diff --git a/README.md b/README.md index 0179177569f..2ed768e3da1 100644 --- a/README.md +++ b/README.md @@ -338,6 +338,15 @@ When starting a container running ipfs for the first time with an empty data dir docker run -d --name ipfs_host -e IPFS_PROFILE=server -v $ipfs_staging:/export -v $ipfs_data:/data/ipfs -p 4001:4001 -p 127.0.0.1:8080:8080 -p 127.0.0.1:5001:5001 ipfs/go-ipfs:latest +It is possible to initialize the container with a swarm key file (`/data/ipfs/swarm.key`) using the variables `IPFS_SWARM_KEY` and `IPFS_SWARM_KEY_FILE`. The `IPFS_SWARM_KEY` creates `swarm.key` with the contents of the variable itself, whilst `IPFS_SWARM_KEY_FILE` copies the key from a path stored in the variable. The `IPFS_SWARM_KEY_FILE` **overwrites** the key generated by `IPFS_SWARM_KEY`. + + docker run -d --name ipfs_host -e IPFS_SWARM_KEY= -v $ipfs_staging:/export -v $ipfs_data:/data/ipfs -p 4001:4001 -p 127.0.0.1:8080:8080 -p 127.0.0.1:5001:5001 ipfs/go-ipfs:latest + +The swarm key initialization can also be done using docker secrets **(requires docker swarm or docker-compose)**: + + cat your_swarm.key | docker secret create swarm_key_secret - + docker run -d --name ipfs_host --secret swarm_key_secret -e IPFS_SWARM_KEY_FILE=/run/secrets/swarm_key_secret -v $ipfs_staging:/export -v $ipfs_data:/data/ipfs -p 4001:4001 -p 127.0.0.1:8080:8080 -p 127.0.0.1:5001:5001 ipfs/go-ipfs:latest + ### Troubleshooting If you have previously installed IPFS before and you are running into problems getting a newer version to work, try deleting (or backing up somewhere else) your IPFS config directory (~/.ipfs by default) and rerunning `ipfs init`. This will reinitialize the config file to its defaults and clear out the local datastore of any bad entries. diff --git a/bin/container_daemon b/bin/container_daemon index 99742fcc28c..8fe429036a7 100755 --- a/bin/container_daemon +++ b/bin/container_daemon @@ -24,6 +24,33 @@ else ipfs init $INIT_ARGS ipfs config Addresses.API /ip4/0.0.0.0/tcp/5001 ipfs config Addresses.Gateway /ip4/0.0.0.0/tcp/8080 + + # Set up the swarm key, if provided + + SWARM_KEY_FILE="$repo/swarm.key" + SWARM_KEY_PERM=0400 + + # Create a swarm key from a given environment variable + if [ ! -z "$IPFS_SWARM_KEY" ] ; then + echo "Copying swarm key from variable..." + echo -e "$IPFS_SWARM_KEY" >"$SWARM_KEY_FILE" || exit 1 + chmod $SWARM_KEY_PERM "$SWARM_KEY_FILE" + fi + + # Unset the swarm key variable + unset IPFS_SWARM_KEY + + # Check during initialization if a swarm key was provided and + # copy it to the ipfs directory with the right permissions + # WARNING: This will replace the swarm key if it exists + if [ ! -z "$IPFS_SWARM_KEY_FILE" ] ; then + echo "Copying swarm key from file..." + install -m $SWARM_KEY_PERM "$IPFS_SWARM_KEY_FILE" "$SWARM_KEY_FILE" || exit 1 + fi + + # Unset the swarm key file variable + unset IPFS_SWARM_KEY_FILE + fi exec ipfs "$@"