# IPFS ### Peer {% hint style="info" %} Kotal uses only `go-ipfs` client for IPFS peers, that's why there's no `.spec.client` option. {% endhint %} | Syntax | Type | Description | Default | | ----------------------------------------- | ------ | ----------------------------------------------------------------- | ----------------- | | [initProfiles](#initprofiles) | Array | List of initial configuration profiles | default-datastore | | [profiles](#profiles) | Array | List of configuration profiles to apply after peer initialization | | | [apiHost](#apihost) | string | API server host | 0.0.0.0 | | [apiPort](#apiport) | number | API server port | 5001 | | [gatewayHost](#gatewayhost) | string | Local ipfs gateway host | 0.0.0.0 | | [gatewayPort](#gatewayport) | number | Local ipfs gateway port | 8080 | | [routing](#routing) | string | Content routing mechanism | dht | | [swarmKeySecretName](#swarmkeysecretname) | string | Name of the k8s secret holding swarm secret key | | | [resources](#resources) | object | Compute and storage resources | | #### initProfiles `initProfiles` is al list of initial ipfs configuration profile. `initialProfiles` available values are `server`, `randomports`, `default-datastore`, `local-discovery`, `test`, `default-networking`, `flatfs`, `badgerds`, and `lowpower`. `initProfiles` can't be updated (immutable). #### profiles `profiles` is the list of configuration profiles to apply after peer initialization. `profiles` available values are `server`, `randomports`, `default-datastore`, `local-discovery`, `test`, `default-networking`, `flatfs`, `badgerds`, and `lowpower`. #### apiHost `apiHost` is API server host. {% hint style="info" %} If you set `apiHost` to host other than `0.0.0.0`, api calls forwarded to the container won't hit the API server. This is useful if you want to disallow calls to API server. {% endhint %} #### apiPort `apiPort` is API server port. #### gatewayHost `gatewayHost` is local ipfs gateway host. {% hint style="info" %} If you set `gatewayHost` to host other than `0.0.0.0`, gateway won't work. This is useful if you want to disable to access gateway from outside. {% endhint %} #### gatewayPort `gatewayPort` is API server port. #### routing `routing` is the content routing mechanism. `routing` available values are `none`, `dht`, `dhtclient`, `dhtserver.` #### swarmKeySecretName `swarmKeySecretName` is the kubernetes secret name that's holding the swarm key in a key called `secret`. ```bash kubectl create secret generic swarm-key --from-literal=secret=$w@rmk3y ``` #### resources `resources` allocates compute and storage resources to the peer. `resources` object has the following fields: | Syntax | Type | Description | Defalt | | ------------ | ------ | ------------------------------------------- | ------------------------------------------------------------------------------------------ | | cpu | string | number of cpu cores this peer requires | `1` | | cpuLimit | string | number of cpu cores this peer is limited to | `2` | | memory | string | memory this peer requires | `2Gi` | | memoryLimit | string | memory this peer is limited to | `4Gi` | | storage | string | disk space this peer requires | `10Gi` | | storageClass | string | Node volume storage class | Cluster's default storage class will be used as defined by cluster admin or cloud provider | Memory and storage requests and limits must use the pattern `^[1-9][0-9]*[KMGTPE]i$` for example `1500Mi`, `30Gi`, and `1Ti`. cpu requests and limits must use the pattern `^[1-9][0-9]*m?$` for example `1000m` (which is equal to `1` core), `1500m` which is 1.5 core, `2` cores, and `4` cores. `cpuLimit` can't be less than `cpu`. `memoryLimit` can't be less than or equal to `memory`. `storageClass` field is immutable, it cannot be changed after creation. ### ClusterPeer {% hint style="info" %} Kotal uses only `ipfs-cluster-service` for IPFS cluster peers that runs along with `go-ipfs`, that's why there's no `.spec.client` option. {% endhint %} | Syntax | Type | Description | Default | | ------------------------------------------------ | ------ | ------------------------------------------------------- | -------------------------- | | [id](#id) | string | Cluster peer ID | | | [privateKeySecretName](#privatekeysecretname) | string | Name of the k8s secret holding cluster peer privatekey | `*` if consensus is `crdt` | | [trustedPeers](#trustedpeers) | array | Peer IDs that can manage the pinset in `crdt` consensus | | | [bootstrapPeers](#bootstrappeers) | array | Peers to connect to on startup | | | [consensus](#consensus) | string | Cluster consensus algorithm | `crdt` | | [peerEndpoint](#peerendpoint) required | string | ipfs peer http API endpoint | | | [clusterSecretName](#clustersecretname) required | string | Name of the k8s secret holding cluster secret | | | [resources](#resources) | object | Compute and storage resources | | #### id `id` is cluster peer id derived from private key. `id` is required if `privateKeySecretName` is provided. `id` can be generated using [ipfs-key](https://github.com/whyrusleeping/ipfs-key) tool. ```bash ipfs-key -type ed25519 | base64 ``` It will return an output similar to the following: ``` Generating a 2048 bit ed25519 key... Success! ID for generated key: 12D3KooWT2bqgwZPxHthAGBV9Ut8ZLraz1LARtB7vG3mF26Mtof1 CAESQLepaunFGa/PI0oNS3plrbVSInqab/X/U1laEDe2V2cL/7kbF9H6x3xBiwpbVnYT/jDA8EhAznXALlbwzEsuKaw= ``` #### privateKeySecretName `privateKeySecretName` is the name of the k8s secret holding **base64** cluster peer privatekey in a key called `key`. `privateKeySecretName` is required if `id` is provided. `privateKeySecretName` can be generated using [ipfs-key](https://github.com/whyrusleeping/ipfs-key) tool. ```bash ipfs-key -type ed25519 | base64 ``` It will return an output similar to the following: ``` Generating a 2048 bit ed25519 key... Success! ID for generated key: 12D3KooWT2bqgwZPxHthAGBV9Ut8ZLraz1LARtB7vG3mF26Mtof1 CAESQLepaunFGa/PI0oNS3plrbVSInqab/X/U1laEDe2V2cL/7kbF9H6x3xBiwpbVnYT/jDA8EhAznXALlbwzEsuKaw= ``` #### trustedPeers `trustedPeers` is a list of peer IDs that can manage the cluster pinset in `crdt` consensus clusters. `trustedPeers` is ignored in `raft` consensus clusters. `trustedPeers` default value is `*` which is trust all peers. #### bootstrapPeers `bootstrapPeers` is a list of peers to connect to on startup. {% hint style="warning" %} `bootstrapPeers` will be trusted peers in `crdt` clusters. {% endhint %} #### consensus `consensus` is the cluster consensus algorithm. #### peerEndpoint `peerEndpoint` id ipfs peer http API endpoint. `peerEndpoint` is required for the cluster peer to function correctly. #### clusterSecretName `clusterSecretName` is the k8s secret name holding **32-bit hex-encoded** *(without 0x)* cluster secret in a key called `secret`. `clusterSecretName` can be generated using openssl tool: ```bash CLUSTER_SECRET=$(openssl rand -hex 32) kubectl create secret generic cluster-secret --from-literal=secret=$CLUSTER_SECRET ``` #### resources `resources` allocates compute and storage resources to the peer. `resources` object has the following fields: | Syntax | Type | Description | Defalt | | ----------- | ------ | ------------------------------------------- | ------ | | cpu | string | number of cpu cores this peer requires | `1` | | cpuLimit | string | number of cpu cores this peer is limited to | `2` | | memory | string | memory this peer requires | `2Gi` | | memoryLimit | string | memory this peer is limited to | `4Gi` | | storage | string | disk space this peer requires | `10Gi` | Memory and storage requests and limits must use the pattern `^[1-9][0-9]*[KMGTPE]i$` for example `1500Mi`, `30Gi`, and `1Ti`. cpu requests and limits must use the pattern `^[1-9][0-9]*m?$` for example `1000m` (which is equal to `1` core), `1500m` which is 1.5 core, `2` cores, and `4` cores. `cpuLimit` can't be less than `cpu`. `memoryLimit` can't be less than or equal to `memory`. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.kotal.co/reference/ipfs.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.