Hello, I have a private IPFS-Cluster setup. We want to handle a disastrous scenario when an attacker remove or encrypt part of the blocks folder.
But I found no way to detect or alert that data is missing / corrupt. The files are still marked as pinned, and the other nodes still provide the file. The only thing I found is that GC fail to run on these CIDs, but I don’t want to run GC so often to avoid data loss. Is this possible ?
Also, I don’t know how to resync/override corrupts files, unless I delete and re-add the file, but in the case I don’t have the file, I don’t know how to recover it (given I still have nodes which have the file). What can I do ?
Thanks in advance
ipfs has an ipfs pin verify command that might help.
In general, if one node crashes or is deleted, you can clean it up and cluster will repin things and IPFS will have to re-fetch things when that happens. You can also unpin everything directly via ipfs unpin and cluster will automatically trigger pin add again. At that point ipfs should re-download any content that is not on disk.
If files are corrupted, I would rm -rf blocks/ first, as that is just going to be a source of errors (i.e. block hashes not matching CIDs etc).
Thanks, the verify function helps a lot a the unpinning trick worked great, just had to run a ipfs-cluster-ctl recover after that to repin and sync files.