Thanks for any help / advice in advance.
I have an IPFS node that I deployed on Digital Ocean quite some time ago (see Setup advice - use case) and everything is working quite well, as far as I can tell.
I can retrieve files using this gateway URL for example: Procedural Machinery.
The node swarms peers and I can also retrieve files using https://ipfs.io/ipfs/.
The API address is: https://ipfs.dgs-creative.com/api/v0 which I often use from my local machine.
I have configured the NGINX server there to use a proxy pass to authenticate API access, and that requires a JWT is attached as a parameter in the URL for all requests. I have IPFS destkop installed on my local machine and I would like to use it for my deployed node. Is there a way to configure that in the app, or will that require some kind of change to my node’s server configuration? The reason I have installed it this way is that I am working on a pinning service (for myself and a small group of students and friends), so I want to restrict access to the API. I am a developer but I still have much to learn about IPFS and other topics, so if portions of this question are a display of ignorance, I hope you will feel free to kindly correct me.
If I understand you correctly, you are trying to use the IPFS Web UI to interact with a remote Kubo node that is secured with a JWT token.
I should point out a new guide that we just published last week that covers how to set up Basic HTTP Auth in Kubo along with Caddy for TLS termination: Secure Kubo RPC with TLS and HTTP Auth | IPFS Docs
I just submitted a PR to improve the guide and also show how to configure CORS so that you can use the IPFS Web UI deployed at https://webui.ipfs.io/ with the configured Kubo RPC endpoint
Hopefully that helps, but once it’s configured this way, you can share the URL with the basic HTTP credentials and they will be able to interact and upload files to your IPFS Node.
Very helpful. In true “Murphy’s” fashion, I couldn’t get it working, and now when I put everything back the way it was, it is still not working - Hahaha - so I just took down my own node. Grrrr. It seems like it is my server with the JWTs but I am not sure (the node seems fine). I am going to reconfigure. I am using nginx (and quite inexperienced with it), so maybe I will try to set the whole thing up with Caddy. Here is the nginx config file contents if anyone wants to add value / comment / advice:
Hi Daniel,
I finally got everything going again. The node is back up and responding to requests on my custom domain, and I am able to access the API via JS code with my JWT. I used NGINX for my IPFS Node and for a stand alone AUTH server. I am wondering If its possible to access the webui with a JWT "Authorization: Bearer " header instead of a “basic username:password” schema. I am thinking about something like this:
{“url”:“https://ipfs.dgs-creative.com/",“headers”:{“Authorization”:"Bearer <INSERT_MY_JWT_HERE>”}}. I tried it in the “Custom API” input block on the webui page, but it would not work. Is it possible? This is how I make my API calls. Thanks.