#!/bin/sh set -e # Expose API and Gateway inside container. Do NOT publish API outside docker network. ipfs config Addresses.API /ip4/0.0.0.0/tcp/5001 ipfs config Addresses.Gateway /ip4/0.0.0.0/tcp/8080 # Gateway should not fetch from the wider network; serve only local content ipfs config --json Gateway.NoFetch true # DHT client mode with accelerated providing ipfs config --json Routing '{ "Type": "dhtclient", "AcceleratedDHTClient": true }' # Reprovider config name changed in go-ipfs 0.38+. Try the new key first, then fall back. PROVIDER_CFG='{ "Interval": "22h", "Strategy": "pinned+mfs", "Enabled": true }' if ! ipfs config --json Provide "$PROVIDER_CFG" 2>/dev/null; then ipfs config --json Reprovider "$PROVIDER_CFG" fi # Keep connection manager within reasonable bounds ipfs config --json Swarm.ConnMgr '{ "Type": "basic", "LowWater": 50, "HighWater": 200, "GracePeriod": "20s" }' SWARM_KEY_PATH="/data/ipfs/swarm.key" # Helpers to apply optional JSON blobs from env set_json_if_present() { # $1 - config path, $2 - env value if [ -n "$2" ]; then ipfs config --json "$1" "$2" fi } # Disable AutoConf only when running with a private swarm key if [ -f "$SWARM_KEY_PATH" ] && [ -s "$SWARM_KEY_PATH" ]; then ipfs config --json AutoConf.Enabled false ipfs config --json AutoTLS.Enabled false ipfs config --json Bootstrap "[]" ipfs config --json DNS.Resolvers "{}" ipfs config --json Ipns.DelegatedPublishers "[]" ipfs config --json Swarm.Transports.Network '{ "TCP": true, "Websocket": false }' ipfs config --json Peering.Peers "[]" else ipfs config --json AutoConf.Enabled true fi set_json_if_present Bootstrap "${IPFS_PRIVATE_BOOTSTRAP:-}" set_json_if_present Peering.Peers "${IPFS_PEERING_PEERS:-}" set_json_if_present Addresses.Announce "${IPFS_ANNOUNCE_ADDRESSES:-}" if [ -z "${IPFS_NOANNOUNCE_ADDRESSES:-}" ]; then ipfs config --json Addresses.NoAnnounce '["/ip4/127.0.0.1","/ip6/::1"]' else set_json_if_present Addresses.NoAnnounce "${IPFS_NOANNOUNCE_ADDRESSES}" fi if [ -n "${IPFS_SWARM_ANNOUNCE_PRIVATE:-}" ]; then set_json_if_present Swarm.AddrFilters "${IPFS_SWARM_ANNOUNCE_PRIVATE}" fi # CORS for RPC API (visible only in docker network) ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '["*"]' ipfs config --json API.HTTPHeaders.Access-Control-Allow-Methods '["PUT","POST","GET"]' echo "IPFS init script applied"