-
Notifications
You must be signed in to change notification settings - Fork 41
Setup hash subdomain proxying #81
Comments
@kyledrake you do this, right? |
Yes, hshca was used to implement the IPFS archive viewer. I whipped together a very primitive proxy that's doing the work of translating: https://github.com/neocities/hshca-proxy |
I think this would be a nice to have for infra in the near future. we may not have bandwidth for it atm. but of course, PRs accepted. |
A little tangential, but another thing that I thought would be a good way to drive adoption, is to make a webhook for github pages that publishes the site to ipfs and makes it available under |
@davidar that would be great! |
@eefahy Can you detail what ready means here? Is this available? :) |
Hi @jeluard - the |
At Status we are currently using a Lua server {
listen 443 ssl;
# This regex allows us to detect which sub domain was used
server_name ~^(?<domain_hash>\w+).ipfs.example.org;
# SSL certs ommitted
location / {
# Rewrite to proxy to Infura IPFS by converting
# base32 hash to a base58 hash for /ipfs/ path
rewrite_by_lua_file /etc/nginx/b32tob58.lua;
# proxy the request to Infura
proxy_pass https://ipfs.infura.io;
proxy_redirect off;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
} Might help you do something similar. |
Hi all! I'm on the Infra team and help run the ipfs gateways and would like to move this ticket forward. There are a couple of prerequisites but it is something I'd like to see happen in the reasonably near future. First and foremost, there are security concerns around user-published content in arbitrary subdomains for something like
|
I believe a proxy aware of subdomain transformation would remove the need for |
Might make sense to have the ipfs.io -> *.dweb.link redirects only for browsers -- the security concern only applies in browsers, and other clients (tools, automated things, apps) will likely not expect or deal with redirects. |
For anyone randomly finding this issue: |
With upstream support, I've been able to roll this change out to the production Gateways. go-ipfs will handle the base conversion, nginx is just acting as a simple reverse proxy. |
It could be awesome if we had a cluster that proxied
<hash>.gateway.ipfs.io
togateway.ipfs.io/ipfs/<hash>
This is useful for many different cases:
(see https://github.com/neocities/hshca/)
The text was updated successfully, but these errors were encountered: