Add libp2phttp command #40
Conversation
There was a problem hiding this comment.
Thanks for adding this 🙏. This looks a lot like https://github.com/ipfs/kubo/blob/master/docs/experimental-features.md#p2p-http-proxy.
Do you think adding it's sister https://github.com/ipfs/kubo/blob/master/docs/experimental-features.md#ipfs-p2p (i.e. TCP proxying over libp2p streams) would be valuable as well (would be a separate PR)?
| hasTLS := false | ||
| hasHTTP := false |
There was a problem hiding this comment.
Could this logic get into trouble if say /ws/tls is being used for a relay and combined with /http?
Maybe not relevant though since I'm not sure if there are multiaddrs where /http is valid when combined with /p2p/.
There was a problem hiding this comment.
Could this logic get into trouble if say /ws/tls is being used for a relay and combined with /http?
/http represents the HTTP transport. It shouldn't be combined with /ws.
Maybe not relevant though since I'm not sure if there are multiaddrs where /http is valid when combined with /p2p/.
Not yet, but these could be combined. I just need to finish peer id auth over http and we could have a valid multiaddr that looks like /.../http/p2p/12Foo
| }, | ||
| }, | ||
| Usage: "Make http requests to the given multiaddr with a unix socket", | ||
| Description: `This command creates a unix socket that can be used with curl to make HTTP requests to the provided multiaddr. |
There was a problem hiding this comment.
I might be missing something but given this is under the "libp2p" command I wonder if it's worth explicitly mentioning that this will enable setting up a standard HTTP proxy that uses multiaddr but otherwise doesn't use any libp2p specs at all (i.e. listening on an http multiaddr).
There was a problem hiding this comment.
It does HTTP over streams in the spec defined way?
| } | ||
| server.TLSConfig = c | ||
|
|
||
| fmt.Println("Endpoint is an HTTPS endpoint. Using a self signed cert locally to proxy.") |
There was a problem hiding this comment.
Maybe this is obvious, but can you give me some context on the value of "if the endpoint is HTTPS, let's add a self-signed cert on the unix socket proxy" rather not doing it at all or having the self-signed cert being a separate flag
There was a problem hiding this comment.
Imagine you run:
$ vole libp2p http --socket-path=/tmp/vole.sock /dns/google.com/https
What do you expect the curl request to look like?
I would expect:
curl --unix-socket /tmp/vole.sock https://www.google.com
Not
curl --unix-socket /tmp/vole.sock http://www.google.com
https:// vs http://
The only way we can do that is if our proxy itself is an https server, and thus we need a cert. Self signed is easiest. So we actually need to add a -k to the curl command.
There was a problem hiding this comment.
What do you expect the curl request to look like?
I guess this is probably my issue. Because I'm having trouble seeing the value of the HTTP -> HTTP proxy other than to demonstrate that it's possible via libp2p multiaddrs the need to drop an s vs to add a -k doesn't mean a ton to me.
On the other hand it doesn't really hurt, so as long as it's not causing trouble and you think it's useful I don't really mind
There was a problem hiding this comment.
Because I'm having trouble seeing the value of the HTTP -> HTTP proxy other than to demonstrate that it's possible via libp2p multiaddrs
This is not the main use case, but it's nice that it works consistently. You can make the exact same curl request to a standard HTTP server as you would to a libp2p node over a stream.
| Value: "", | ||
| }, | ||
| }, | ||
| Usage: "Make http requests to the given multiaddr with a unix socket", |
There was a problem hiding this comment.
Seems good enough for now, certainly for more in-depth debugging of a specific endpoint. Wonder if supporting some basic curl like functionality would be good here so people can do one-line http-over-libp2p requests. WDYT?
There was a problem hiding this comment.
maybe a simple GET request, and anything else would require the unix socket proxy? Does the unix socket proxy trick even work on windows?
Implementing the GET request sounds good to me, but how about we do that in a future PR once the next go-libp2p version is released? That one includes code that will make this easier. User's could make a request to multiaddr:/dns4/example.com/http/http-path/subpath and we can just pass that to go-libp2p.
|
For context, I used this when playing around with the caddy server to test its HTTP over libp2p streams ability |
aschmahmann
force-pushed
the
marco/libp2phttp
branch
from
d57ba31
to
7e0d75c
Compare
This lets you make http requests over libp2p streams.
The strategy I went with was to listen on a unix socket and proxy any HTTP requests received on that socket to the target. This lets us reuse curl to do the actual HTTP parts.
Example:
In another terminal: