cluster/services/ipfs: update config, host routing API endpoint

2023-10-27 19:22:39 +02:00 · 2023-10-27 19:22:39 +02:00 · 7916856d92
commit 7916856d92
parent a8ec626ba9
3 changed files with 27 additions and 7 deletions
--- a/cluster/services/ipfs/default.nix
+++ b/cluster/services/ipfs/default.nix
@ -15,7 +15,7 @@
          prophet = "12D3KooWQWsHPUUeFhe4b6pyCaD1hBoj8j6Z7S7kTznRTh1p1eVt";
        }.${name};
        multiaddrs = [
-          "/ip4/${self.ipv4}/udp/${self.portStr}/quic"
+          "/ip4/${self.ipv4}/udp/${self.portStr}/quic-v1"
          "/ip4/${self.ipv4}/tcp/${self.portStr}"
        ];
      };
--- a/cluster/services/ipfs/gateway.nix
+++ b/cluster/services/ipfs/gateway.nix
@ -34,6 +34,16 @@ in
      locations."/".return = "204";
      locations."${metrics.path}".proxyPass = "http://unix:/run/ipfs/ipfs-api.sock:";
    };
+    "p2p.${domain}" = vhosts.basic // {
+      locations."/".return = "204";
+      locations."/routing" = {
+        proxyPass = gw.url;
+        extraConfig = ''
+          add_header X-Content-Type-Options "";
+          add_header Access-Control-Allow-Origin *;
+        '';
+      };
+    };
  };
  security.acme.certs."ipfs.${domain}" = {
    domain = "*.ipfs.${domain}";
@ -42,6 +52,11 @@ in
    group = "nginx";
  };

+  security.acme.certs."p2p.${domain}" = {
+    dnsProvider = "pdns";
+    webroot = lib.mkForce null;
+  };
+
  services.nginx.virtualHosts."ipfs.${domain}" = vhosts.basic // {
    serverName = "~^(.+)\.(ip[fn]s)\.${domain}$";
    enableACME = false;
@ -63,6 +78,11 @@ in
      NoDNSLink = false;
      UseSubdomains = true;
    };
+    "p2p.${domain}" = {
+      Paths = [ "/routing" ];
+      NoDNSLink = true;
+      UseSubdomains = false;
+    };
  };

  consul.services.ipfs-gateway = {
--- a/cluster/services/ipfs/node.nix
+++ b/cluster/services/ipfs/node.nix
@ -30,8 +30,8 @@ in
    swarmAddress = [
      "/ip4/0.0.0.0/tcp/${toString ipfsPort}"
      "/ip4/0.0.0.0/tcp/4001"
-      "/ip4/0.0.0.0/udp/${toString ipfsPort}/quic"
-      "/ip4/0.0.0.0/udp/4001/quic"
+      "/ip4/0.0.0.0/udp/${toString ipfsPort}/quic-v1"
+      "/ip4/0.0.0.0/udp/4001/quic-v1"
    ];
    inherit apiAddress;
    gatewayAddress = "/ip4/${gw.ipv4}/tcp/${gw.portStr}";
@ -65,6 +65,7 @@ in
        (cluster.config.services.ipfs.otherNodes.node config.networking.hostName);
      Gateway = {
        Writable = false;
+        ExposeRoutingAPI = true;
        APICommands = [];
        HTTPHeaders = {
          Access-Control-Allow-Headers = [
@ -80,21 +81,20 @@ in
          ];
        };
      };
-      Experimental.AcceleratedDHTClient = true;
      Routing = {
        Type = "custom";
        Routers = {
          WanDHT = {
            Type = "dht";
            Parameters = {
-              Mode = "uato";
+              Mode = "auto";
              PublicIPNetwork = true;
              AcceleratedDHTClient = true;
            };
          };
          CidContact = {
-            Type = "reframe";
-            Parameters.Endpoint = "https://cid.contact/reframe";
+            Type = "http";
+            Parameters.Endpoint = "https://cid.contact";
          };
          Parallel = {
            Type = "parallel";