Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ability to deny serving any Paths content on a gateway by default #10465

Open
3 tasks done
ntninja opened this issue Jul 29, 2024 · 0 comments
Open
3 tasks done

Add ability to deny serving any Paths content on a gateway by default #10465

ntninja opened this issue Jul 29, 2024 · 0 comments
Labels
kind/enhancement A net-new feature or improvement to an existing feature need/triage Needs initial labeling and prioritization

Comments

@ntninja
Copy link

ntninja commented Jul 29, 2024

Checklist

  • My issue is specific & actionable.
  • I am not suggesting a protocol enhancement.
  • I have searched on the issue tracker for my issue.

Description

Unless I’m missing something, it is currently impossible to prevent Kubo from exposing the /ipfs/ and /ipns/ paths for all domains that may ever point to it – one has to instead list every single domain that may access Kubo inside Gateway.PublicGateways, specifying Paths: [] for each of them.

This results in configuration like the following:

{
  "Gateway": {
    "PublicGateways": {
      "www.example.com": {
        "Paths": []
      },
      "example.com": {
        "Paths": []
      },
      "www.example.org": {
        "Paths": []
      },
      "example.org": {
        "Paths": []
      },
      "something-else.invalid": {
        "Paths": []
      },
      // …
    }
  }
}

… and if you forget anything you risk Kubo might become an open relay after all.

This happened on my server by accident since I had the front-end server forward traffic to Kubo on an extra domain name that ended up not having a DNSLink value set after a migration. Apparently bots (and maybe also people) found it and it made Kubo’s memory and disk usage rise to levels that overloaded the server until I restrained the application’s memory and disk usage for not knowing why it “misbehaved”. I wouldn’t be surprised if several of the “too high memory” issues opened here had a similar cause – it’s just too easy to mess this up.

Essentially I’d like to be able to write something like this to not have Kubo to be an open relay by default and only serve content if it can find a DNSLink record at the received Host domain:

{
  "Gateway": {
    "DefaultPaths": [],  // Sets default value for all hostnames
    "RequireDNSLink": true,  // Alternative that means the same thing
  }
}

I had also tried writing the following after discovery this based on the documentation but it didn’t have any effect:

{
  "Gateway": {
    "PublicGateways": {
      "*": {
        "Paths": []
      }
    }
  }
}

The only suggested workaround in the documentation that I could find was to use Gateway.NoFetch, but that seems too restrictive for many use-cases.

Maybe related to #4973.
@ntninja ntninja added the kind/enhancement A net-new feature or improvement to an existing feature label Jul 29, 2024
@lidel lidel added the need/triage Needs initial labeling and prioritization label Aug 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhancement A net-new feature or improvement to an existing feature need/triage Needs initial labeling and prioritization
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lidel @ntninja