mirror of https://github.com/ogarcia/docker-sks
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
111 lines
3.2 KiB
Markdown
111 lines
3.2 KiB
Markdown
# SKS OpenPGP keyserver docker on Alpine Linux [![Build Status](https://travis-ci.org/ogarcia/docker-sks.svg?branch=master)](https://travis-ci.org/ogarcia/docker-sks)
|
|
|
|
(c) 2017 Óscar García Amor
|
|
|
|
Redistribution, modifications and pull requests are welcomed under the terms
|
|
of GPLv3 license.
|
|
|
|
[SKS][1] is an OpenPGP keyserver whose goal is to provide easy to deploy,
|
|
decentralized, and highly reliable synchronization. That means that a key
|
|
submitted to one SKS server will quickly be distributed to all key servers,
|
|
and even wildly out-of-date servers, or servers that experience spotty
|
|
connectivity, can fully synchronize with rest of the system.
|
|
|
|
This docker packages **SKS**, under [Alpine Linux][2], a lightweight Linux
|
|
distribution.
|
|
|
|
Visit [Docker Hub][3] to see all available tags.
|
|
|
|
[1]: https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Home
|
|
[2]: https://alpinelinux.org/
|
|
[3]: https://hub.docker.com/r/connectical/sks/
|
|
|
|
## Run
|
|
|
|
To run this container exposing SKS and mounting a permanent volume for sks
|
|
data in `/docker/sks`, run.
|
|
|
|
```
|
|
/usr/bin/docker run --rm \
|
|
--network host \
|
|
--name sks \
|
|
-e "SKS_SERVER_CONTACT=YOUR_OPENPGP_KEYID" \
|
|
-v /docker/sks:/var/lib/sks \
|
|
connectical/sks
|
|
```
|
|
|
|
Take note that if you dont have a valid SKS database, the server will not
|
|
run. Please, take a look to [dump documentation][4] and [SKS Readme][5] for
|
|
more info.
|
|
|
|
[4]: https://bitbucket.org/skskeyserver/sks-keyserver/wiki/KeydumpSources
|
|
[5]: https://bitbucket.org/skskeyserver/sks-keyserver/src/tip/README.md
|
|
|
|
## Executing commands
|
|
|
|
If you need execute a SKS command, for example `sks_build.sh` for buld
|
|
database, simply call docker with desired command.
|
|
|
|
```
|
|
/usr/bin/docker run -t -i --rm \
|
|
-v /docker/sks:/var/lib/sks \
|
|
connectical/sks sks_build.sh
|
|
```
|
|
|
|
Take note that if you pass paths to command, these paths will refer to
|
|
inside of docker.
|
|
|
|
## Configuration via docker variables
|
|
|
|
The `run.sh` script that lauchs SKS use the following environment variables
|
|
to modify the config file (you can refer to [SKS man page][6] to know more
|
|
about this settings).
|
|
|
|
| Variable | Default value |
|
|
| --- | --- |
|
|
| SKS_HOSTNAME | localhost |
|
|
| SKS_RECON_ADDR | 0.0.0.0 |
|
|
| SKS_RECON_PORT | 11370 |
|
|
| SKS_HKP_ADRESS | 0.0.0.0 |
|
|
| SKS_HKP_PORT | 11371 |
|
|
| SKS_SERVER_CONTACT | |
|
|
| SKS_NODENAME | keys |
|
|
|
|
The config file have more options, you can edit them directly, the `run.sh`
|
|
script only touch those mentioned above.
|
|
|
|
[6]: https://manpages.debian.org/stretch/sks/sks.8.en.html
|
|
|
|
## Run with systemd
|
|
|
|
If you want run this image with systemd you can use the following unit.
|
|
|
|
```
|
|
[Unit]
|
|
Description=SKS OpenPGP keyserver container
|
|
Requires=docker.service
|
|
After=docker.service
|
|
|
|
[Service]
|
|
ExecStartPre=-/usr/bin/docker kill sks
|
|
ExecStartPre=-/usr/bin/docker rm sks
|
|
ExecStartPre=/usr/bin/docker pull connectical/sks:VERSION_TAG
|
|
ExecStart=/usr/bin/docker run \
|
|
--network host \
|
|
--name sks \
|
|
-v /docker/sks:/var/lib/sks \
|
|
-e "SKS_HOSTNAME=your.host.example.com" \
|
|
-e "SKS_RECON_ADDR=0.0.0.0" \
|
|
-e "SKS_RECON_PORT=11370" \
|
|
-e "SKS_HKP_ADRESS=0.0.0.0" \
|
|
-e "SKS_HKP_PORT=11371" \
|
|
-e "SKS_SERVER_CONTACT=YOUR_OPENPGP_KEYID" \
|
|
-e "SKS_NODENAME=keys" \
|
|
connectical/sks:VERSION_TAG
|
|
ExecStop=/usr/bin/docker stop -t 2 sks
|
|
Restart=always
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
```
|