This commit is contained in:
parent
fd7437b673
commit
57b7de2bc5
|
@ -1,35 +0,0 @@
|
|||
Hagrid is owned by the [p≡p foundation] and licensed under the
|
||||
terms of the AGPLv3+.
|
||||
|
||||
[p≡p foundation]: https://pep.foundation/
|
||||
|
||||
To finance its mission, privacy by default, the [p≡p foundation]
|
||||
allows third parties (currently only [p≡p security]) to relicense its
|
||||
software. Consistent with the rules of a foundation, the money
|
||||
collected by the foundation in this manner is fully reinvested in the
|
||||
foundation's mission, which includes further development of Hagrid.
|
||||
|
||||
[p≡p security]: https://www.pep.security/
|
||||
|
||||
To do this, the [p≡p foundation] needs permission from all
|
||||
contributors to relicense their changes. In return, the
|
||||
[p≡p foundation] guarantees that *all* releases of Hagrid (and
|
||||
any other software it owns) will also be released under a GNU-approved
|
||||
license. That is, even if Foo Corp is granted a license to use
|
||||
Hagrid in a proprietary product, the exact code that Foo Corp
|
||||
uses will also be licensed under a GNU-approved license.
|
||||
|
||||
If you want to contribute to Hagrid, and you agree to the above,
|
||||
please sign the [p≡p foundation]'s [CLA]. This is an electronic
|
||||
assignment; no paper work is required. You'll need to provide a valid
|
||||
email address. After clicking on a link to verify your email address,
|
||||
you'll receive a second email, which contains the contract between you
|
||||
and the [p≡p foundation]. Be sure to keep it for future reference.
|
||||
The maintainers of Hagrid will also receive a notification. At
|
||||
that point, we can merge patches from you into Hagrid.
|
||||
|
||||
[CLA]: https://contribution.pep.foundation/contribute/
|
||||
|
||||
Please direct questions regarding the CLA to [contribution@pep.foundation].
|
||||
|
||||
[contribution@pep.foundation]: mailto:contribution@pep.foundation
|
82
README.md
82
README.md
|
@ -1,11 +1,10 @@
|
|||
Hagrid
|
||||
======
|
||||
|
||||
Hagrid is a verifying OpenPGP key server. When a new key is uploaded a
|
||||
token is sent to each user ID via email. This token can be used to verify the
|
||||
user ID. Keys can be queried by their verified user IDs (exact match) and their
|
||||
primary keys fingerprint. Keys can be deleted by clicking a link send to all
|
||||
user IDs.
|
||||
Hagrid is a verifying OpenPGP key server.
|
||||
|
||||
You can find general instructions and an API documentation at the running
|
||||
instance at [https://keys.openpgp.org](keys.openpgp.org).
|
||||
|
||||
License
|
||||
-------
|
||||
|
@ -27,79 +26,36 @@ License along with Hagrid. If not, see
|
|||
Quick Start
|
||||
-----------
|
||||
|
||||
Building Hagrid required a working [Rust _nightly_
|
||||
toolchain](https://rust-lang.org). The key server uses the filesystem to store
|
||||
keys, user IDs and tokens. To run it, supply the absolute path to where you
|
||||
want the database to live and the absolute path to the template directory.
|
||||
|
||||
```bash
|
||||
cp Rocket.toml.dist Rocket.toml
|
||||
cargo run --bin hagrid
|
||||
```
|
||||
|
||||
This will spawn a web server listening on port 8080.
|
||||
|
||||
Hagrid uses `sendmail` for mailing, so you also need a working local mailer
|
||||
setup.
|
||||
|
||||
Usage
|
||||
-----
|
||||
|
||||
You can find instructions and API documentation at the running instance at
|
||||
[https://keys.openpgp.org](keys.openpgp.org).
|
||||
|
||||
Building
|
||||
--------
|
||||
|
||||
Building Hagrid requires a working nightly Rust toolchain. The
|
||||
easiest way to get the toolchain is to download [rustup](https://rustup.rs).
|
||||
After rustup is installed, get the nightly compiler and tools:
|
||||
After rustup is installed, get the nightly compiler and tools, copy the
|
||||
config file, and simply compile and run:
|
||||
|
||||
```bash
|
||||
cd hagrid
|
||||
rustup override set nightly
|
||||
cp Rocket.toml.dist Rocket.toml
|
||||
cargo run
|
||||
```
|
||||
|
||||
The web server can now be built with the cargo command:
|
||||
This will spawn a web server listening on port 8080.
|
||||
|
||||
```bash
|
||||
cargo build --release
|
||||
```
|
||||
|
||||
After compilation a binary is placed in `target/release/` called
|
||||
`hagrid`. The binary is linked statically and can be copied everywhere.
|
||||
|
||||
```bash
|
||||
cp target/release/hagrid /usr/local/bin
|
||||
```
|
||||
|
||||
To deploy the key server copy all directories under `dist/` to a
|
||||
writable location, and create a suitable configuration file.
|
||||
|
||||
```bash
|
||||
mkdir /var/lib/hagrid
|
||||
cp -R dist/* /var/lib/hagrid
|
||||
cp Rocket.toml.dist /var/lib/hagrid/Rocket.toml
|
||||
$EDITOR /var/lib/hagrid/Rocket.toml
|
||||
/usr/bin/env --chdir=/var/lib/hagrid ROCKET_ENV=production hagrid
|
||||
```
|
||||
|
||||
This will spawn the server in foreground. The server will put all
|
||||
keys and runtime data under the base folder (`/var/lib/hagrid` in the
|
||||
above example).
|
||||
For deployment, a release build should be used (`cargo build --release`). This
|
||||
will be statically built, and can be copied anywhere. You will also need to
|
||||
adjust `Rocket.toml` accordingly. Hagrid uses `sendmail` for mailing, so you
|
||||
also need a working local mailer setup.
|
||||
|
||||
Reverse Proxy
|
||||
-------------
|
||||
|
||||
Hagrid is designed to defer lookups to reverse proxy server like Nginx
|
||||
and Apache. The key database is a set of 3 directories with static
|
||||
files in them. The directory structure reflects Hagrids URL
|
||||
scheme. This way, lookups via `/vks/v1/by-finingerprint`,
|
||||
`/vks/v1/by-keyid`, and `/vks/v1/by-email` can be handled by (multiple)
|
||||
simple HTTP server(s). A sample configuration for Nginx is part of the
|
||||
repository (`nginx.conf`).
|
||||
and Apache. Lookups via `/vks/v1/by-finingerprint`, `/vks/v1/by-keyid`, and
|
||||
`/vks/v1/by-email` can be handled by a robust and performant HTTP server. A
|
||||
sample configuration for nginx is part of the repository (`nginx.conf`,
|
||||
`hagrid-routes.conf`).
|
||||
|
||||
Community
|
||||
---------
|
||||
|
||||
We're in `##hagrid` on Freenode.
|
||||
We're in `#hagrid` on Freenode IRC, also reachable via Matrix as
|
||||
`#hagrid:stratum0.org`.
|
||||
|
|
|
@ -75,7 +75,7 @@
|
|||
|
||||
<p>
|
||||
Technically, <tt>keys.openpgp.org</tt> runs on the
|
||||
<a href="https://gitlab.com/sequoia-pgp/hagrid" target="_blank">Hagrid</a>
|
||||
<a href="https://gitlab.com/hagrid-keyserver/hagrid" target="_blank">Hagrid</a>
|
||||
keyserver software, which is based on
|
||||
<a href="https://sequoia-pgp.org">Sequoia-PGP</a>. We are hosted on the
|
||||
<a href="https://eclips.is" target="_blank">eclips.is</a> platform,
|
||||
|
|
Loading…
Reference in New Issue