I am trying to make one of my cluster nodes writable from outside.
I created a username and password for basic authentication and put them in the service.json file:
"basic_auth_credentials": {
"Wy6ZDD4VeFkXa2H": "7wuUoGZZpNJD39Q"
}
The following commands worked ON the machine with ipfs-cluster-service running:
ipfs-cluster-ctl -basic-auth "Wy6ZDD4VeFkXa2H:7wuUoGZZpNJD39Q" -force-http peers ls
ipfs-cluster-ctl -basic-auth "Wy6ZDD4VeFkXa2H:7wuUoGZZpNJD39Q" -force-http id
However, these did NOT work remotely:
curl --basic --user Wy6ZDD4VeFkXa2H:7wuUoGZZpNJD39Q http://xxx.xxx.xxx.xxx:9094/id
curl --basic --user Wy6ZDD4VeFkXa2H:7wuUoGZZpNJD39Q https://xxx.xxx.xxx.xxx:9094/id
Error:
curl: (7) Failed to connect to xxx.xxx.xxx.xxx port 9094: Connection refused
So, I followed some info I got here:
and I generated an ssl_cert_file and ssl_key_file on the server with this command:
openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout server.key -out server.crt
Then I put the files in a directory of their own, and put the absolute paths in the service.json file:
"ssl_cert_file": "/root/certificates/server.pem",
"ssl_key_file": "/root/certificates/server.key",
However, now local commands and remote commands BOTH fail:
Local:
ipfs-cluster-ctl -basic-auth "Wy6ZDD4VeFkXa2H:7wuUoGZZpNJD39Q" id
Gets me this:
An error occurred:
Code: 0
Message: Get https://127.0.0.1:9094/id: dial tcp 127.0.0.1:9094: connect: connection refused
I also get the same error locally if I try to run this command:
ipfs-cluster-ctl id
Remote:
curl --basic --user Wy6ZDD4VeFkXa2H:7wuUoGZZpNJD39Q http://xxx.xxx.xxx.xxx:9094/id
Gets me this:
curl: (7) Failed to connect to 142.93.113.86 port 9094: Connection refused
I guess I am not working with these certificates correctly, or I have skipped some important configuration step.
Any ideas on what I am doing wrong?