kotovalexarian-likes-gitlab
/
hagrid-keyserver--hagrid
mirror of https://gitlab.com/hagrid-keyserver/hagrid.git
1
0
Fork 0
Code Releases Activity
33 Commits 22 Branches 0 Tags 3.3 MiB
Handlebars 55.7%
Rust 43.4%
Python 0.4%
Shell 0.4%
Nix 0.1%
Go to file
seu 2252d87cf0 missed something 2018-11-22 16:43:29 +01:00
contrib missed something 2018-11-22 16:43:29 +01:00
src rename to hagrid 2018-11-22 16:41:33 +01:00
templates rename to hagrid 2018-11-22 16:41:33 +01:00
.gitignore add /dist to gitignore 2018-10-24 19:45:59 +02:00
.gitlab-ci.yml Add CI file 2018-11-12 14:09:55 +00:00
Cargo.toml rename to hagrid 2018-11-22 16:41:33 +01:00
README.md rename to hagrid 2018-11-22 16:41:33 +01:00
nginx.conf Move paths around. 2018-11-02 11:48:02 +01:00
package.json rename to hagrid 2018-11-22 16:41:33 +01:00
webpack.config.js rename web to templates 2018-11-02 11:58:43 +01:00

README.md

Hagrid

Hagrid is a verifying OpenPGP key server. When a new key is uploaded a token is sent to each user ID via email. This token can be used to verify the user ID. Keys can be queried by their verified user IDs (exact match) and their primary keys fingerprint. Key can be deleted by clicking a link send to all user IDs.

Quick Start

Building Hagrid required a working Rust nightly toolchain. The key server uses the filesystem to store keys, user IDs and tokens. To run it, supply the absolute path to where you want the database to live and the absolute path to the template directory.

cargo run -- `pwd`/dist

This will spawn a web server listening on port 8080.

Usage

While Hagrids URL scheme is meant to be machine readable, it's not a REST API. The following URLs are handled.

  • POST /keys uploads a new key.

  • GET /keys?fpr=<base 64 fingerprint> retrieves the key with the given fingerprint. The fingerprint is encoded using the URL-safe variant of base 64 (- and _ instead of + and /).

  • GET /keys?uid=<base 64 user ID> retrieves the key with the given user ID. Only exact matches are accepted. The user ID is encoded using the URL-safe variant of base 64 (- and _ instead of + and /).

  • GET verify/<Token> verifies a user ID using a token string send by email.

  • GET delete/<base 64 fingerprint> requests deletion of the key with the given fingerprint. The fingerprint is encoded using the URL-safe variant of base 64 (- and _ instead of + and /).

  • GET confirm/<Token> confirms a keys deletion request using a token string send by email.

Building

Hagrid consists of a Rust and a NPM project. While the web server is implemented in Rust, HTML templates and CSS is bundled using NPM and Webpack. Building the Rust part requires a working nightly Rust toolchain. The easiest way to get the toolchain is to download rustup. After rustup is installed, get the nightly compiler and tools:

rustup default nightly

The web server can now be built with the cargo command:

cargo build --release

After compilation a binary is placed in target/release/ called hagrid. The binary is linked statically and can be copied everywhere.

cp target/release/hagrid /usr/local/bin

Bundling the web assets requires npm 8 or later. After you have npm installed fetch all dependencies and build the assets:

npm install
npm run build

The web assets are placed in dist/. To deploy the key server copy all directories under public/ to a writable location. Then start the server with the absolute path to the directory as argument:

mkdir /var/hagrid
cp -R dist/* /var/hagrid
hagrid /var/hagrid

This will spawn the server in foreground, listening on 0.0.0.0:8080. The --listen argument can be used to change port and listen address. The server will put all keys and runtime data under the base folder (/var/hagrid in the above example).

Community

We're in ##hagrid on Freenode.