Skip to content
/ rainbow Public

A specialized IPFS HTTP gateway

License

Unknown, MIT licenses found

Licenses found

Unknown
LICENSE-APACHE
MIT
LICENSE-MIT
Notifications You must be signed in to change notification settings

ipfs/rainbow

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation


Rainbo logo
Rainbow

A to-be-released production-grade IPFS HTTP Gateway written in Go (using Boxo).

Official Part of IPFS Project Discourse Forum Matrix ci coverage GitHub release godoc reference


About

Rainbow is an implementation of the IPFS HTTP Gateway API, based on boxo which is the tooling that powers Kubo IPFS implementation. It uses the same Go code as the HTTP gateway in Kubo, but is fully specialized to just be a gateway:

  • Rainbow acts as Amino DHT and Bitswap client only.
  • Rainbow does not pin, or permanently store any content. It is just meant to act as gateway to content present in the network.
  • Rainbow settings are optimized for production deployments and streamlined for specific choices (flatfs datastore, writethrough uncached blockstore etc.)
  • Denylist and denylist subscription support is included.
  • And more to come...

Building

go build

Running

rainbow

Use rainbow --help for documentation.

Docker

Automated Docker container releases are available from the Github container registry:

  • 🟢 Releases
    • latest always points at the latest stable release
    • vN.N.N point at a specific release tag
  • 🟠 Unreleased developer builds
    • main-latest always points at the HEAD of the main branch
    • main-YYYY-DD-MM-GITSHA points at a specific commit from the main branch
  • ⚠️ Experimental, unstable builds
    • staging-latest always points at the HEAD of the staging branch
    • staging-YYYY-DD-MM-GITSHA points at a specific commit from the staging branch
    • This tag is used by developers for internal testing, not intended for end users

When using Docker, make sure to pass necessary config via -e:

$ docker pull ghcr.io/ipfs/rainbow:main-latest
$ docker run --rm -it --net=host -e RAINBOW_SUBDOMAIN_GATEWAY_DOMAINS=dweb.link ghcr.io/ipfs/rainbow:main-latest

See /docs/environment-variables.md.

Configuration

CLI and Environment Variables

Rainbow can be configured via command-line arguments or environment variables.

See rainbow --help and /docs/environment-variables.md for information on the available options.

Rainbow uses a --datadir (or RAINBOW_DATADIR environment variable) as location for persisted data. It defaults to the folder in which rainbow is run.

Peer Identity

Using a key file: By default generates a libp2p.key in its data folder if none exist yet. This file stores the libp2p peer identity.

Using a seed + index: Alternatively, random can be initialized with a 32-byte, b58 encoded seed and a derivation index. This allows to use the same seed for multiple instances of rainbow, and only change the derivation index.

The seed and index can be provided as command line arguments or environment vars (--seed , --seed-index). The seed can also be provided as a seed file in the datadir folder. A new random seed can be generated with:

rainbow gen-seed > seed

To facilitate the use of rainbow with systemd LoadCredential= directive, we look for both libp2p.key and seed in $CREDENTIALS_DIRECTORY first.

Denylists

Rainbow can subscribe to append-only denylists using the --denylists flag. The value is a comma-separated list of URLs to subscribe to, for example: https://denyli.st/badbits.deny. This will download and update the denylist automatically when it is updated with new entries.

Denylists can be manually placed in the $RAINBOW_DATADIR/denylists folder too.

See NoPFS for an explanation of the denylist format. Note that denylists should only be appended to while Rainbow is running. Editing differently, or adding new denylist files, should be done with Rainbow stopped.

Blockstores

Rainbow ships with a number of possible blockstores for the purposes of caching data locally. Because Rainbow, as a gateway-only IPFS implementation, is not designed for long-term data storage there are no long term guarantees of support for any particular backing data storage.

See Blockstores for more details.

Garbage Collection

Over time, the datastore can fill up with previously fetched blocks. To free up this used disk space, garbage collection can be run. Garbage collection needs to be manually triggered. This process can also be automated by using a cron job.

By default, the API route to trigger GC is http://$RAINBOW_CTL_LISTEN_ADDRESS/mgr/gc. The BytesToFree parameter must be passed in order to specify the upper limit of how much disk space should be cleared. Setting this parameter to a very high value will GC the entire datastore.

Example cURL commmand to run GC:

curl -v --data '{"BytesToFree": 1099511627776}' http://127.0.0.1:8091/mgr/gc

Logging

While the logging can be controlled via environment variable it is also possible to dynamically modify the logging at runtime.

  • http://$RAINBOW_CTL_LISTEN_ADDRESS/mgr/log/level?subsystem=<system name or * for all system>&level=<level> will set the logging level for a subsystem
  • http://$RAINBOW_CTL_LISTEN_ADDRESS/mgr/log/ls will return a comma separated list of available logging subsystems

Purging Peer Connections

Connections to a specific peer, or to all peers, can be closed and the peer information removed from the peer store. This can be useful to help determine if the presence/absence of a connection to a peer is affecting behavior. Be aware that purging a connection is inherently racey as it is possible for the peer to reestablish a connection at any time following a purge.

If RAINBOW_DHT_SHARED_HOST=false this endpoint will not show peers connected to DHT host, and only list ones used for Bitswap.

  • http://$RAINBOW_CTL_LISTEN_ADDRESS/mgr/purge?peer=<peer_id> purges connection and info for peer identifid by peer_id
  • http://$RAINBOW_CTL_LISTEN_ADDRESS/mgr/purge?peer=all purges connections and info for all peers
  • http://$RAINBOW_CTL_LISTEN_ADDRESS/mgr/peers returns a list of currently connected peers

Example cURL commmand to show connected peers and purge peer connection:

curl http://127.0.0.1:8091/mgr/peers
curl http://127.0.0.1:8091/mgr/purge?peer=QmQzqxhK82kAmKvARFZSkUVS6fo9sySaiogAnx5EnZ6ZmC

Tracing

See docs/tracing.md.

Deployment

Suggested method for self-hosting is to run a prebuilt Docker image.

An ansible role to deploy Rainbow is available within the ipfs.ipfs collection in Ansible Galaxy (https://github.com/ipfs-shipyard/ansible). It includes a systemd service unit file.

Release

  1. Create a PR from branch release-vX.Y.Z against main that:
    1. Tidies the CHANGELOG.md with the changes for the current release
    2. Updates the version.json file
  2. Once the release checker creates a draft release, copy-paste the changelog into the draft
  3. Merge the PR, the release will be automatically created once the PR is merged

License

Dual-licensed under MIT + Apache 2.0