kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity

Initial nginx reverse proxy for the IPFS IP

Browse Source 
It supports cat and add for now. I have tried it using the ipfs-api npm
module
This commit is contained in:
Greg Karékinian 2017-03-20 19:38:51 +00:00
parent 3f81310109
commit 114503033b
3 changed files with 42 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
site-cookbooks/kosmos-ipfs/recipes/default.rb
View File

@ -12,19 +12,18 @@ include_recipe "ipfs"
# Configure ipfs # Configure ipfs
# The default gateway is already used by kosmos' hubot (8080) # The default gateway is already used by kosmos' hubot (8080)
execute "ipfs config Addresses.Gateway /ip4/127.0.0.1/tcp/9090" do ipfs_config "Addresses.Gateway" do
environment "IPFS_PATH" => "/home/ipfs/.ipfs" value "/ip4/127.0.0.1/tcp/9090"
user "ipfs"
not_if "ipfs config Addresses.Gateway | grep /ip4/127.0.0.1/tcp/9090"
notifies :restart, "service[ipfs]", :delayed
end end
# Set up CORS headers # Set up CORS headers
execute "ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '[\"kredits.kosmos.org\"]'" do ipfs_config "API.HTTPHeaders.Access-Control-Allow-Origin" do
environment "IPFS_PATH" => "/home/ipfs/.ipfs" value ["kredits.kosmos.org"]
user "ipfs" end
not_if "ipfs config API.HTTPHeaders.Access-Control-Allow-Origin | grep kredits.kosmos.org"
notifies :restart, "service[ipfs]", :delayed # Set up the Gateway to be writable
ipfs_config "Gateway.Writable" do
value true
end end
include_recipe "kosmos-ipfs::letsencrypt" include_recipe "kosmos-ipfs::letsencrypt"

4
site-cookbooks/kosmos-ipfs/recipes/letsencrypt.rb
View File

@ -26,7 +26,9 @@ template "#{node['nginx']['dir']}/sites-available/ipfs.kosmos.org" do
variables server_name: 'ipfs.kosmos.org', variables server_name: 'ipfs.kosmos.org',
root_directory: root_directory, root_directory: root_directory,
ssl_cert: "/etc/letsencrypt/live/ipfs.kosmos.org/fullchain.pem", ssl_cert: "/etc/letsencrypt/live/ipfs.kosmos.org/fullchain.pem",
ssl_key: "/etc/letsencrypt/live/ipfs.kosmos.org/privkey.pem" ssl_key: "/etc/letsencrypt/live/ipfs.kosmos.org/privkey.pem",
ipfs_api_port: 5001
notifies :reload, 'service[nginx]', :delayed notifies :reload, 'service[nginx]', :delayed
end end

36
site-cookbooks/kosmos-ipfs/templates/default/nginx_conf_ipfs.kosmos.org.erb
View File

@ -1,21 +1,45 @@
upstream _ipfs {
server localhost:<%= @ipfs_api_port %>;
}
# Used by Let's Encrypt (certbot in webroot mode)
server {
listen 80;
server_name <%= @server_name %>;
location /.well-known {
root "<%= @root_directory %>";
}
location / {
return 301 https://$host$request_uri;
}
}
server { server {
listen 80; # For Let's Encrypt
<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%> <% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
listen 443 ssl spdy; listen 443 ssl spdy;
<% else -%>
listen 80;
<% end -%> <% end -%>
server_name <%= @server_name %>; server_name <%= @server_name %>;
# Used by Let's Encrypt (certbot in webroot mode)
location /.well-known {
root "<%= @root_directory %>";
}
location / { location / {
return 200 'Nothing to see here'; return 200 'Nothing to see here';
add_header Content-Type text/plain; add_header Content-Type text/plain;
} }
# Increase number of buffers. Default is 8
proxy_buffers 1024 8k;
proxy_http_version 1.1;
location /api/v0/cat {
proxy_pass http://_ipfs/api/v0/cat;
}
location /api/v0/add {
proxy_pass http://_ipfs/api/v0/add;
}
<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%> <% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
ssl_certificate <%= @ssl_cert %>; ssl_certificate <%= @ssl_cert %>;
ssl_certificate_key <%= @ssl_key %>; ssl_certificate_key <%= @ssl_key %>;