15e5f8f 100644
--- a/docker/Dockerfile.Kubo
+++ b/docker/Dockerfile.Kubo
@@ -1,6 +1,6 @@
# kubo config suited for datapod use
# TODO split gateway in another instance for performance and safeness and separation of concerns
-FROM ipfs/kubo:v0.30.0
+FROM ipfs/kubo:v0.32.1
COPY ./scripts/configure-keys.sh /container-init.d/001-configure.sh
COPY ./scripts/configure-addresses.sh /container-init.d/002-configure.sh
COPY ./scripts/configure-bootstrap.sh /container-init.d/003-configure.sh
diff --git a/docker/Dockerfile.KuboRpc b/docker/Dockerfile.KuboRpc
index 8f1c24c94b02333888388854fd70c650a6020989..32dda2311c5afb5fdcd6d805a29000ced040e3aa 100644
--- a/docker/Dockerfile.KuboRpc
+++ b/docker/Dockerfile.KuboRpc
@@ -1,5 +1,5 @@
# kubo config suited for unsafe remote RPC instance
-FROM ipfs/kubo:v0.30.0
+FROM ipfs/kubo:v0.32.1
COPY ./scripts/configure-addresses.sh /container-init.d/001-configure.sh
COPY ./scripts/configure-bootstrap.sh /container-init.d/002-configure.sh
COPY ./scripts/configure-peering.sh /container-init.d/003-configure.sh
diff --git a/docker/docker-build.sh b/docker/docker-build.sh
index a072e5089300397166fcd678e68fb0e8bf0e7db8..c699bcea5b949a7a00cecdc214280c7814d419cc 100755
--- a/docker/docker-build.sh
+++ b/docker/docker-build.sh
@@ -16,15 +16,15 @@ version_tag=$(grep -oP '"version": "\K[^"]+' ./package.json)
# docker image push h30x/duniter-datapod:latest
# # --- kubo
-# docker buildx build -f ./docker/Dockerfile.Kubo -t datapod-kubo .
+docker buildx build -f ./docker/Dockerfile.Kubo -t datapod-kubo .
-# # Tag with version and 'latest'
-# docker image tag datapod-kubo h30x/datapod-kubo:$version_tag
-# docker image tag datapod-kubo h30x/datapod-kubo:latest
+# Tag with version and 'latest'
+docker image tag datapod-kubo h30x/datapod-kubo:$version_tag
+docker image tag datapod-kubo h30x/datapod-kubo:latest
-# # Push both
-# docker image push h30x/datapod-kubo:$version_tag
-# docker image push h30x/datapod-kubo:latest
+# Push both
+docker image push h30x/datapod-kubo:$version_tag
+docker image push h30x/datapod-kubo:latest
# --- kubo-rpc
docker buildx build -f ./docker/Dockerfile.KuboRpc -t datapod-kubo-rpc .
diff --git a/docker/docker-compose.prod.yml b/docker/docker-compose.prod.yml
index 6a37a5aa1ae4badcd013857c8d0db935abcbc209..c8519c3c1528634897981556b0128d6145261ce9 100644
--- a/docker/docker-compose.prod.yml
+++ b/docker/docker-compose.prod.yml
@@ -39,6 +39,9 @@ services:
# p2p port public (tcp, udp, webtransport, webrtc)
- ${KUBO_PORT}:4001/tcp
- ${KUBO_PORT}:4001/udp
+ # p2p through websocket
+ - 127.0.0.1:4002:4002
+ - '[::1]:4002:4002'
# public gateway
- 127.0.0.1:${KUBO_GATEWAY_PORT}:8080
- '[::1]:${KUBO_GATEWAY_PORT}:8080'
@@ -47,10 +50,13 @@ services:
volumes:
- kubo_data:/data/ipfs
# optional volume if you want to persist the configuration script in order to change it
+ # you can use the command
+ # docker run --rm -it -v datapod_kubo_init:/container-init.d --entrypoint /bin/sh h30x/datapod-kubo
# - kubo_init:/container-init.d
environment:
KUBO_DOMAIN: ${KUBO_DOMAIN}
KUBO_PORT: ${KUBO_PORT}
+ KUBO_WEBSOCKET_DOMAIN: ${KUBO_WEBSOCKET_DOMAIN}
KUBO_GATEWAY_DOMAIN: ${KUBO_GATEWAY_DOMAIN}
KUBO_GATEWAY_SUBDOMAIN: ${KUBO_GATEWAY_SUBDOMAIN}
restart: always
@@ -60,21 +66,21 @@ services:
image: h30x/datapod-kubo-rpc
ports:
# p2p port public (tcp, udp, webtransport, webrtc)
- - 4002:4001/tcp
- - 4002:4001/udp
+ - 4401:4001/tcp
+ - 4401:4001/udp
# expose RPC to partial reverse proxy
- 127.0.0.1:6001:5001
volumes:
- kubo-rpc_data:/data/ipfs
environment:
KUBO_DOMAIN: ${KUBO_DOMAIN}
- KUBO_PORT: 4002
+ KUBO_PORT: 4401
restart: always
# ------
# optional kubo pubsub to see what the node receives on pubsub
pubsub:
- image: ipfs/kubo:v0.30.0
+ image: ipfs/kubo:v0.32.1
restart: always
depends_on:
kubo:
diff --git a/package.json b/package.json
index 28bfa4058d1371e6be45cfa52f8b8860765c5439..97dcfa1b3863fb1c510f40724f4723641e72acc5 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "ddd-indexer",
- "version": "0.0.3",
+ "version": "0.0.4",
"private": true,
"type": "module",
"scripts": {
diff --git a/scripts/configure-addresses.sh b/scripts/configure-addresses.sh
index 2475e46e8a37ff08691b04e9c7fec1a031758797..a1b467c79d71692bbe68ec015fab3a89d839527a 100644
--- a/scripts/configure-addresses.sh
+++ b/scripts/configure-addresses.sh
@@ -13,7 +13,9 @@ ipfs config Addresses.Swarm --json '[
"/ip4/0.0.0.0/udp/4001/quic-v1/webtransport",
"/ip6/::/udp/4001/quic-v1/webtransport",
"/ip4/0.0.0.0/udp/4001/webrtc-direct",
- "/ip6/::/udp/4001/webrtc-direct"
+ "/ip6/::/udp/4001/webrtc-direct",
+ "/ip4/0.0.0.0/tcp/4002/ws",
+ "/ip6/::/tcp/4002/ws"
]'
# configure the addresses to announce
# KUBO_PORT is external port mapped in docker compose to 4001
@@ -21,5 +23,11 @@ ipfs config Addresses.Announce --json "[
\"/dns/$KUBO_DOMAIN/tcp/$KUBO_PORT\",
\"/dns/$KUBO_DOMAIN/udp/$KUBO_PORT/quic-v1\",
\"/dns/$KUBO_DOMAIN/udp/$KUBO_PORT/quic-v1/webtransport\",
- \"/dns/$KUBO_DOMAIN/udp/$KUBO_PORT/webrtc-direct\"
+ \"/dns/$KUBO_DOMAIN/udp/$KUBO_PORT/webrtc-direct\",
+ \"/dns/$KUBO_WEBSOCKET_DOMAIN/tcp/443/wss/\"
]"
+
+# --- swarm ---
+# disable p2p-circuit
+ipfs config Swarm.RelayClient.Enabled --json false
+ipfs config Swarm.Transports.Network.Relay --json false
\ No newline at end of file