Here is how to quickly set up an ipfs private network with two nodes (examples are provided for both Linux and FreeBSD).
If you want to use our ipfs_UnArch software in a private environment, you may configure your node by following these instructions : the kubo package must be installed (ipfs-go on a FreeBSD host).
Initialize:
ipfs-go init --profile server
Create a single unique swarm key for your private network:
To generate a swarm key on Linux (bash), use:
echo -e "/key/swarm/psk/1.0.0/
/base16/
`tr -dc 'a-f0-9' < /dev/urandom | head -c64`" > ~/.ipfs/swarm.key
To generate a swarm key on FreeBSD (csh), use:
echo "/key/swarm/psk/1.0.0/" > ~/.ipfs/swarm.key
echo "/base16/" >> ~/.ipfs/swarm.key
head -c 64 /dev/urandom | xxd -p | tr -d '
' >> ~/.ipfs/swarm.key
chmod 400 ~/.ipfs/swarm.key
No additional package is required. The generated swarm.key file contents should be something like this:
/key/swarm/psk/1.0.0/
/base16/
b21de7dd7e0c5aaa394bd4fd8ead40cf6a0e906e660348ad8c0a06041e78e1b0
IMPORTANT! Copy the swarm.key file into the ~/.ipfs/ directory of each node in your private network For instance,
scp ~/.ipfs/swarm.key sysadmin@<IP ADDRESS>:~/.ipfs/swarm.key
Remove default entries for boostrap nodes (you'll only use nodes on your network):
ipfs-go bootstrap rm --all
Create the 'bootstrap add' statements for each node:
ipfs-go bootstrap add /ip4/<IP ADDRESS>/tcp/4001/p2p/<PEER ID>
The should be the IPV4 address of the node on the private network, for instance:
10.1.1.20
The is a unique identifier for the IPFS node that can be retrieved with:
ipfs-go config show | grep PeerID
For instance:
"PeerID": "12D3KooWKA3udX29qLsGVRxGpPuxp8VLgF3NBe4rp4rHsJWBCjsv"
Add the nodes, for instance:
ipfs-go bootstrap add /ip4/10.1.1.20/tcp/4001/ipfs/12D3KooWKA3udX29qLsGVRxGpPuxp8VLgF3NBe4rp4rHsJWBCjsv
(FreeBSD node)
ipfs bootstrap add /ip4/10.1.1.222/tcp/4001/p2p/12D3KooWQRAFuaXbhoNDBhLCVY9hLbRjF373Gn5idW1Z8KAQ7jas
(Linux node)
Check that the nodes are correctly listed in the Bootstrap configuration section:
ipfs-go config Bootstrap
[
"/ip4/10.1.1.20/tcp/4001/ipfs/12D3KooWKA3udX29qLsGVRxGpPuxp8VLgF3NBe4rp4rHsJWBCjsv",
"/ip4/10.1.1.222/tcp/4001/ipfs/12D3KooWQRAFuaXbhoNDBhLCVY9hLbRjF373Gn5idW1Z8KAQ7jas"
]
Start the network, by starting ipfs in daemon mode on each node:
setenv LIBP2P_FORCE_PNET 1
ipfs-go daemon &
(FreeBSD)
export LIBP2P_FORCE_PNET=1
IPFS_PATH=~/.ipfs ipfs daemon &
(Linux node)
You should see a message stating:
Swarm is limited to private network of peers with the swarm key
Check the list of known peers with their addresses:
ipfs-go swarm addrs
This will return something like:
12D3KooWKA3udX29qLsGVRxGpPuxp8VLgF3NBe4rp4rHsJWBCjsv (3)
/ip4/10.1.1.20/tcp/4001
/ip4/127.0.0.1/tcp/4001
/ip6/::1/tcp/4001
[...]
12D3KooWQRAFuaXbhoNDBhLCVY9hLbRjF373Gn5idW1Z8KAQ7jas (3)
/ip4/10.1.1.222/tcp/4001
/ip4/127.0.0.1/tcp/4001
/ip6/::1/tcp/4001
If necessary, connect to another peer (this should be automatic when (re)starting the daemon:
ipfs-go swarm connect /ip4/10.1.1.222/tcp/4001/ipfs/12D3KooWQRAFuaXbhoNDBhLCVY9hLbRjF373Gn5idW1Z8KAQ7jas
(FreeBSD node)
ipfs swarm connect /ip4/10.1.1.20/tcp/4001/ipfs/12D3KooWKA3udX29qLsGVRxGpPuxp8VLgF3NBe4rp4rHsJWBCjsv
(Linux node)
List connected peers:
ipfs-go swarm peers
Now, add a file through ipfs to a node and retrieve it on another node:
echo "Hello World!" > helloworld.txt
ipfs-go add helloworld.txt
added QmfM2r8seH2GiRaC4esTjeraXEachRt8ZsSeGaWTPLyMoG helloworld.txt
13 B / 13 B [==========================================================] 100.00%
(FreeBSD node)
ipfs cat QmfM2r8seH2GiRaC4esTjeraXEachRt8ZsSeGaWTPLyMoG
Hello World!
(Linux node)
Last, check that the file can't be accessed on a public IPFS Gateway (through its CID): A list of public IPFS Gateways is provided here:
https://ipfs.github.io/public-gateway-checker/
If these two last steps are working, then your private ipfs network is ready: the ipfs_UnArch binaries will work the same on each node.
To (re)start with a clean environment/installation, remove everything related to ipfs on the system:
rm -Rf ~/.ipfs
mkdir ~/.ipfs
If you can't connect to other nodes, first check your firewall, then ensure that each node allows connections on the appropriate interface
vim ~/.ipfs/config
If necessary, the Addresses configuration section may be changed like this:
"Addresses": {
"API": "/ip4/0.0.0.0/tcp/5001",
"Announce": [],
"AppendAnnounce": [],
"Gateway": "/ip4/0.0.0.0/tcp/8080",
(With 0.0.0.0 meaning "any configured network interface")
Note that the web ui files are not part of the ipfs package and must be retrieved through ipfs when first accessing the UI. As a consequence, they won't be available in a private environment if they were not retrieved before the external bootstrap nodes are removed. To learn how to first set up an ipfs node in a public environment, read How to quickly set up your first ipfs node (public environment).
sudo vim /etc/systemd/system/ipfs.service
Copy and paste the unit file definition. Make sure to change the User, so it corresponds to the account you have on your server.
[Unit]
Description=IPFS Daemon
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=simple
ExecStart=/usr/bin/ipfs daemon
User=<user running ipfs>
[Install]
WantedBy=multi-user.target
If necessary, edit the path in ExecStart to point to the ipfs binary.
You must also replace <user running ipfs> with the user account that should run IPFS.
Run the daemon with --enable-namesys-pubsub if you want fast IPNS updates : IPNS is an IPFS naming system that allows mutable URLs.
After editing the unit file, reload the daemon, then enable the service to start on boot, start it and check its status.
sudo systemctl daemon-reload
sudo systemctl enable ipfs
sudo systemctl start ipfs
sudo systemctl status ipfs
sudo journalctl | grep ipfs
/etc/rc.conf
ipfs_enable = "YES"
Then start the service and check its status
service ipfs start
service ipfs status
Ce document a été publié le 2024-05-16 12:15:50. (Dernière mise à jour : 2024-05-17 09:56:49.)