I’m trying to set up an IPFS node so that I can use it as a gateway.
To do that, I’ve followed this guide: The definite guide to your high-performance IPFS Gateway | DSLA Protocol Blog
It runs on a google cloud virtual machine with Debian.
However, when I try to test connectivity and CORS I get the following error log:
* Expire in 0 ms for 6 (transfer 0x55b7d7b60fb0)
* Trying 0.0.0.0...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x55b7d7b60fb0)
* connect to 0.0.0.0 port 5001 failed: Connection refused
* Failed to connect to 0.0.0.0 port 5001: Connection refused
* Closing connection 0
curl: (7) Failed to connect to 0.0.0.0 port 5001: Connection refused
Test command:
curl -v -H "Origin: http://test.com" \
-H "Access-Control-Request-Method: POST" \
-H "Access-Control-Request-Headers: X-Requested-With" \
http://0.0.0.0:5001/api/v0/swarm/peers
HTTPHeaders section of my IPFS config file:
"HTTPHeaders": {
"Access-Control-Allow-Headers": [
"X-Requested-With",
"Access-Control-Expose-Headers",
"Range"
], "Access-Control-Expose-Headers": [
"Location",
"Ipfs-Hash"
], "Access-Control-Allow-Methods": [
"POST",
"GET"
], "Access-Control-Allow-Origin": [
"*"
], "X-Special-Header": [
"Access-Control-Expose-Headers: Ipfs-Hash"
]
},"RootRedirect": "",
"Writable": true,
"PathPrefixes": [],
"APICommands": []
nginx.conf
user manage; ## Default: nobody
worker_processes 5; ## Default: 1
worker_rlimit_nofile 8192;
events {
worker_connections 4096; ## Default: 1024
}
http {
include /etc/nginx/fastcgi.conf;
index index.html index.htm index.php;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
sendfile on;
tcp_nopush on;
server_names_hash_bucket_size 128; # this seems to be required for some vhosts
server {
server_name example.com; # managed by Certbot
location /ipfs {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
allow all;
}
location / {
proxy_pass http://localhost:5001;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
deny all; # <- Deny other traffic
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = recall.network) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name recall.network;
return 404; # managed by Certbot
}
}