Subdomain gateway behind Caddy

Help Kubo
1

Hi,

I’m trying to set up a subdomain IPFS gateway with Kubo. Everything runs behind a Caddy reverse proxy. The problem is that every CID, despite resolving via ipfs.v1rtl.site/ipfs/<cid> and being pinned, it returns 404.

$ curl https://bafybeieenkchlv6s5zaxr2tjnuxtufihlmpfo4u2xp5hf4a4lsxsizuo5q.ipfs.v1rtl.site
404 page not found

This is my Caddyfile:

ipfs.v1rtl.site {
        tls /etc/caddy/ssl/ipfs.v1rtl.site/fullchain.pem /etc/caddy/ssl/ipfs.v1rtl.site/privkey.pem

        reverse_proxy :8080
}

*.ipfs.v1rtl.site {
        tls /etc/caddy/ssl/ipfs.v1rtl.site/fullchain.pem /etc/caddy/ssl/ipfs.v1rtl.site/privkey.pem

        reverse_proxy :8080
}

I have also enabled subdomain gateways through Kubo config in ~/.ipfs/config:

// rest config
  "Gateway": {
    "HTTPHeaders": {},
    "RootRedirect": "",
    "NoFetch": false,
    "NoDNSLink": false,
    "DeserializedResponses": null,
    "DisableHTMLErrors": null,
    "PublicGateways": {
        "ipfs.v1rtl.site": {
                "UseSubdomains": true
        }
    }
  }
}

But then /ipfs/<cid> stops working. Can I make only subdomain gateway work somehow?

2

Try adding the "Paths" config option as follows:

// rest config
  "Gateway": {
    "HTTPHeaders": {},
    "RootRedirect": "",
    "NoFetch": false,
    "NoDNSLink": false,
    "DeserializedResponses": true,
    "DisableHTMLErrors": null,
    "PublicGateways": {
        "ipfs.v1rtl.site": {
                "UseSubdomains": true
                "Paths": ["/ipfs", "/ipns"]
        }
    }
  }
}
1 Like
3

This doesn’t seem to have any effect:

v1rtl@v1rtl ~ [35]> ipfs config show | grep -A7 PublicGateway
    "PublicGateways": {
      "ipfs.v1rtl.site": {
        "Paths": [
          "/ipfs",
          "/ipns"
        ],
        "UseSubdomains": true
      }
v1rtl@v1rtl ~> curl --head https://bafybeieenkchlv6s5zaxr2tjnuxtufihlmpfo4u2xp5hf4a4lsxsizuo5q.ipfs.v1rtl.site/
HTTP/2 404
4

That 404 you are getting is probably from Caddy (based on the fact it’s http/2, whereas Kubo is http/1.1).

Try adding the global debug to your Caddyfile:

{
	debug
}

ipfs.v1rtl.site {
        tls /etc/caddy/ssl/ipfs.v1rtl.site/fullchain.pem /etc/caddy/ssl/ipfs.v1rtl.site/privkey.pem

        reverse_proxy :8080
}

*.ipfs.v1rtl.site {
        tls /etc/caddy/ssl/ipfs.v1rtl.site/fullchain.pem /etc/caddy/ssl/ipfs.v1rtl.site/privkey.pem

        reverse_proxy :8080
}

And sharing the logs

5

Hm… I think the Kubo config has redundant ipfs..
Subdomain mode implies {cid}.ipfs. and {id}.ipns. will be used anyway, as a way of accessing every enabled namespace.

So for config with expliciut ipfs.v1rtl.site, the subdomain URL would have .ipfs.ipfs: https://bafybeieenkchlv6s5zaxr2tjnuxtufihlmpfo4u2xp5hf4a4lsxsizuo5q.ipfs.ipfs.v1rtl.site/ whichis likely not what you want.

To fix it, and only have one .ipfs. subdomain, try updating Kubo config to not have ipfs.:

- "ipfs.v1rtl.site": {
+ "v1rtl.site": {

Then Kubo’s handling of Host header when processing https://bafybeieenkchlv6s5zaxr2tjnuxtufihlmpfo4u2xp5hf4a4lsxsizuo5q.ipfs.v1rtl.site/ will work as expected.

2 Likes
6

this worked, thanks!