| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- Add note explaining why enabling the Kubo daemon won't fully work immediately and requires logging in again
- Use `builtins.isList addrIn` instead of `builtins.typeOf addrIn == "list"`
- Fix indentation
(cherry picked from commit a4c451fd3757a0920bc8d4f41b8979609c2ff2a8)
|
|
In addition to increasing the maximum UDP receive buffer size in the Linux kernel, it is now recommended to do the same for the send buffer size.
This is documented in https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes.
The change to the documentation was made in June: https://github.com/quic-go/quic-go/wiki/UDP-Receive-Buffer-Size/_compare/5b5e58d2897751221fe7c42c28ddf4230462a60a.
Without this change, the Kubo daemon will output this warning:
```
failed to sufficiently increase send buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes for details.
```
This can be seen while running the NixOS tests.
(cherry picked from commit b2f8b846f2f3462c61c74adb9233bbee397d815d)
|
|
props: @cody4k for the fix
Fixes #268172
(cherry picked from commit 086604334a13f2b7fbd7489b52f53a2abb723ef0)
|
|
This fixes a panic of the kubo daemon which could occur under certain conditions when the daemon was starting.
It was caused by the `ipfs.service` unit not depending on the `ipfs-api.socket` and `ipfs-gateway.socket` units with `Wants=`. This allows the `ipfs.service` to be started manually or by `nixos-rebuild` without the sockets being set up before that. When that happens, the daemon won't know about these sockets and will only use what is set in `services.kubo.settings.Addresses.Gateway` and `services.kubo.settings.Addresses.API`. By default the `API` is an empty list in NixOS though. The daemon doesn't like this at all and panics on startup, see https://github.com/ipfs/kubo/issues/10056.
With this commit, starting `ipfs.service` will first set up the two sockets before starting the actual service.
Adding the `Sockets=` option implicitly adds a `Wants=` for the sockets and this is exactly what we need. See https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#Implicit%20Dependencies . This can be checked with `systemctl show ipfs.service`.
This should probably be upstreamed to the unit file in the Kubo repo.
The problem can be reproduced in the following way:
- Add `services.kubo.enable = true` to `/etc/nixos/configuration.nix`
- `sudo nixos-rebuild switch` (this may already fail, not sure why it's not deterministic for me)
- `sudo systemctl stop ipfs-api.socket`
- `sudo systemctl stop ipfs-gateway.socket`
- `sudo systemctl stop ipfs.service`
- `sudo systemctl start ipfs.service`
Fixes #248447.
(cherry picked from commit d4fcb44dcc6153ef982bd7fa87dca97bd3142796)
|
|
Using the script in maintainers/scripts/update-redirected-urls.sh
|
|
Fix descriptions that don't account for (1) the "Whether to enable"
prefix or (2) the automatically added trailing dot.
|
|
kubo: 0.22.0 -> 0.23.0
|
|
|
|
https://github.com/ipfs/kubo/releases/tag/v0.23.0
Support for /quic (Draft 29) was removed, so remove it from `services.kubo.settings.Addresses.Swarm`.
The changelog says that there have been some fixes to the FUSE mountpoint functionality but the test still requires the workaround, so leave that unchanged.
|
|
This would have broken eval and has broken the test.
|
|
|
|
kubo: 0.20.0 -> 0.21.0
|
|
|
|
|
|
|
|
nixos/ceph: add options to configure package used by each component
|
|
|
|
This makes updates following the upstream guide possible.
|
|
|
|
https://github.com/ipfs/kubo/releases/tag/v0.20.0
When creating a repository with `ipfs init`, `--empty-repo=true` is now the default according to the changelog. Modify the NixOS module to reflect this change and fix the `emptyRepo` setting to work with this change.
|
|
|
|
|
|
|
|
The daemon allows specifying an array of multiaddrs for Addresses.API and Addresses.Gateway, so the NixOS module should allow that as well.
|
|
Fixes https://github.com/NixOS/nixpkgs/issues/223289.
This doesn't reduce the security in any way since it was already possible for normal users to do what I do here and create such a fake repo for themselves and set their $IPFS_PATH variable to it. It was and still is also possible to just use the --api CLI option.
This change just removes the manual setup that would otherwise be required.
We wouldn't need this workaround if https://github.com/ipfs/kubo/pull/9366 was merged but the fix seems to have been ignored upstream. Patching it ourselves seems like a bad idea since the patch has security implications.
|
|
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
|
|
When kubo is force killed with `pkill -KILL ipfs` or by systemd-oomd,
it doesn't unmount /ipfs and /ipns. That prevents it
from starting up the next time. So, unmount on postStop.
|
|
|
|
|
|
According to https://github.com/ipfs/kubo/blob/v0.18.0/docs/config.md#addressesswarm, the default list of swarm multiaddrs includes QUICv1 and WebTransport since v0.18.0.
More information can be found in the release notes at https://github.com/ipfs/kubo/releases/tag/v0.18.0.
|
|
|
|
those are added by mkEnableOption, and .. is replaced to … by markdown
processing.
|
|
|
|
this converts meta.doc into an md pointer, not an xml pointer. since we
no longer need xml for manual chapters we can also remove support for
manual chapters from md-to-db.sh
since pandoc converts smart quotes to docbook quote elements and our
nixos-render-docs does not we lose this distinction in the rendered
output. that's probably not that bad, our stylesheet didn't make use of
this anyway (and pre-23.05 versions of the chapters didn't use quote
elements either).
also updates the nixpkgs manual to clarify that option docs support all
extensions (although it doesn't support headings at all, so heading
anchors don't work by extension).
|
|
Without this commit, unsetting any of the `services.kubo.settings` options does not reset the value back to the default. This commit gets rid of this statefulness.
This is achieved by generating the default config, applying the user specified config options to it and then patching the `Identity` and `Pinning` config options from the old config back in. This new config is then applied using `ipfs config replace`.
The only remaining stateful parts of the config are the `Identity` and `Pinning.RemoteServices` settings as those can't be changed with `ipfs config replace`. `Pinning.RemoteServices` also contains secrets that shouldn't be in the Nix store. Setting these options wasn't possible before as it would result in an error when the daemon tried to start. I added some assertions to guard against this case.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Go-IPFS was renamed to Kubo in version 0.14.0, see https://github.com/ipfs/kubo/issues/8959.
|
|
minor rendering changes.
|
|
rendering changes only slightly, most changes are in spacing.
|
|
conversions were done using https://github.com/pennae/nix-doc-munge
using (probably) rev f34e145 running
nix-doc-munge nixos/**/*.nix
nix-doc-munge --import nixos/**/*.nix
the tool ensures that only changes that could affect the generated
manual *but don't* are committed, other changes require manual review
and are discarded.
|
|
|
