Merge pull request #10 from 67P/feature/better_config

Improve the default config

Berksfile.lock

@@ -10,7 +10,7 @@ GRAPH
   build-essential (8.1.1)
     mingw (>= 1.1)
     seven_zip (>= 0.0.0)
-  ipfs (0.1.3)
+  ipfs (0.4.0)
     ark (>= 0.0.0)
   mingw (2.1.0)
     seven_zip (>= 0.0.0)

README.md

@@ -39,9 +39,7 @@ Just include `ipfs` in your node's `run_list`:
 - `node.['ipfs']['version']` - the Go IPFS version to download from the official
 site (64bit)
 - `node['ipfs']['checksum']` - the SHA256 checksum for the package
-- `node['ipfs']['config']['swarm']['addr_filter']` - the network ranges to not
-connect to. This will stop platforms like Hetzner to block your server
-(https://github.com/ipfs/go-ipfs/issues/1226)
+- `node['ipfs']['config']` - a hash of config options
 
 ## Resources
 
@@ -67,7 +65,7 @@ kitchen verify # Run the integration tests for Ubuntu 16.04, 18.06 and Debian 9
 ## License and Authors
 
 Authors: Kosmos Developers mail@kosmos.org
-Copyright: 2018, [Kosmos Developers](https://kredits.kosmos.org/)
+Copyright: 2018-2019, [Kosmos Developers](https://kredits.kosmos.org/)
 
 ```
 Unless otherwise noted, all files are released under the MIT license, possible

attributes/default.rb

@@ -1,10 +1,8 @@
-node.default['ipfs']['version'] = '0.4.17'
-node.default['ipfs']['checksum'] = '1bb1050ebe74f9042ac721eb1b71f92e1b0e78e54c59dadfde13080facb2901c'
-
-node.default['ipfs']['cluster']['version'] = '0.4.0'
-node.default['ipfs']['cluster']['service']['checksum'] = 'a168e9d3544f53f3d734098533d606b88417f6319bc8f83b1af7ef1328ed246a'
-node.default['ipfs']['cluster']['ctl']['checksum'] = 'c82ba76b21a6fc42c8c635962a356c51fe6d4d0fbac2a77bfdd159cbe6a56f49'
+node.default['ipfs']['version'] = '0.4.21'
+node.default['ipfs']['checksum'] = 'a7ec5ddc4d52f818cbf3853a80f7ec17f9fde9128f039485dbe1889cf673d562'
 
+node.default['ipfs']['ulimit'] = 64000
+node.default['ipfs']['memory_max'] = '512M'
 node.default['ipfs']['config'] = {
   # Do not contact local network addresses. This will stop platforms like Hetzner
   # to block your server (https://github.com/ipfs/go-ipfs/issues/1226)
@@ -23,15 +21,11 @@ node.default['ipfs']['config'] = {
                           '/ip4/198.51.100.0/ipcidr/24',
                           '/ip4/203.0.113.0/ipcidr/24',
                           '/ip4/240.0.0.0/ipcidr/4'],
-  # Do not keep track of bandwidth metrics. Disabling bandwidth metrics can
-  # lead to a slight performance improvement, as well as a reduction in memory
-  # usage.
-  'Swarm.DisableBandwidthMetrics' => true,
-  # Disable the p2p-circuit relay transport
-  'Swarm.DisableRelay' => true,
-  # Number of connections that, when exceeded, will trigger a connection GC
-  # operation
-  'Swarm.ConnMgr.HighWater' => 10,
-  # Minimum number of connections to maintain
-  'Swarm.ConnMgr.LowWater' => 1,
+  # Set up the Gateway to be writable
+  'Gateway.Writable' => true,
+
+  # Set up CORS headers
+  'API.HTTPHeaders.Access-Control-Allow-Credentials' => ['true'],
+  'API.HTTPHeaders.Access-Control-Allow-Methods' => %w(PUT GET POST),
+  'API.HTTPHeaders.Access-Control-Allow-Origin' => ['*'],
 }

metadata.rb

@@ -4,7 +4,7 @@ maintainer_email 'mail@kosmos.org'
 license          'MIT'
 description      'Installs/Configures ipfs'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version          '0.3.0'
+version          '0.4.0'
 
 supports %w(ubuntu debian)
 

recipes/cluster.rb

@@ -1,50 +0,0 @@
-#
-# Cookbook Name:: ipfs
-# Recipe:: cluster
-#
-# The MIT License (MIT)
-#
-# Copyright:: 2018, Kosmos Developers
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-include_recipe 'ipfs::_user'
-
-version = node['ipfs']['cluster']['version']
-
-ark 'ipfs-cluster-service' do
-  url "https://dist.ipfs.io/ipfs-cluster-service/v#{version}/ipfs-cluster-service_v#{version}_linux-amd64.tar.gz"
-  checksum node['ipfs']['cluster']['service']['checksum']
-  has_binaries ['ipfs-cluster-service']
-end
-
-ark 'ipfs-cluster-ctl' do
-  url "https://dist.ipfs.io/ipfs-cluster-ctl/v#{version}/ipfs-cluster-ctl_v#{version}_linux-amd64.tar.gz"
-  checksum node['ipfs']['cluster']['ctl']['checksum']
-  has_binaries ['ipfs-cluster-ctl']
-end
-
-credentials = data_bag_item('credentials', 'ipfs_cluster')
-
-execute 'ipfs-cluster-service init' do
-  user 'ipfs'
-  environment 'CLUSTER_SECRET' => credentials['secret'],
-              'IPFS_CLUSTER_PATH' => '/home/ipfs/.ipfs-cluster'
-  not_if { File.exist? '/home/ipfs/.ipfs-cluster/service.json' }
-end

recipes/cluster_bootstrap.rb

@@ -1,33 +0,0 @@
-#
-# Cookbook Name:: ipfs
-# Recipe:: cluster_bootstrap
-#
-# The MIT License (MIT)
-#
-# Copyright:: 2018, Kosmos Developers
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-include_recipe 'ipfs::_user'
-
-execute "ipfs-cluster-service daemon --bootstrap #{peer}" do
-  user 'ipfs'
-  environment 'IPFS_CLUSTER_PATH' => '/home/ipfs/.ipfs-cluster'
-  not_if { File.exist? '/home/ipfs/.ipfs-cluster/service.json' }
-end

recipes/cluster_service.rb

@@ -1,64 +0,0 @@
-#
-# Cookbook Name:: ipfs
-# Recipe:: cluster_service
-#
-# The MIT License (MIT)
-#
-# Copyright:: 2018, Kosmos Developers
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-if platform?('ubuntu') && node['platform_version'].to_f < 15.04 ||
-   platform?('debian') && node['platform_version'].to_f < 8
-  template 'ipfs.initd-cluster.service.erb' do
-    path '/etc/init.d/ipfs-cluster'
-    source 'ipfs-cluster.initd.service.erb'
-    owner 'root'
-    group 'root'
-    mode '0750'
-    notifies :restart, 'service[ipfs-cluster]', :delayed
-  end
-
-  service 'ipfs-cluster' do
-    provider Chef::Provider::Service::Init::Debian
-    action [:enable]
-    supports start: true, stop: true, restart: true, reload: false, status: true
-  end
-
-else
-  execute 'systemctl daemon-reload' do
-    command 'systemctl daemon-reload'
-    action :nothing
-  end
-
-  template 'ipfs-cluster.systemd.service.erb' do
-    path '/lib/systemd/system/ipfs-cluster.service'
-    source 'ipfs-cluster.systemd.service.erb'
-    owner 'root'
-    group 'root'
-    mode '0644'
-    notifies :run, 'execute[systemctl daemon-reload]', :delayed
-    notifies :restart, 'service[ipfs-cluster]', :delayed
-  end
-
-  service 'ipfs-cluster' do
-    provider Chef::Provider::Service::Systemd
-    action [:enable]
-  end
-end

spec/unit/recipes/cluster_service_spec.rb

@@ -1,55 +0,0 @@
-#
-# Cookbook:: ipfs
-# Spec:: default
-#
-# The MIT License (MIT)
-#
-# Copyright:: 2018, Kosmos Developers
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-require 'spec_helper'
-
-describe 'ipfs::cluster_service' do
-  context 'When all attributes are default, on Ubuntu 16.04' do
-    let(:chef_run) do
-      # for a complete list of available platforms and versions see:
-      # https://github.com/customink/fauxhai/blob/master/PLATFORMS.md
-      runner = ChefSpec::SoloRunner.new(platform: 'ubuntu', version: '16.04')
-      runner.converge(described_recipe)
-    end
-
-    it 'enables the service' do
-      expect(chef_run).to enable_service('ipfs-cluster')
-    end
-  end
-
-  context 'When all attributes are default, on Ubuntu 18.04' do
-    let(:chef_run) do
-      # for a complete list of available platforms and versions see:
-      # https://github.com/customink/fauxhai/blob/master/PLATFORMS.md
-      runner = ChefSpec::SoloRunner.new(platform: 'ubuntu', version: '18.04')
-      runner.converge(described_recipe)
-    end
-
-    it 'enables the service' do
-      expect(chef_run).to enable_service('ipfs-cluster')
-    end
-  end
-end

templates/default/ipfs-cluster.initd.service.erb

@@ -1,102 +0,0 @@
-#!/bin/sh
-### BEGIN INIT INFO
-# Provides:          ipfs-cluster daemon
-# Required-Start:    $local_fs $remote_fs $network $syslog $named
-# Required-Stop:     $local_fs $remote_fs $network $syslog $named
-# Default-Start:     2 3 4 5
-# Default-Stop:      0 1 6
-# Short-Description: Starts the ipfs-cluster daemon
-# Description:       Starts the ipfs-cluster daemon using the start-stop-daemon
-### END INIT INFO
-
-# Author: Dylan Powers <dylan.kyle.powers@gmail.com
-
-PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin
-DESC="ipfs-cluster daemon"
-NAME=ipfs-cluster
-DAEMON=/usr/local/bin/ipfs-cluster-service
-DAEMON_ARGS="daemon --upgrade"
-PIDFILE=/var/run/$NAME.pid
-SCRIPTNAME=/etc/init.d/$NAME
-
-IPFS_PATH=/home/ipfs/.ipfs
-IPFS_USER=ipfs
-
-# Exit if the package is not installed
-[ -x "$DAEMON" ] || exit 0
-
-# Read configuration variable file if it is present
-[ -r /etc/default/$NAME ] && . /etc/default/$NAME
-
-# Load the VERBOSE setting and other rcS variables
-. /lib/init/vars.sh
-
-# Define LSB log_* functions.
-# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
-# and status_of_proc is working.
-. /lib/lsb/init-functions
-
-#
-# Function that starts the daemon/service
-#
-do_start() {
-	# Return
-	#   0 if daemon has been started
-	#   1 if daemon was already running
-	#   2 if daemon could not be started
-	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test >/dev/null \
-		|| return 1
-	start-stop-daemon --start --quiet --pidfile $PIDFILE --make-pidfile \
-	                  --background --chuid $IPFS_USER --no-close \
-	                  --exec /usr/bin/env IPFS_PATH="$IPFS_PATH" $DAEMON 2>>$IPFS_PATH/daemon.log 1>/dev/null \
-	                  -- $DAEMON_ARGS \
-    || return 2
-}
-
-#
-# Function that stops the daemon/service
-#
-do_stop() {
-	# Return
-	#   0 if daemon has been stopped
-	#   1 if daemon was already stopped
-	#   2 if daemon could not be stopped
-	#   other if a failure occurred
-	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
-	RETVAL="$?"
-	[ "$RETVAL" = 2 ] && return 2
-
-	# Delete the pid
-	rm -f $PIDFILE
-	return "$RETVAL"
-}
-
-case "$1" in
-  start)
-		[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
-		do_start
-		case "$?" in
-			0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
-			2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
-		esac
-		;;
-  stop)
-		[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
-		do_stop
-		case "$?" in
-			0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
-			2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
-		esac
-		;;
-  status)
-		status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
-		;;
-	restart)
-		do_stop
-		do_start
-		;;
-  *)
-	echo "Usage: $SCRIPTNAME {start|stop|status|restart}" >&2
-	exit 3
-	;;
-esac

templates/default/ipfs-cluster.systemd.service.erb

@@ -1,13 +0,0 @@
-[Unit]
-Description=Start ipfs-cluster
-
-[Service]
-ExecStart=/usr/local/bin/ipfs-cluster-service daemon --upgrade
-User=ipfs
-Group=ipfs
-Restart=always
-# Raise the ulimit (max number of open files)
-LimitNOFILE=64000
-
-[Install]
-WantedBy=multi-user.target

templates/default/ipfs.systemd.service.erb

@@ -7,9 +7,9 @@ User=ipfs
 Group=ipfs
 Restart=always
 # Raise the ulimit (max number of open files)
-LimitNOFILE=64000
-# Limit the memory usage to 256MB
-MemoryMax=256M
+LimitNOFILE=<%= node['ipfs']['ulimit'] %>
+# Limit the memory usage
+MemoryMax=<%= node['ipfs']['memory_max'] %>
 
 [Install]
 WantedBy=multi-user.target

test/integration/cluster/serverspec/ipfs_cluster_spec.rb

@@ -1,27 +0,0 @@
-require 'serverspec'
-
-# Required by serverspec
-set :backend, :exec
-
-describe 'ipfs-cluster-ctl' do
-  # It is in the PATH
-  describe command('which ipfs-cluster-ctl') do
-    its(:exit_status) { should eq 0 }
-  end
-end
-
-describe 'ipfs-cluster-service' do
-  # It is in the PATH
-  describe command('which ipfs-cluster-service') do
-    its(:exit_status) { should eq 0 }
-  end
-
-  it 'is listening on port 9096' do
-    expect(port(9096)).to be_listening
-  end
-
-  it 'runs the ipfs-cluster-service' do
-    expect(service('ipfs-cluster')).to be_running
-    expect(service('ipfs-cluster')).to be_enabled
-  end
-end

test/integration/data_bags/credentials/ipfs_cluster.json

@@ -1,4 +0,0 @@
-{
-  "id": "ipfs_cluster",
-  "secret": "d9de2f31ca7e9989949010fed2e704f42b8e96fa1e8e60a0ad26611f0a01cf07"
-}