kosmos/chef
kosmos
/
chef
8
3
Fork 0
Code Issues 37 Pull Requests 1 Projects 1 Activity

Fix IPFS node connectivity from the outside as well as the private network #442

Merged
raucao merged 4 commits from bugfix/ipfs_connectivity into master 2022-11-02 18:32:44 +00:00
Conversation 0 Commits 4 Files Changed 3 +64 -7
raucao commented 2022-11-02 13:11:31 +00:00
Owner
Copy Link

The problem was the configured address filters for local networks. I used both firewall rules as well as new filters to allow dialing out on 10.1.1.0/24, but not other 10.0.0.0/8 subnet.

You can verify this by connecting to the ipfs-1 like this e.g.:

ipfs swarm swarm connect /dns4/draco.kosmos.org/tcp/4001/p2p/QmRw21aC3TroRVdZhrE2Qh4W6PBA67kbE8p3fNfsVcfW8D

refs kredits/meta#10

The problem was the configured address filters for local networks. I used both firewall rules as well as new filters to allow dialing out on 10.1.1.0/24, but not other 10.0.0.0/8 subnet. You can verify this by connecting to the `ipfs-1` like this e.g.: ipfs swarm swarm connect /dns4/draco.kosmos.org/tcp/4001/p2p/QmRw21aC3TroRVdZhrE2Qh4W6PBA67kbE8p3fNfsVcfW8D refs https://gitea.kosmos.org/kredits/meta/issues/10
raucao added the
kredits-1
ops
 labels 2022-11-02 13:11:31 +00:00
raucao added 2 commits 2022-11-02 13:11:32 +00:00
b1922d26f6
Allow IPFS connections on private network 
(HAProxy is now also using the private network.)

This fixes IPFS connections to Kosmos nodes from outside the network, as
well as in between nodes on the private network.
raucao requested review from greg 2022-11-02 13:12:08 +00:00
raucao requested review from bumi 2022-11-02 13:12:08 +00:00
greg added 1 commit 2022-11-02 17:13:56 +00:00
greg reviewed 2022-11-02 17:15:46 +00:00
site-cookbooks/kosmos-ipfs/recipes/default.rb Outdated
@ -17,1 +18,4 @@
end
firewall_rule 'ipfs_api' do
port 5001
greg commented 2022-11-02 17:15:46 +00:00
Owner
Copy Link

Could use the new node['kosmos-ipfs']['api']['port'] attribute you created above instead of the hardcoded value

Could use the new `node['kosmos-ipfs']['api']['port']` attribute you created above instead of the hardcoded value
greg marked this conversation as resolved
greg approved these changes 2022-11-02 18:26:42 +00:00
greg left a comment
Owner
Copy Link

👍

👍
raucao added 1 commit 2022-11-02 18:27:17 +00:00
raucao merged commit 08bcdcc395 into master 2022-11-02 18:32:44 +00:00
raucao deleted branch bugfix/ipfs_connectivity 2022-11-02 18:32:44 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
bumi
greg
Labels
Clear labels   
service
accounts
Kosmos Accounts

  
service
discourse
Kosmos Community Forums

  
service
drone-ci
Kosmos Drone CI

  
service
email
mail.kosmos.org

  
service
garage
S3-compatible object storage

  
service
gitea
Kosmos Gitea

  
service
ipfs
Kosmos IPFS

  
service
mastodon
kosmos.social

  
service
postgres
Database cluster

  
service
remotestorage
Portable data storage for the Web

  
service
wiki
Kosmos Wiki

  
service
xmpp
Kosmos Chat

  
bug

Something is not working

  
design

Graphic/visual design

  
dev environment

Config, builds, CI, deployment, etc.

  
docs

Documentation

  
duplicate

This issue or pull request already exists

  
enhancement

Improving existing functionality

  
feature

New functionality

  
good first issue

Dive in, and start contributing

  
idea

Something to consider

  
invalid

Not a bug

  
kredits-1

Small contribution

  
kredits-2

Medium contribution

  
kredits-3

Large contribution

  
on hold

Currently not actionable

  
ops

Manual IT ops activities

  
question

Looking for an answer

  
release
major

  
release
minor

  
release
patch

  
security

All your base are belong to us

  
ui/ux

User interface, process design, etc.

  
wontfix

This won't be fixed

No Label
service
accounts
service
discourse
service
drone-ci
service
email
service
garage
service
gitea
service
ipfs
service
mastodon
service
postgres
service
remotestorage
service
wiki
service
xmpp
bug
design
dev environment
docs
duplicate
enhancement
feature
good first issue
idea
invalid
kredits-1
kredits-2
kredits-3
on hold
ops
question
release
major
release
minor
release
patch
security
ui/ux
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: kosmos/chef#442
No description provided.
Delete Branch "bugfix/ipfs_connectivity"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?