From 57f1fdf316b0384cbcc662d6d6173edae6ed0493 Mon Sep 17 00:00:00 2001 From: qo-op Date: Sun, 6 Dec 2020 21:29:37 +0100 Subject: [PATCH] swarm control --- zen/gchange_IPFS_swarm.sh | 31 +++++----- zen/ipfs_SWARM_refresh.sh | 126 +++++++++----------------------------- 2 files changed, 42 insertions(+), 115 deletions(-) diff --git a/zen/gchange_IPFS_swarm.sh b/zen/gchange_IPFS_swarm.sh index 049c29c..3b4c0cd 100755 --- a/zen/gchange_IPFS_swarm.sh +++ b/zen/gchange_IPFS_swarm.sh @@ -36,6 +36,8 @@ ME="${0##*/}" ######################################################################## IPFSNODEID=$(ipfs id -f='\n') [[ $IPFSNODEID == "" ]] && echo "ERROR missing IPFS Node id !! IPFS is not installed !?" && exit 1 +isIPFSRunning=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d ' ' -f 1) +[[ ! $isIPFSRunning ]] && echo "ERROR! ipfs daemon is not running. EXIT" && exit 1 ######################################################################## # Force Strict #swarm0 !!? @@ -51,38 +53,33 @@ cd ~/.zen/astroport/zen/jaklis # 1. Get Gchange "liking_me" people list for liking_me in $(./jaklis.py like | jq -r '.likes[].issuer'); do + # Check if my like is reverse friend_of_mine=$(./jaklis.py like -p $liking_me | jq -r '.yours'); - # 2. Searching "ipfstryme" message from friend_of_mine + [[ $friend_of_mine != null ]] && echo "Connect to my friend $liking_me" && friend_of_mine_count=$((friend_of_mine_count+1)) && ipfsadd=0 \ && for peer in $(./jaklis.py read -n50 -j | jq -r --arg friendKEY "$liking_me" '.[] | select(.pubkey == $friendKEY)' | jq 'select(.title == "ipfstryme")' | jq -r '.content'); - # ipfstryme message contains peer ipfs adresses + # 2. Searching "ipfstryme" message from friend_of_mine do ip=$(echo "$peer" | awk -F '/' '{print $3}') - echo $ip >> ~/.zen/A_allow_ip.txt + # Fill a file with friend of mine ip + echo $ip >> ~/.zen/A_allow_ip.txt + # Get its ipfsnodeid ipfsnodeid=$(echo "$peer" | awk -F '/' '{print $7}') - # 3. liking_me friend_of_mine can join my swarm & bootstrap + + # 3. ADD liking_me friend_of_mine to my swarm & bootstrap ipfs swarm connect $peer; ipfs bootstrap add $peer; + ipfsadd=$((ipfsadd+1)) done; # Friend of mine with no ipfstryme message [[ $friend_of_mine != null && $ipfsadd == 0 ]] && echo "No ipfstryme message..." && echo "$liking_me" >> ~/.zen/A_liking_me_NO_ipfstryme.txt - # 4. liking_me IS NOT a friend_of_mine!! - if [[ $friend_of_mine == null ]]; then - echo "I am NOT LIKING $liking_me"; - # GET its ~/.zen/ipfs IPNS sharing - ipfs get --output=/tmp/ipfs_swarm/ /ipns/$ipfsnodeid - g1pub=$(cat /tmp/ipfs_swarm/.$ipfsnodeid/G1SSB/_g1.pubkey) + # Automatic level_1 like from oasis.astroport.com (TODO add other default bootstrap) + # TODO get $g1pub from ~/.zen/ipfs/.$IPFSNODEID/G1SSB/_g1.pubkey ?? + # [[ $friend_of_mine == null && $G1PUB == "2jQUH4HfHxdTesjCjvMCx1VJgA5AnpuvrWRq1swfRdsS" ]] && ./jaklis.py like -p $g1pub -s 1 - ### NO G1SSB node => BAN IP (must be sudo with no password !!) - [[ $g1pub == "" && ( $USER == "pi" || $USER == "xbian") ]] && "SHOULD BAN $liking_me" \ - && sudo fail2ban-client add recidive && sudo fail2ban-client set recidive banip $ip - - # Automatic level_1 like from oasis.astroport.com (add other default bootstrap) - [[ $G1PUB == "2jQUH4HfHxdTesjCjvMCx1VJgA5AnpuvrWRq1swfRdsS" ]] && ./jaklis.py like -p $g1pub -s 1 - fi liking_me_count=$((liking_me_count+1)) done diff --git a/zen/ipfs_SWARM_refresh.sh b/zen/ipfs_SWARM_refresh.sh index e26aeba..3b33498 100755 --- a/zen/ipfs_SWARM_refresh.sh +++ b/zen/ipfs_SWARM_refresh.sh @@ -8,29 +8,20 @@ MY_PATH="`dirname \"$0\"`" # relative MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized ME="${0##*/}" ######################################################################## -# This script is controling IPFS swarm - -# Removes from peers not friends on gchange+ -# remember Nodes ID and IPs -# add IPs to fail2ban - -# Sync friends peers ~/.zen/ipfs/ into ~/.zen/ipfs_swarm/.IPFSNODEID's/ directories -# - -## NOT WORKING !!! YET -exit 1 -######################################################################## # \\/// # qo-op ############# '$MY_PATH/$ME' ######################################################################## # ex: ./'$ME' ######################################################################## -# TODO remove because it is in~/.bashrc +# This script is controling IPFS swarm +# Sync friends peers ~/.zen/ipfs/ into ~/.zen/ipfs_swarm/.IPFSNODEID's/ directories +# add not friend_of_mine IPs to fail2ban +######################################################################## +# TODO remove because now it is in~/.bashrc export YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1) export IPFSNODEID=$(ipfs id -f='\n') ######################################################################## - mkdir -p ~/.zen/ipfs_swarm echo ' ___ _ _ __ __ _ _ _ _ _ _ __ @@ -40,22 +31,39 @@ _|_| | __) __)\/\//--\| \| | | \|_| | \|___)| | ' echo "I am $IPFSNODEID" +echo "REFRESHING /home/$YOU/.zen/ipfs_swarm/ from my SWARM peers" +rm -Rf /home/$YOU/.zen/ipfs_swarm/.12D3KooW* +rm -Rf /home/$YOU/.zen/ipfs_swarm/.Qm* +rm -Rf /home/$YOU/.zen/ipfs_swarm/* + +count=1 for peer in $(ipfs swarm peers); do - id=$(echo "$peer" | awk -F '/' '{print $7}') + ipfsnodeid=$(echo "$peer" | awk -F '/' '{print $7}') ip=$(echo "$peer" | awk -F '/' '{print $3}') nowdate=$(date) timestamp=$(date -u +%s%N | cut -b1-13) echo "$nowdate - $id - $ip" foundIp=$(cat ~/.zen/allow_ip.txt | grep "$ip" | wc -l) + if [ "$foundIp" -eq 0 ] ; then - echo "${ip} of peer ${id} is not in the authorized ip list. ${peer} will be removed from the swarm" - ipfs swarm disconnect $peer - ipfs bootstrap rm $peer + echo "${ip} of peer ${id} is not in the authorized ip list." + echo "${peer} will be removed from the swarm" + + ipfs swarm disconnect $peer + ipfs bootstrap rm $peer + + [[ $USER == "pi" || $USER == "xbian" ]] && echo "BAN $ip" \ + && sudo fail2ban-client add recidive \ + && sudo fail2ban-client set recidive banip $ip + else - ${path_script}/timeout.sh -t 30 ipfs get --output ${path_shared_files}/ /ipns/$id + # REFRESH ~/.zen/ipfs_swarm/ + $MY_PATH/tools/timeout.sh -t 30 ipfs get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$ipfsnodeid + fi + done echo "PUBLISHING MY OWN /home/$YOU/.zen/ipfs/ to SWARM" @@ -66,82 +74,4 @@ NODEIPNS=$(ipfs name publish --quieter /ipfs/$IWALLETS) # Put my own data in /home/$YOU/.zen/ipfs_swarm/ ipfs get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$IPFSNODEID -echo "REFRESHING /home/$YOU/.zen/ipfs_swarm/ from my SWARM peers" -rm -Rf /home/$YOU/.zen/ipfs_swarm/.12D3KooW* -rm -Rf /home/$YOU/.zen/ipfs_swarm/* - -count=1 - -######################################################################## -# Let's look for Friends and "IPFS swarm connect" with them -######################################################################## -cd ~/.zen/astroport/zen/jaklis -# 1. Get Gchange "liking_me" people list -for liking_me in $(./jaklis.py like | jq -r '.likes[].issuer'); -do - friend_of_mine=$(./jaklis.py like -p $liking_me | jq -r '.yours'); - # 2. Searching "ipfstryme" message from friend_of_mine - [[ $friend_of_mine != null ]] && echo "Connect to my friend $liking_me" && friend_of_mine_count=$((friend_of_mine_count+1)) && ipfsadd=0 \ - && for peer in $(./jaklis.py read -n50 -j | jq -r --arg friendKEY "$liking_me" '.[] | select(.pubkey == $friendKEY)' | jq 'select(.title == "ipfstryme")' | jq -r '.content' | head -n1); - do - id=$(echo "$peer" | awk -F '/' '{print $7}') - [[ "$id" == "" ]] && echo "WARNING! ID empty for $peer " && continue - #### REFRESH ~/.zen/ipfs_swarm/ with /ipns/$id - $MY_PATH/tools/timeout.sh -t 30 ipfs get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$id - - - ipfsadd=$((ipfsadd+1)) - done; - [[ $friend_of_mine != null && $ipfsadd == 0 ]] && echo "No ipfstryme message..." && echo "$liking_me" >> /tmp/A_liking_me_NO_ipfstryme.txt - # 4. liking_me IS NOT a friend_of_mine!! - [[ $friend_of_mine == null ]] && \ - echo "I am NOT LIKING $liking_me" && \ - rm -Rf /home/$YOU/.zen/ipfs_swarm/.$id && \ - - liking_me_count=$((liking_me_count+1)) -done - -# Search for All peers Nodes. ## TODO: To be changed when Swarm is too big or not expanding -#for id in $(ls -d ~/.zen/ipfs_swarm/.12D3KooW* | cut -d '.' -f 3); # Alternative search... -for peer in $(ipfs swarm peers); -do - - - - - echo " ($count) Refreshing /home/$YOU/.zen/ipfs_swarm/.$id" - - ### Is "ipfs_swarm/.$id/G1SSB/_ssb.whoami" my SSB friend?? - ssbID=$(cat /home/$YOU/.zen/ipfs_swarm/.$id/G1SSB/_ssb.whoami) - isMyFriend=$(grep -Rwl "$ssbID" /tmp/ssb-friends.txt) - if [[ -f /tmp/ssb-friends.txt && ! $isMyFriend ]]; then - echo "WARNING! $count IS NOT my SSB Friend !!! Check $ssbID" - - ipfs swarm disconnect $peer - ipfs bootstrap rm $peer - ## Send sbotc alert message - if [[ -f /tmp/ssb-friends_ALERT.txt && ! $(grep -Rwl "$ssbID" /tmp/ssb-friends_ALERT.txt) ]]; then - sbotc publish '{"type":"post","text":"Salut '"$ssbID"' essaye de se connecter à ton swarm ipfs mais PAS ami!? (http://127.0.0.1/ipfs/'"$id"')"}' - echo "$ssbID" >> /tmp/ssb-friends_ALERT.txt - fi - ## TODO: Use fail2ban if same node continue entering our swarm... - count=$((count+1)) - continue - fi - - - #### IPFS SWARM SHAPING CONTROL - ### CHECK Astroport Station Database Coherence? - if [[ ! -d /home/$YOU/.zen/ipfs_swarm/.$id ]]; then - echo "WARNING! $peer is NOT an Astroport Station !!" - ipfs swarm disconnect $peer - ipfs bootstrap rm $peer - # TODO bannish with firewall ? - fi - - echo "=============================================================" - count=$((count+1)) - -done - -# TODO: TASK treatment. +exit 0