New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DNS and pages on gateway #39

Open
lgierth opened this Issue Sep 4, 2015 · 8 comments

Comments

Projects
None yet
5 participants
@lgierth
Member

lgierth commented Sep 4, 2015

A few options for pointing custom domains to a gateway,
as discussed on IRC: https://botbot.me/freenode/ipfs/2015-09-03/

Option 4 seems best, option 3 could also work.

Also checkout:

1. CNAME, with TXT on same domain

CNAME example.net => ipfs.io
TXT example.net => dnslink=/ipns/Qmfoo

This won't work, since we can't have CNAME with any other records (TXT in this case.)

2. A/AAAA, with TXT on same domain

A/AAAA example.net => 1.2.3.4, 5.6.7.8
TXT example.net => dnslink=/ipns/Qmfoo

This works, but now the gateway IP addresses are part of the "API".

3. CNAME, with TXT another subdomain

CNAME example.net => ipfs.io
TXT _dnslink.example.net => dnslink=/ipns/Qmfoo

problem: example.net inherits all ipfs.io records

  • e.g. MX records
  • or even the TXT record if it doesn't have one

4. CNAME

CNAME example.net => gateway.ipfs.io
TXT _dnslink.example.net => dnslink=/ipns/Qmfoo

We use a target domain for CNAME, instead of ipfs.io,
so that example.net doesn't inherit anything but A/AAAA records.

@kyledrake

This comment has been minimized.

Show comment
Hide comment
@kyledrake

kyledrake Sep 4, 2015

Member

I do like the idea of dnslink for this (esp. combined with IPNS when that is working).

The CNAME as root problem is quite real unfortunately. The way I solved it for Neocities custom domain usage was to have the domains set an A record to a re-assignable IP address at AWS running a web server. That server's only purpose is to redirect domain.com to www.domain.com, which is a CNAME record pointing to proxy.neocitiesops.net. You can see an example here:

curl -i -H "Host: derpie.com" http://54.68.34.66

This is fairly common practice. Tumblr uses something similar for custom domains.

Member

kyledrake commented Sep 4, 2015

I do like the idea of dnslink for this (esp. combined with IPNS when that is working).

The CNAME as root problem is quite real unfortunately. The way I solved it for Neocities custom domain usage was to have the domains set an A record to a re-assignable IP address at AWS running a web server. That server's only purpose is to redirect domain.com to www.domain.com, which is a CNAME record pointing to proxy.neocitiesops.net. You can see an example here:

curl -i -H "Host: derpie.com" http://54.68.34.66

This is fairly common practice. Tumblr uses something similar for custom domains.

@edrex

This comment has been minimized.

Show comment
Hide comment
@edrex

edrex Sep 15, 2015

Option 4 seems like a good approach. The practice of using non-host _myprotocol.-prefixed TXT and SRV records has a fine pedigree, and this ensures that there won't be any trouble with CNAME records.

edrex commented Sep 15, 2015

Option 4 seems like a good approach. The practice of using non-host _myprotocol.-prefixed TXT and SRV records has a fine pedigree, and this ensures that there won't be any trouble with CNAME records.

@jbenet

This comment has been minimized.

Show comment
Hide comment
@jbenet

jbenet Sep 15, 2015

Member

I do want to allow pure DNS usage of TXT dnslink without CNAME. e.g.

5. Just TXT

TXT example.net => dnslink=/ipns/Qmfoo

We do not have regular redirection for HTTP, this is for pure DNS + IPFS usage.


i would like to have this possibility without forcing _dnslink.example.net above (like, we could check for a TXT in this order:

  1. first check _dnslink.<domain> if TXT dnslink=<link> found, stop
  2. second check <domain>

To me, this is a much cleaner thing, but it does make things more complicated. if others feel this is annoying, then i can just suck it up, use _dnslink.<domain>, and grumble.

Member

jbenet commented Sep 15, 2015

I do want to allow pure DNS usage of TXT dnslink without CNAME. e.g.

5. Just TXT

TXT example.net => dnslink=/ipns/Qmfoo

We do not have regular redirection for HTTP, this is for pure DNS + IPFS usage.


i would like to have this possibility without forcing _dnslink.example.net above (like, we could check for a TXT in this order:

  1. first check _dnslink.<domain> if TXT dnslink=<link> found, stop
  2. second check <domain>

To me, this is a much cleaner thing, but it does make things more complicated. if others feel this is annoying, then i can just suck it up, use _dnslink.<domain>, and grumble.

@lgierth

This comment has been minimized.

Show comment
Hide comment
@lgierth

lgierth Sep 15, 2015

Member
  • first check _dnslink. if TXT dnslink= found, stop
  • second check

SGTM! 👍

Member

lgierth commented Sep 15, 2015

  • first check _dnslink. if TXT dnslink= found, stop
  • second check

SGTM! 👍

@lgierth

This comment has been minimized.

Show comment
Hide comment
@lgierth

lgierth Sep 15, 2015

Member

For latency optimization, we might send both DNS queries at once

Member

lgierth commented Sep 15, 2015

For latency optimization, we might send both DNS queries at once

@edrex

This comment has been minimized.

Show comment
Hide comment
@edrex

edrex Jan 29, 2016

f yeah! I've gotta have another swim in the IPFS-for-site-hosting pool

edrex commented Jan 29, 2016

f yeah! I've gotta have another swim in the IPFS-for-site-hosting pool

@lgierth

This comment has been minimized.

Show comment
Hide comment
@lgierth

lgierth Jan 30, 2016

Member

This shouldn't be closed for now

Member

lgierth commented Jan 30, 2016

This shouldn't be closed for now

@lgierth lgierth reopened this Jan 30, 2016

@ivan386

This comment has been minimized.

Show comment
Hide comment
@ivan386

ivan386 Dec 1, 2016

I propose to add a DNS record:
this-is-ipfs-site-use-local-gate A 127.0.0.1

In order to show that the site can be accessed through a local gateway for this script proxy.pac

function FindProxyForURL(url, host) {
    if ( shExpMatch(url, "http:*") && dnsResolve("this-is-ipfs-site-use-local-gate."+host) == "127.0.0.1" ){
        return "PROXY 127.0.0.1:8080; DIRECT"
    }
    return "DIRECT"
}

Sorry for my google translate

ivan386 commented Dec 1, 2016

I propose to add a DNS record:
this-is-ipfs-site-use-local-gate A 127.0.0.1

In order to show that the site can be accessed through a local gateway for this script proxy.pac

function FindProxyForURL(url, host) {
    if ( shExpMatch(url, "http:*") && dnsResolve("this-is-ipfs-site-use-local-gate."+host) == "127.0.0.1" ){
        return "PROXY 127.0.0.1:8080; DIRECT"
    }
    return "DIRECT"
}

Sorry for my google translate

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment