Placing Sites on the IPFS Distributed File System

 

Placing sites in a distributed file system IPFS

causa-arcana.com

9 min

View Original

IPFS Logo

In the article “ Decentralized vs. distributed services ” {1} we cited IPFS (InterPlanerary File System) [2] as an example of a distributed system . It's time to talk about it in more detail, since it is one of the most promising distributed technologies.

What is IPFS?

IPFS is a global storage of immutable information. It works as a temporary cache, but it is also possible to use special services (paid or volunteer) that guarantee the safety of information.

What problems does IPFS solve?

IPFS should replace some features of HTTP (and HTTPS) due to problems with this protocol: [3]

• HTTP downloads a file from a single server instead of getting parts of it from multiple sources at the same time. This increases the load on this server and consumes its network traffic. IPFS reduces these costs. [4]
• HTTP requires that the server from which the file is being downloaded be present at that moment at the address specified in the link. This results in an average web page lifetime of 100 days on the Internet. [5] IPFS acts as a web archive, allowing you to store useful information.
• HTTP relies on its underlying TCP, IP, and DNS protocols, which are managed by centralized organizations, and are therefore subject to snooping and censorship. IPFS does not depend on the underlying protocols and the existence of a direct connection to the Internet at all.
• HTTP allows you to replace the given content. While it is vital for many tasks to keep it up to date, some files and web pages must remain unchanged. In IPFS, a file identifier uniquely identifies its contents.

IPFS device

IPFS is based on a few simple principles: [6]

• Each file and directory is assigned a unique identifier (CID - Content Identifier) ​​based on the application of a cryptographic hash function to its content . Same files get the same ID, different files get different IDs. [7]
• The network eliminates duplication . For example, if some of the files have not changed when loading a new version of the directory, then they will be divided between the new and previous versions.
• Content addressing is carried out by its unique identifier (content addressing), that is, it does not depend on its actual position in the network. [7]
• Each node contains only the information it is interested in , as well as some additional information needed to search for files on the network (DHT - Distributed Hash Table). [8]

See the whitepaper [9] and documentation [10] for more details .

ATTENTION! IPFS is a completely public network. Any file placed in it is available to every member of the network. Use encryption to restrict access. It is also possible to create a private network based on IPFS. Read the documentation [11] for more details .

Content fixation

IPFS by default does not provide any guarantees that files will be stored on the network. As already mentioned, nodes only store the files they use.

There is a mechanism for saving files (pinning [12] ). There are several scenarios for its use:

• You can attach the file to your work computer or laptop. At the same time, it will always be available to you, even if you do not have access to the Internet, but other network users will not be able to access it when you are offline.
• You can run an IPFS node on a server that is running all the time. In this case, the file will always be available, however, there will be costs for maintaining the server (payment for VDS services, administration).
• You can pin a file on someone else's IPFS server by personally contacting its administrator, as well as using the web interface or service API, if any.

For reliability, you should use all methods and pin files on several nodes. The more nodes a file holds, the less likely it is to be lost if the node is closed.

At the moment, the only automatic file fixing service known to us in IPFS is Pinata [13] . It provides 1 GB for free, beyond that, storage costs $0.15 per month for 1 GB.

Gateways

Access to files hosted in IPFS requires the installation of special software [14] The IPFS Companion web browser extension [15] makes the experience of interacting in a web browser with pages from IPFS indistinguishable from interacting with ordinary web pages. IPFS Desktop [16] allows the average user to easily use IPFS. For server administrators or advanced users, installation is possible using ipfs-update [17] , from binary repositories [18] or by compiling from source [19] .

The need to install software, even if it is not very difficult, severely limits the potential of IPFS. To solve this problem, gateways (gateways [20] ) were invented - ordinary websites that serve content from IPFS.

How it works? Let's say there is a file in IPFS with the address ipfs://bafybeifoottvirj3crpx66qdsey7lxlp6qwk57wl37xygjqymeobwixy5e/concepts/ipfs-gateway/. Traditional software is not able to open such addresses. Therefore, we can form a regular link: https://ipfs.io/ipfs/bafybeifoottvirj3crpx66qdsey7lxlp6qwk57wl37xygjqymeobwixy5e/concepts/ipfs-gateway/. Here ipfs.iois the gateway that belongs to the developers of IPFS. It uses a way of resolving names via the request path. In general, the URL looks like this:

https://{URL шлюза}/ipfs/{CID}/{путь к ресурсу}

This way of resolving names has two drawbacks. First, if the file is a web page, then the links to it must be relative. Second, if the file is a web page containing an interactive single-page web application, then this is a security risk because the application runs on the same domain as other third-party applications.

Therefore, there is another way to resolve names through a subdomain. The link to our file in this case will look like https://bafybeifoottvirj3crpx66qdsey7lxlp6qwk57wl37xygjqymeobwixy5e.ipfs.dweb.link/concepts/ipfs-gateway/, where ipfs.dweb.linkis the gateway that supports this kind of name resolution. In general, the URL looks like this:

https://{CID}.ipfs.{URL шлюза}/{путь к ресурсу}

The list of gateways is available at https://ipfs.github.io/public-gateway-checker [21] . It must be understood that the use of third-party gateways eliminates the benefits of IPFS. One of the problems with third-party gateways is that they can easily perform a MitM (man-in-the-middle) attack, that is, change the content, but this is solved by using your own gateway, so you can use IPFS to host serious websites and web applications without causing inconvenience to users.

IPNS

Since IPFS uses content-based addressing, the slightest change completely changes the address. In order to have a permanent link to changing content, IPNS (InterPlanetary Name System) [22] is built on top of IPFS . This system is very simple. Using the private key, the node tells the network that it wants to publish to the address associated with this key the specified CID. This binding remains valid for a certain period of time, usually a day. To keep the address up-to-date, this operation needs to be repeated periodically, which can be automated, for example, using cron [23] .

Unfortunately, this process cannot be delegated to a third-party service, as is possible in the case of simple file storage, without transferring your private key to it. However, this allows you to distribute a website, for example, from an always-on home computer, even if it is behind NAT. The IPNS system is still under development. Perhaps in the future this limitation will be removed.

As an example, here is the permanent address of the Causa Arcana website in IPNS (through the gateway): https://k51qzi5uqu5ditckag7gw12c301kwxac5fpobs62i21uysuiry3bobotvbenmc.ipns.dweb.link [24] .

DNSLink

IPNS uses CID as identifier. This is a very long line that means nothing to a person, it is inconvenient to say it out loud and enter it manually. Thanks to DNSLink [25], it is possible to bind the contents of IPFS to a traditional domain name. For example, the website https://causa-arcana.com [26] works through DNSLink. In this case, users who have the IPFS software receive content from this network, and other users receive content through the gateway.

To bind a CID to a domain name, you need to create two records in DNS:

causa-arcana.com.          IN CNAME cloudflare-ipfs.com.
_dnslink.causa-arcana.com. IN TXT   "dnslink=/ipfs/bafybeic7vznjiq3tby7fezgdux6225x2pj3f6lkmrmivz3j4vbvb43yvhm"

Here cloudflare-ipfs.comis the gateway address that supports DNSLink.

The advantage of DNSLink over IPNS, in addition to having a more convenient website name and not having to have a server to constantly repeat the publishing process, is that the domain name of a particular gateway is not included in the link. If the gateway stopped working or blocked your website, then it is enough to choose another gateway and enter it in the DNS CNAME record. At the same time, this method involves linking to the traditional domain name system, which is centralized, censorship and withdrawal of the domain are possible in it.

Types of CIDs

There are two kinds of content identifiers:

• CIDv0 :QmesV3cwCMeweAMePKhPCkoKNh2A3cMgEYQwRPUUf3Cvy7
• CIDv1 :bafybeihvuei3zko5ao5v7k2tutds4b2fm7gcbc3mjete7ifkzsqayuq7ai

Although CIDv0 is still the default for content put on IPFS, it is not well suited for subdomains because it uses both uppercase and lowercase letters, while domain names are not case sensitive.

The same CIDv1 identifier can use different encodings:

• Base32 :bafzaajaiaejca2m4edvf5zdbgnbj5nvz2nm7chdtwzfcupmoaaarifdonsl7ibqu
• Base36 :k51qzi5uqu5ditckag7gw12c301kwxac5fpobs62i21uysuiry3bobotvbenmc

It is CIDv1 with Base36 encoding that is used for subdomains.

To convert between different types of CID, there is a CID Inspector service [27] .

Publishing a website to IPFS

You will need a GNU/Linux based operating system, command line skills, and the IPFS software [18] .

We create a website

Let's start by creating a simple website with two pages. Create an empty directory in your home directory and change into it:

$ cd
$ mkdir hello_ipfs
$ cd hello_ipfs

Also create a directory for the second page of the site. This is to demonstrate how relative links work:

$ mkdir subdir

In the top level directory, create a file index.html. Replace the letters after the word random(here it is 74eownSL2tdYBsXm) with any random letters. You can just press arbitrary letters on the keyboard.

<!DOCTYPE html>
<html>
  <head>
    <!-- random: 74eownSL2tdYBsXm -->
    <meta charset="utf-8"/>
    <title>Hello, IPFS!</title>
  </head>
  <body>
    <h1>Hello, IPFS!</h1>
    <a href="subdir/index.html">Subdir</a>
  </body>
</html>

In the directory, subdiralso create a file index.html. Similarly, replace the letters after the word random(here it is TKj20YgXq9fsqYTr) with random letters.

<!DOCTYPE html>
<html>
  <head>
    <!-- random: TKj20YgXq9fsqYTr -->
    <meta charset="utf-8"/>
    <title>Hello from subdir, IPFS!</title>
  </head>
  <body>
    <h1>Hello from subdir, IPFS!</h1>
    <a href="../index.html">Root</a>
  </body>
</html>

Putting a website on IPFS

Go to the root directory of your project and type the command ipfs add -r ., after which you should see something like the following text:

$ ipfs add -r .
added QmfGCviBGivYgbRGd1JfCgxhiXAUgszjwESBtVa9AoxFoW hello_ipfs/index.html
added QmdkXcfsSkpgaeh6GvQLBKVHsCoPEgBso7LW2rQdBoMgUo hello_ipfs/subdir/index.html
added QmPYofiX37wLX7ZDgxvsqNmqSDjDAzz3aurbgdZiSbyMGj hello_ipfs/subdir
added Qmd8QkqLB6xu1p6n6C3bWvtspidsPbx1gJ81fvXQiLdu6s hello_ipfs
 490 B / 490 B [========================================================] 100.00%

If you followed the instructions exactly and used random characters, then the CIDs indicated on each line after the word addedCID will differ from those presented. We are interested in the last CID (here it is Qmd8QkqLB6xu1p6n6C3bWvtspidsPbx1gJ81fvXQiLdu6s). Type it in the address bar of your web browser after any gateway address. You will get a similar link: https://ipfs.io/ipfs/Qmd8QkqLB6xu1p6n6C3bWvtspidsPbx1gJ81fvXQiLdu6s. If you click on it, you will see your website. A link from one of its pages should lead to the second, and vice versa.

Website pages

Просмотры: