From ac9134ea3405ff050eb101f54835c79c1683050c Mon Sep 17 00:00:00 2001 From: Vasco Santos Date: Thu, 18 Jul 2019 12:22:35 +0200 Subject: [PATCH] chore: add keychain and update table of contents --- doc/config.md | 99 +++++++++++++++++++++++++++++++-------------------- 1 file changed, 60 insertions(+), 39 deletions(-) diff --git a/doc/config.md b/doc/config.md index eb43c86744..f361e5c069 100644 --- a/doc/config.md +++ b/doc/config.md @@ -5,25 +5,34 @@ The js-ipfs config file is a JSON document located in the root directory of the ## Table of Contents - [`Addresses`](#addresses) + - [`API`](#api) + - [`Delegates`](#delegates) + - [`Gateway`](#gateway) + - [`Swarm`](#swarm) - [`Bootstrap`](#bootstrap) - [`Datastore`](#datastore) + - [`Spec`](#spec) - [`Discovery`](#discovery) + - [`MDNS`](#mdns) + - [`webRTCStar`](#webrtcstar) - [`Identity`](#identity) + - [`PeerID`](#peerid) + - [`PrivKey`](#privkey) - [`Keychain`](#keychain) - [`Swarm`](#swarm) - + - [`ConnMgr`](#connmgr) ## `Addresses` Contains information about various listener addresses to be used by this node. -- `API` +#### - API The IPFS daemon exposes an HTTP API that allows to control the node and run the same commands as you can do from the command line. It is defined on the [HTTP API Spec](https://docs.ipfs.io/reference/api/http). [Multiaddr](https://github.com/multiformats/multiaddr/) or array of [Multiaddr](https://github.com/multiformats/multiaddr/) describing the address(es) to serve the HTTP API on. Default: `/ip4/127.0.0.1/tcp/5002` -- `Delegates` +#### Delegates Delegate peers are used to find peers and retrieve content from the network on your behalf. Array of [Multiaddr](https://github.com/multiformats/multiaddr/) describing which addresses to use as delegate nodes, in order to create a delegate routers. @@ -33,14 +42,14 @@ Contains information about various listener addresses to be used by this node. [] ``` -- `Gateway` +#### Gateway A gateway is exposed by the IPFS daemon, which allows an easy way to access content from IPFS, using an IPFS path. [Multiaddr](https://github.com/multiformats/multiaddr/) or array of [Multiaddr](https://github.com/multiformats/multiaddr/) describing the address(es) to serve the gateway on. Default: `/ip4/127.0.0.1/tcp/9090` -- `Swarm` +#### Swarm Array of [Multiaddr](https://github.com/multiformats/multiaddr/) describing which addresses to listen on for p2p swarm connections. Default: @@ -59,40 +68,40 @@ initiate a connection to the network. Contains information related to the construction and operation of the on-disk storage system. -- `Spec` - Spec defines the structure of the IPFS datastore. It is a composable structure, where each datastore is represented by a JSON object. Datastores can wrap other datastores to provide extra functionality (e.g. metrics, logging, or caching). +#### Spec +Spec defines the structure of the IPFS datastore. It is a composable structure, where each datastore is represented by a JSON object. Datastores can wrap other datastores to provide extra functionality (e.g. metrics, logging, or caching). - This can be changed manually, however, if you make any changes that require a different on-disk structure, you will need to run the [ipfs-ds-convert tool](https://github.com/ipfs/ipfs-ds-convert) to migrate data into the new structures. +This can be changed manually, however, if you make any changes that require a different on-disk structure, you will need to run the [ipfs-ds-convert tool](https://github.com/ipfs/ipfs-ds-convert) to migrate data into the new structures. - Default: - ``` +Default: +```json +{ + "mounts": [ + { + "child": { + "path": "blocks", + "shardFunc": "/repo/flatfs/shard/v1/next-to-last/2", + "sync": true, + "type": "flatfs" + }, + "mountpoint": "/blocks", + "prefix": "flatfs.datastore", + "type": "measure" + }, { - "mounts": [ - { - "child": { - "path": "blocks", - "shardFunc": "/repo/flatfs/shard/v1/next-to-last/2", - "sync": true, - "type": "flatfs" - }, - "mountpoint": "/blocks", - "prefix": "flatfs.datastore", - "type": "measure" + "child": { + "compression": "none", + "path": "datastore", + "type": "levelds" }, - { - "child": { - "compression": "none", - "path": "datastore", - "type": "levelds" - }, - "mountpoint": "/", - "prefix": "leveldb.datastore", - "type": "measure" - } - ], - "type": "mount" + "mountpoint": "/", + "prefix": "leveldb.datastore", + "type": "measure" } - ``` + ], + "type": "mount" +} +``` ## `Discovery` Contains options for configuring IPFS node discovery mechanisms. @@ -124,15 +133,28 @@ Contains options for configuring IPFS node discovery mechanisms. ## `Identity` -- `PeerID` - The unique PKI identity label for this configs peer. Set on init and never read, its merely here for convenience. IPFS will always generate the peerID from its keypair at runtime. +### `PeerID` +The unique PKI identity label for this configs peer. Set on init and never read, its merely here for convenience. IPFS will always generate the peerID from its keypair at runtime. -- `PrivKey` - The base64 encoded protobuf describing (and containing) the nodes private key. +### `PrivKey` +The base64 encoded protobuf describing (and containing) the nodes private key. ## `Keychain` +We can customize the key management and criptographically protected messages by changing the Keychain options. Those options are used for generating the derived encryption key (`DEK`). The `DEK` object, along with the passPhrase, is the input to a PBKDF2 function. +Default: +```json +{ + "dek": { + "keyLength": 512 / 8, + "iterationCount": 1000, + "salt": "at least 16 characters long", + "hash": "sha2-512" + } +} +``` +You can check the [parameter choice for pbkdf2/](https://cryptosense.com/parameter-choice-for-pbkdf2/) for more information. ## `Swarm` @@ -160,7 +182,6 @@ The "basic" connection manager tries to keep between `LowWater` and `HighWater` **Example:** - ```json { "Swarm": {