diff --git a/bin-linux/identity b/bin-linux/identity new file mode 100755 index 0000000..dff0783 Binary files /dev/null and b/bin-linux/identity differ diff --git a/pkg/environments/production/installers.go b/pkg/environments/production/installers.go index f9b490e..67955d7 100644 --- a/pkg/environments/production/installers.go +++ b/pkg/environments/production/installers.go @@ -90,8 +90,8 @@ type IPFSClusterPeerInfo = installers.IPFSClusterPeerInfo // InitializeIPFSRepo initializes an IPFS repository for a node (unified - no bootstrap/node distinction) // If ipfsPeer is provided, configures Peering.Peers for peer discovery in private networks -func (bi *BinaryInstaller) InitializeIPFSRepo(ipfsRepoPath string, swarmKeyPath string, apiPort, gatewayPort, swarmPort int, ipfsPeer *IPFSPeerInfo) error { - return bi.ipfs.InitializeRepo(ipfsRepoPath, swarmKeyPath, apiPort, gatewayPort, swarmPort, ipfsPeer) +func (bi *BinaryInstaller) InitializeIPFSRepo(ipfsRepoPath string, swarmKeyPath string, apiPort, gatewayPort, swarmPort int, bindIP string, ipfsPeer *IPFSPeerInfo) error { + return bi.ipfs.InitializeRepo(ipfsRepoPath, swarmKeyPath, apiPort, gatewayPort, swarmPort, bindIP, ipfsPeer) } // InitializeIPFSClusterConfig initializes IPFS Cluster configuration (unified - no bootstrap/node distinction) diff --git a/pkg/environments/production/installers/ipfs.go b/pkg/environments/production/installers/ipfs.go index e2435d4..00cce24 100644 --- a/pkg/environments/production/installers/ipfs.go +++ b/pkg/environments/production/installers/ipfs.go @@ -123,7 +123,7 @@ func (ii *IPFSInstaller) Configure() error { // InitializeRepo initializes an IPFS repository for a node (unified - no bootstrap/node distinction) // If ipfsPeer is provided, configures Peering.Peers for peer discovery in private networks -func (ii *IPFSInstaller) InitializeRepo(ipfsRepoPath string, swarmKeyPath string, apiPort, gatewayPort, swarmPort int, ipfsPeer *IPFSPeerInfo) error { +func (ii *IPFSInstaller) InitializeRepo(ipfsRepoPath string, swarmKeyPath string, apiPort, gatewayPort, swarmPort int, bindIP string, ipfsPeer *IPFSPeerInfo) error { configPath := filepath.Join(ipfsRepoPath, "config") repoExists := false if _, err := os.Stat(configPath); err == nil { @@ -164,7 +164,7 @@ func (ii *IPFSInstaller) InitializeRepo(ipfsRepoPath string, swarmKeyPath string // Configure IPFS addresses (API, Gateway, Swarm) by modifying the config file directly // This ensures the ports are set correctly and avoids conflicts with RQLite on port 5001 fmt.Fprintf(ii.logWriter, " Configuring IPFS addresses (API: %d, Gateway: %d, Swarm: %d)...\n", apiPort, gatewayPort, swarmPort) - if err := ii.configureAddresses(ipfsRepoPath, apiPort, gatewayPort, swarmPort); err != nil { + if err := ii.configureAddresses(ipfsRepoPath, apiPort, gatewayPort, swarmPort, bindIP); err != nil { return fmt.Errorf("failed to configure IPFS addresses: %w", err) } @@ -223,7 +223,7 @@ func (ii *IPFSInstaller) InitializeRepo(ipfsRepoPath string, swarmKeyPath string } // configureAddresses configures the IPFS API, Gateway, and Swarm addresses in the config file -func (ii *IPFSInstaller) configureAddresses(ipfsRepoPath string, apiPort, gatewayPort, swarmPort int) error { +func (ii *IPFSInstaller) configureAddresses(ipfsRepoPath string, apiPort, gatewayPort, swarmPort int, bindIP string) error { configPath := filepath.Join(ipfsRepoPath, "config") // Read existing config @@ -246,7 +246,7 @@ func (ii *IPFSInstaller) configureAddresses(ipfsRepoPath string, apiPort, gatewa // Update specific address fields while preserving others // Bind API and Gateway to localhost only for security - // Swarm binds to all interfaces for peer connections + // Swarm binds to the WireGuard IP so it's only reachable over the VPN addresses["API"] = []string{ fmt.Sprintf("/ip4/127.0.0.1/tcp/%d", apiPort), } @@ -254,8 +254,7 @@ func (ii *IPFSInstaller) configureAddresses(ipfsRepoPath string, apiPort, gatewa fmt.Sprintf("/ip4/127.0.0.1/tcp/%d", gatewayPort), } addresses["Swarm"] = []string{ - fmt.Sprintf("/ip4/0.0.0.0/tcp/%d", swarmPort), - fmt.Sprintf("/ip6/::/tcp/%d", swarmPort), + fmt.Sprintf("/ip4/%s/tcp/%d", bindIP, swarmPort), } config["Addresses"] = addresses diff --git a/pkg/environments/production/orchestrator.go b/pkg/environments/production/orchestrator.go index 767f2ae..60e6850 100644 --- a/pkg/environments/production/orchestrator.go +++ b/pkg/environments/production/orchestrator.go @@ -441,7 +441,7 @@ func (ps *ProductionSetup) Phase2cInitializeServices(peerAddresses []string, vps // Initialize IPFS repo with correct path structure // Use port 4501 for API (to avoid conflict with RQLite on 5001), 8080 for gateway (standard), 4101 for swarm (to avoid conflict with LibP2P on 4001) ipfsRepoPath := filepath.Join(dataDir, "ipfs", "repo") - if err := ps.binaryInstaller.InitializeIPFSRepo(ipfsRepoPath, filepath.Join(ps.oramaDir, "secrets", "swarm.key"), 4501, 8080, 4101, ipfsPeer); err != nil { + if err := ps.binaryInstaller.InitializeIPFSRepo(ipfsRepoPath, filepath.Join(ps.oramaDir, "secrets", "swarm.key"), 4501, 8080, 4101, vpsIP, ipfsPeer); err != nil { return fmt.Errorf("failed to initialize IPFS repo: %w", err) }