h30x
April 23, 2024, 8:00am
1
I have a Kubo node listening on port 4002.
I have a Nginx reverse proxy that redirects https to it under the /ws location.
location /ws {
proxy_pass http://localhost:4002;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
}
I want to know the syntax for the multiaddress pointing to it. Intuitively I would do:
/dns/domain/tcp/443/wss/ws
But it seems that “ws” is interpreted (by multiformats javascript lib) as a protocol and not a location. Is there a way I should split these? With tls, https, http…?
I believe the format is:
/dns4/yourdomain.com/tcp/443/wss/p2p/PeerID_Qm...
You want either wss or ws, where wss is secure web sockets.
Externally, you expose the /wss path and have nginx do the TLS termination and pass the request to Kubo’s :4002/ws endpoint.
1 Like
h30x
April 23, 2024, 10:27am
3
To be sure I understood well, it means that if my nginx config is
location /foo {
proxy_pass http://localhost:4002;
# ...
}
the multiaddress would then be
/dns4/yourdomain.com/tcp/443/wss/p2p/PeerID_Qm...
But how would it know that the path is foo? Like in the URL wss://domain:443/foo
Good point.
According to the spec, it should be possible, but I’m not sure to what degree it’s implemented GitHub - multiformats/multiaddr: Composable and future-proof network addresses
A quick skim of the tests suggests that there’s some support for paths, though there’s no test that checks it for a dns wss multiaddr
/* eslint max-nested-callbacks: ["error", 8] */
/* eslint-env mocha */
import { expect } from 'aegir/chai'
import { fromString as uint8ArrayFromString } from 'uint8arrays/from-string'
import { multiaddr, isMultiaddr, fromNodeAddress, isName } from '../src/index.js'
import { codes } from '../src/protocols-table.js'
import type { Multiaddr } from '../src/index.js'
describe('construction', () => {
let udpAddr: Multiaddr
it('create multiaddr', () => {
udpAddr = multiaddr('/ip4/127.0.0.1/udp/1234')
expect(isMultiaddr(udpAddr)).to.equal(true)
})
it('clone multiaddr', () => {
const udpAddrClone = multiaddr(udpAddr)
expect(udpAddrClone !== udpAddr).to.equal(true)
})
show original
1 Like
hector
April 25, 2024, 1:39pm
5
I don’t know about js, but I don’t think go-libp2p has support for paths in ws addresses . Having http-paths in multiaddresses is a old problem and I don’t think a solution was ever agreed upon, so I doubt js decided to support a way.
I’m afraid you probably need to mount websockets at /.
2 Likes
Good to know.
I can confirm this from looking at how js-libp2p connects to the WSS bootstrap nodes.
The mutliaddrs is /dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN and it connects on the root path.
1 Like
h30x
April 29, 2024, 4:02pm
7
That’s what I finally did with a websocket subdomain and an additional certificate. I definitely should learn how to get a wildcard cert ><
1 Like