chef/site-cookbooks/kosmos-ipfs/recipes/default.rb

#
# Cookbook Name:: kosmos-ipfs
# Recipe:: default
#

include_recipe "ipfs"
include_recipe 'firewall'
include_recipe "kosmos-ipfs::kredits_pinner"

node['kosmos-ipfs']['ipfs']['config'].each do |k, v|
  ipfs_config k do
    value v
  end
end

unless node.chef_environment == "development"
  include_recipe "kosmos-ipfs::firewall_swarm"
end

firewall_rule 'ipfs_api' do
  port     5001
  source   "10.1.1.0/24"
  protocol :tcp
  command  :allow
  logging  :connections
end

firewall_rule 'ipfs_local_p2p_allow_out' do
  destination "10.1.1.0/24"
  direction   :out
  protocol    :none
  command     :allow
  logging     :connections
end

firewall_rule 'ipfs_local_p2p_deny_out' do
  destination "10.0.0.0/8"
  direction   :out
  protocol    :none
  command     :deny
  logging     :connections
end