A Dat-hosting service for multiple users
Clone or download

readme.md

Hashbase

Hashbase is a public peer service for Dat archives. It provides a HTTP-accessible interface for creating an account and uploading Dats. It was created to power a content-community for the Beaker Browser

Links:

Setup

Clone this repository, then run

npm install
cp config.defaults.yml config.development.yml

Modify config.development.yml to fit your needs, then start the server with npm start.

Configuration

Before deploying the service, you absolutely must modify the following config.

Basics

dir: ./.hashbase              # where to store the data
brandname: Hashbase           # the title of your service
hostname: hashbase.local      # the hostname of your service
proxy: true                   # is there a reverse proxy (eg nginx) in front of the server?
port: 8080                    # the port to run the service on
rateLimiting: true            # rate limit the HTTP requests?
csrf: true                    # use csrf tokens?
defaultDiskUsageLimit: 100mb  # default maximum disk usage for each user
defaultNamedArchivesLimit: 25 # how many names can a user take?
bandwidthLimit:
  up: 1mb                     # maximum bytes/s upload speed
  down: 1mb                   # maximum bytes/s download speed

Lets Encrypt

You can enable lets-encrypt to automatically provision TLS certs using this config:

letsencrypt:
  debug: false          # debug mode? must be set to 'false' to use live config
  email: 'foo@bar.com'  # email to register domains under

If enabled, port will be ignored and the server will register at ports 80 and 443.

Admin Account

The admin user has its credentials set by the config yaml at load. If you change the password while the server is running, then restart the server, the password will be reset to whatever is in the config.

admin:
  email: 'foo@bar.com'
  password: myverysecretpassword

HTTP Sites

Hashbase can host the archives as HTTP sites. This has the added benefit of enabling dat-dns shortnames for the archives.

sites: per-archive

This will host archives at archivename.hostname. By default, HTTP Sites are disabled.

Closed Registration

For a private instance, use closed registration with a whitelist of allowed emails:

registration:
  open: false
  allowed:
    - alice@mail.com
    - bob@mail.com

Reserved Usernames

Use reserved usernames to blacklist usernames which collide with frontend routes, or which might be used maliciously.

registration:
  reservedNames:
    - admin
    - root
    - support
    - noreply
    - users
    - archives

Monitoring

pm2: false         # set to true if you're using https://keymetrics.io/
alerts:
  diskUsage: 10gb  # when to trigger an alert on disk usage

Session Tokens

Hashbase uses Json Web Tokens to manage sessions. You absolutely must replace the secret with a random string before deployment.

sessions:
  algorithm: HS256                # probably dont update this
  secret: THIS MUST BE REPLACED!  # put something random here
  expiresIn: 1h                   # how long do sessions live?

Jobs

Hashbase runs some jobs periodically. You can configure how frequently they run.

# processing jobs
jobs:
  popularArchivesIndex: 30s  # compute the index of archives sorted by num peers
  userDiskUsage: 5m          # compute how much disk space each user is using
  deleteDeadArchives: 5m     # delete removed archives from disk

Cache sizes (advanced)

You can tweak hashbase's memory usage to trade speed against memory usage.

# cache settings
cache:
  metadataStorage: 65536   # number of memory slots
  contentStorage: 65536    # number of memory slots
  tree: 65536              # number of memory slots

Emailer

Hashbase relies on NodeMailer to send out mails (for example: required to verify a new user). The email property of the configuration will be passed as-is to NodeMailer.

In the default configuration we use the stub transport which offers a code API for tests.

# email settings
email:
  transport: stub
  sender: '"Hashbase" <noreply@hashbase.local>'

hashbase has a dependency on the ses and smtp transport, which means you can use those out-of-the-box. For other transports you need to install those first.

Tests

Run the tests with

npm test

To run the tests against a running server, specify the env var:

REMOTE_URL=http://{hostname}/ npm test

License

MIT