examples icon indicating copy to clipboard operation
examples copied to clipboard
verified publisher icon ipfs-inactive

Cannot create private IPFS with 'ipfs bootstrap'

Open hoanghs13 opened this issue 9 years ago • 5 comments

Hello,

I followed the example about how to use 'ipfs bootstrap' to create a private ipfs where only my personal nodes can read data from each other and data on those nodes won't be retrieved via ipfs.io/ipfs/file_hash but it didn't work as I expected.

All I did is following:

  • Install IPFS on computer A and computer B.
  • Run ipfs bootstrap rm --all to remove all default peers on computer A and computer B.
  • On computer A run ipfs bootstrap add _computer_B_hash_address
  • On computer B run ipfs bootstrap add _computer_A_hash_address => Result: files which are hashed now still available to be retrieved from ipfs.io/ipfs/file_hash. Even when I remove all default peers, I can still get the files from ipfs.io/ipfs/file_hash

So can someone tell me what I missed or if I misunderstood any point about ipfs bootstrap functionality.

Thank you in advance and I'm looking forward to your response!

Hoang

hoanghs13 avatar Aug 30 '16 02:08 hoanghs13

@hoanghs13 did you access those files through the gateway before restricting your bootstrap peers? If so, the gateway nodes likely have cached the content youre looking at. Another possibility is that your daemon was running beforehand, connected to the main network and the network remebered your address through the dht, and reconnected to you externally.

To be more certain, start with two freshly 'init'ed ipfs repos, (never before connected to any network), clear all the bootstrap addresses, disable mdns (ipfs config Discovery.MDNS --json false) and then set up the new bootstrap addresses pointing to your peers. Once that is done then start up the daemons.

whyrusleeping avatar Aug 30 '16 02:08 whyrusleeping

Hi,

Thank you very much for your instant response!

did you access those files through the gateway before restricting your bootstrap peers? If so, the gateway nodes likely have cached the content youre looking at.

It's true that the gateway nodes cached files content if I have seen it once because when I switch the ipfs daemon, the content is still available for requests to its hash. But after restricting my bootstrap peers, newly added files are live in the public network too so I agree with the possibility that the network remembered my address and then connect with mine without querying my address via the default peers.

I did restart new repos like you said, didn't run daemon before specifyng my peers' addresses but it doesn't work either. Now I can't open localhost:5001/webui, the browser is just spinning and this error returned:

←[0;37m22:23:28.385 ←[31mERROR ←[0;34mcore/serve: ←[0mPath Resolve error: Failed
 to get block for QmU3o9bvfenhTKhxUakbYrLDnZU7HezAVxPM6Ehjw9Xjqy: context cancel
ed ←[0;37mgateway_handler.go:510←[0m

It looks like because I restricted other address to access my files, the request from my computer for the content at QmU3o9bvfenhTKhxUakbYrLDnZU7HezAVxPM6Ehjw9Xjqy is also restricted so that I cannot get that data to run localhost:5001/webui.

Any idea to resolve this new problem? Thank you.

hoanghs13 avatar Aug 30 '16 03:08 hoanghs13

Hrm... getting the webui into a private network is an interesting problem.. @dignifiedquire @lgierth any ideas?

whyrusleeping avatar Aug 30 '16 05:08 whyrusleeping

We're going to have different distributions of go-ipfs, which e.g. include the webui, the websites, orbit, etc.

Right now it's probably easiest to either

  1. build the webui yourself, and ipfs add -r it, or
  2. use the tar/cat and tar/add on https://ipfs.io/api/v0/

ghost avatar Aug 30 '16 10:08 ghost

ipfs pin add 'current hash webui'

Spyder3W avatar Mar 01 '17 14:03 Spyder3W