---
ipfs-group:
  group.present:
    - name: ipfs
    - gid: 899

ipfs-user:
  user.present:
    - name: ipfs
    - uid: 899
    - gid: 899
    - home: /var/lib/ipfs
    - allow_uid_change: true
    - allow_gid_change: true

ipfs-dir:
  file.directory:
    - name: /var/lib/ipfs
    - user: ipfs
    - group: ipfs
    - mode: 0750
    - recurse:
      - user

ipfs-init:
  cmd.run:
    - name: /usr/local/sbin/ipfs init
    - runas: ipfs
    - cwd: /var/lib/ipfs
    - success_retcodes:
      - 0
      - 1
    - watch-in:
      - service: ipfs-service

ipfs-set-storagemax:
  cmd.run:
    - name: /usr/local/sbin/ipfs config Datastore.StorageMax "20GB"
    - runas: ipfs
    - cwd: /var/lib/ipfs
    - watch-in:
      - service: ipfs-service

ipfs-set-headers-1:
  cmd.run:
    - name: ipfs config --json API.HTTPHeaders.Access-Control-Allow-Methods '["PUT", "GET", "POST"]'
    - runas: ipfs
    - cwd: /var/lib/ipfs
    - watch-in:
      - service: ipfs-service

ipfs-set-headers-2:
  cmd.run:
    #- name: ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '["http://localhost:8888", "http://127.0.0.1:5001", "https://webui.ipfs.io"]'
    - name: ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '["*"]'
    - runas: ipfs
    - cwd: /var/lib/ipfs
    - watch-in:
      - service: ipfs-service

ipfs-set-api:
  cmd.run:
    - name: /usr/local/sbin/ipfs config Addresses.API "/ip4/0.0.0.0/tcp/5001"
    - runas: ipfs
    - cwd: /var/lib/ipfs
    - watch-in:
      - service: ipfs-service

ipfs-set-gateway:
  cmd.run:
    - name: /usr/local/sbin/ipfs config Addresses.Gateway "/ip4/0.0.0.0/tcp/8888"
    - runas: ipfs
    - cwd: /var/lib/ipfs
    - watch-in:
      - service: ipfs-service

ipfs-service-file:
  file.managed:
    - name: /etc/systemd/system/ipfs.service
    - source: salt://ipfs/ipfs.service
    - watch-in:
      - service: ipfs-service

ipfs-service:
  service.running:
    - name: ipfs
    - enable: true
    - require:
      - file: ipfs-dir