Testing IPFS to act as a RPM repo

This is a short how to get IPFS running on a vm to play around and discover. You should not do this on a machine with sensitive information on it nor on a production server…

This is a pretty straight forward howto, if you want to know how IPFS work it’s not the right place. If you want to know the basic and more in-depth details of how IPFS work here’s few link you can check:

https://medium.com/@ConsenSys/an-introduction-to-ipfs-9bba4860abd0

https://coincenter.org/entry/why-is-decentralized-and-distributed-file-storage-critical-for-a-better-web

 

Download and Install IPFS binary.

[arsenick@rpm-distro-build ipfs]$ wget https://dist.ipfs.io/go-ipfs/v0.4.13/go-ipfs_v0.4.13_linux-amd64.tar.gz
--2018-03-13 14:39:08-- https://dist.ipfs.io/go-ipfs/v0.4.13/go-ipfs_v0.4.13_linux-amd64.tar.gz
Resolving dist.ipfs.io (dist.ipfs.io)... 147.135.130.181, 217.182.195.23, 2001:41d0:303:27b5::, ...
Connecting to dist.ipfs.io (dist.ipfs.io)|147.135.130.181|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 12635297 (12M) [application/x-gzip]
Saving to: ‘go-ipfs_v0.4.13_linux-amd64.tar.gz’

go-ipfs_v0.4.13_linux-amd64.tar. 100%[=========================================================>] 12.05M 2.84MB/s in 4.6s

2018-03-13 14:39:13 (2.63 MB/s) - ‘go-ipfs_v0.4.13_linux-amd64.tar.gz’ saved [12635297/12635297]

[arsenick@rpm-distro-build ipfs]$ tar -xzvf go-ipfs_v0.4.13_linux-amd64.tar.gz 
go-ipfs/build-log
go-ipfs/install.sh
go-ipfs/ipfs
go-ipfs/LICENSE
go-ipfs/README.md
[arsenick@rpm-distro-build ipfs]$ cd go-ipfs/
[arsenick@rpm-distro-build go-ipfs]$ ls
build-log install.sh ipfs LICENSE README.md
[arsenick@rpm-distro-build go-ipfs]$ sudo ./install.sh 
Moved ipfs to /usr/local/bin
[arsenick@rpm-distro-build ipfs]$

 

Initialize and configure CORS

I used * and 0.0.0.0 to permit all host, remember this is a lab setup just to play around, don’t do this if you want to keep the daemon running 24/7 on a machine with important documents.

$ ipfs init
$ ipfs config Addresses.API /ip4/0.0.0.0/tcp/5001
$ ipfs config Addresses.Gateway /ip4/0.0.0.0/tcp/8080
$ ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '["*"]'
$ ipfs config --json API.HTTPHeaders.Access-Control-Allow-Methods '["PUT", "GET", "POST"]'

If you want to check the current config run ipfs config Addresses:

[arsenick@rpm-distro-build mylivecrypto]$ ipfs config Addresses

{
 "API": "/ip4/0.0.0.0/tcp/5001",
 "Announce": [],
 "Gateway": "/ip4/0.0.0.0/tcp/8080",
 "NoAnnounce": [],
 "Swarm": [
 "/ip4/0.0.0.0/tcp/4001",
 "/ip6/::/tcp/4001"
 ]
}

Starting the daemon

$ ipfs daemon

If you have problem launch the daemon with –debug

$ ipfs daemon --debug

Verify that we are connected to other peers in the swarm:

$ ipfs swarm peers

Once the IPFS daemon is running, you can try to load stuff in the swarm via your own ipfs gateway like this video:

http://127.0.0.1:8080/ipfs/QmcniBv7UQ4gGPQQW2BwbD4ZZHzN3o3tPuNLZCbBchd1zh

Or you could watch it via a public gateway:

http://ipfs.io/ipfs/QmcniBv7UQ4gGPQQW2BwbD4ZZHzN3o3tPuNLZCbBchd1zh

Yeah I know, sorry I couldn’t resist…

First publish

Let’s create a directory in which we’ll put a picture, wathever the picture you have, really…

$ mkdir test-ipfs
$ cp Images/cat.jpg test-ipfs/

Let’s add the entire folder:

$ ipfs add -r test-ipfs

IPFS will generate a hash for each and every files that is in this directory. The -r mean recursive.

You can now test using a public gateway like ipfs.io just add the site hash you got after adding the directory.

https://ipfs.io/ipfs/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Let’s try to use it as a RPM repo

First we’ll copy some rpm inside a directory and create the repo. I want to share those files with apache too so I’ll put them in /var/www/html

$ cd /var/www/html
$ sudo mkdir mylivecrypto
$ sudo cp /home/arsenick/rpmbuild/RPMS/noarch/*.rpm /var/www/html/mylivecrypto/
$ sudo createrepo -v /var/www/html/mylivecrypto/

Then we’ll add the directory we’ve just created with it’s content to the swarm:

$ ipfs add -r mylivecrypto/
added QmSsDvYbXzqo9X3F5Vz1kunSsznPJJWmzbd16PNVSumPH1 mylivecrypto/etherwallet-3.20.03-1.fc27.noarch.rpm
added QmaizchR1MFu5cvtYD52KBrghJzuZGV3ZHUzCZmgu7EyWL mylivecrypto/mycrypto-3.12.0-1.fc27.noarch.rpm
added QmU7y5uycimDRK92Bu2hrBkYz858S9VP4k1sZZ5jJtb3ey mylivecrypto/repodata/1b18985381e6e801dd30895d83ff1a60b4e251238bf54b7d964607fae6fee6ff-other.sqlite.bz2
added QmTZnzS5yHBo39ESDvsg73KhmmsuhX4b4wH8QTGfDqbXBu mylivecrypto/repodata/26902cfa30e1b791faadbd1bb745e7803c07a6733450d88625788d53de9baee9-primary.sqlite.bz2
added QmZTV2j774nuvb8NaW31FvHVGdehtsURpxxmFA1Dc8Wn9h mylivecrypto/repodata/4d5e514c7bbf4ea0593a7b0e33ffef97ff6739b0803ad84b699c72f87ae9ce5e-primary.xml.gz
added QmfRcKNTi65hRRseE2NM81iSefjffQfUG6S9nfd6HcUrGC mylivecrypto/repodata/4f0c27f652c56e97ce1ac06941d80c083f1a52cd85b5f24d335ecc167b362a2e-filelists.sqlite.bz2
added QmNjS1MoQCphNC9E8mmJUR2aXAzMN1QNAs1qaJrimVivoT mylivecrypto/repodata/5a1a69e89862cb338a014a1fc513626f4104b23fa0c41c1a961d8ced92be6dcc-other.xml.gz
added QmeGAVXs3wGq2LSPcQy1bji7id9BeVBULLt8m95gjJCAdu mylivecrypto/repodata/ce3dea1b7bd0f02f95a5858873b6370c1aa592a0e5508ce8297f94c8e125231a-filelists.xml.gz
added QmegVtiYKzCRHin3FhEqzFDLytXTT83cya1ZEAAfPFjNWg mylivecrypto/repodata/repomd.xml
added QmX8od9tRccsbVPwchjjsB24Q38piNbkDXonQwRqfHLen9 mylivecrypto/repodata
added QmXXoZCjQHxZxRAxbRTQtGQ4jwQjHJ8YjxvGWLWCpgfKEo mylivecrypto

That’s it our directory and it’s content has been added to the swarm! In the example above QmXXoZCjQHxZxRAxbRTQtGQ4jwQjHJ8YjxvGWLWCpgfKEo is the folder hash.

If you want to add this repo to your host you should then add the repo url: https://ipfs.io/ipfs/QmXXoZCjQHxZxRAxbRTQtGQ4jwQjHJ8YjxvGWLWCpgfKEo

[arsenick@rpm-distro-build ~]$ sudo yum-config-manager --add-repo https://ipfs.io/ipfs/QmXXoZCjQHxZxRAxbRTQtGQ4jwQjHJ8YjxvGWLWCpgfKEo
[sudo] password for arsenick:

Yum-utils package has been deprecated, use dnf instead.
See 'man yum2dnf' for more information.

adding repo from: https://ipfs.io/ipfs/QmXXoZCjQHxZxRAxbRTQtGQ4jwQjHJ8YjxvGWLWCpgfKEo

[ipfs.io_ipfs_QmXXoZCjQHxZxRAxbRTQtGQ4jwQjHJ8YjxvGWLWCpgfKEo]
name=added from: https://ipfs.io/ipfs/QmXXoZCjQHxZxRAxbRTQtGQ4jwQjHJ8YjxvGWLWCpgfKEo
baseurl=https://ipfs.io/ipfs/QmXXoZCjQHxZxRAxbRTQtGQ4jwQjHJ8YjxvGWLWCpgfKEo
enabled=1

[arsenick@rpm-distro-build ~]$ yum search myether
added from: https://ipfs.io/ipfs/QmXXoZCjQHxZxRAxbRTQtGQ4jwQjHJ8YjxvGWLWCpgfKEo 3.5 kB/s | 2.4 kB 00:00 
Last metadata expiration check: 0:00:00 ago on Thu 15 Mar 2018 11:35:07 AM EDT.
================================================== Description Matched: myether ===================================================
etherwallet.noarch : Packaged version of MEW. Package maintained by Rene Jr Purcell

It’s working! The big problem with that is, I can’t update the files once it’s added… I’ll make another post soon about IPNS which should enable us to use the same hash to access the folder, when you need to update the files, you just point the IPNS to the new IPFS hash.

Accessing the WebUI

If you want to access the WebUI from the localhost then you can just go to: http://127.0.0.1:5001/webui

If you are trying to access the WebUI from a remote machine it’s not gonna work, even if you changed the ip address on which the API listen… It seems like for now even if you configure CORS correctly, the localhost is still hardcoded in the webui as a “Security measure”. You should be able to call the API remotely with the correct CORS config we did (more info here: https://github.com/INFURA/tutorials/wiki/IPFS-and-CORS ). So if you really want this to work remotely with the WebUI you’ll have to use ssh to forward port.

$ ssh -L 5001:localhost:5001 arsenick@192.168.X.X

$ ssh -L 8080:localhost:8080 arsenick@192.168.X.X

 

And then use http://127.0.0.1:5001/webui SSH will forward 5001 and 8080 to the machine running IPFS daemon.

Create service for easy and automatic startup (mandatory)

$ vim /lib/systemd/system/ipfs.service
[Unit]
Description=ipfs daemon

[Service]
ExecStart=/usr/local/bin/ipfs daemon
Restart=always
User=root
Group=root

[Install]
WantedBy=multi-user.target

Let’s reload systemd and enable IPFS service.

$ systemctl daemon-reload
$ systemctl enable ipfs.service

That’s it, you can now play around with IPFS.

Ressources:

https://ipfs.io/docs/install/

https://ipfs.io/docs/getting-started/

https://discuss.ipfs.io/t/how-can-i-enable-remote-connection-to-webui/698/3

https://github.com/INFURA/tutorials/wiki/IPFS-and-CORS

https://hackernoon.com/ten-terrible-attempts-to-make-the-inter-planetary-file-system-human-friendly-e4e95df0c6fa

Related to remote access of webui:

https://github.com/ipfs/webui/issues/591

https://github.com/ipfs/webui/issues/594

https://github.com/ipfs/go-ipfs/issues/1807

View story at Medium.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s