Archives
/
docker-sks
mirror of https://github.com/ogarcia/docker-sks
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
1.1.6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
docker-sks/README.md

111 lines
3.2 KiB
Markdown
Raw Permalink Blame History

# SKS OpenPGP keyserver docker on Alpine Linux [![Build Status](https://travis-ci.org/ogarcia/docker-sks.svg?branch=master)](https://travis-ci.org/ogarcia/docker-sks)
(c) 2017 Óscar García Amor
Redistribution, modifications and pull requests are welcomed under the terms
of GPLv3 license.
[SKS][1] is an OpenPGP keyserver whose goal is to provide easy to deploy,
decentralized, and highly reliable synchronization. That means that a key
submitted to one SKS server will quickly be distributed to all key servers,
and even wildly out-of-date servers, or servers that experience spotty
connectivity, can fully synchronize with rest of the system.
This docker packages **SKS**, under [Alpine Linux][2], a lightweight Linux
distribution.
Visit [Docker Hub][3] to see all available tags.
[1]: https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Home
[2]: https://alpinelinux.org/
[3]: https://hub.docker.com/r/connectical/sks/
## Run
To run this container exposing SKS and mounting a permanent volume for sks
data in `/docker/sks`, run.
```
/usr/bin/docker run --rm \
--network host \
--name sks \
-e "SKS_SERVER_CONTACT=YOUR_OPENPGP_KEYID" \
-v /docker/sks:/var/lib/sks \
connectical/sks
```
Take note that if you dont have a valid SKS database, the server will not
run. Please, take a look to [dump documentation][4] and [SKS Readme][5] for
more info.
[4]: https://bitbucket.org/skskeyserver/sks-keyserver/wiki/KeydumpSources
[5]: https://bitbucket.org/skskeyserver/sks-keyserver/src/tip/README.md
## Executing commands
If you need execute a SKS command, for example `sks_build.sh` for buld
database, simply call docker with desired command.
```
/usr/bin/docker run -t -i --rm \
-v /docker/sks:/var/lib/sks \
connectical/sks sks_build.sh
```
Take note that if you pass paths to command, these paths will refer to
inside of docker.
## Configuration via docker variables
The `run.sh` script that lauchs SKS use the following environment variables
to modify the config file (you can refer to [SKS man page][6] to know more
about this settings).
| Variable | Default value |
| --- | --- |
| SKS_HOSTNAME | localhost |
| SKS_RECON_ADDR | 0.0.0.0 |
| SKS_RECON_PORT | 11370 |
| SKS_HKP_ADRESS | 0.0.0.0 |
| SKS_HKP_PORT | 11371 |
| SKS_SERVER_CONTACT | |
| SKS_NODENAME | keys |
The config file have more options, you can edit them directly, the `run.sh`
script only touch those mentioned above.
[6]: https://manpages.debian.org/stretch/sks/sks.8.en.html
## Run with systemd
If you want run this image with systemd you can use the following unit.
```
[Unit]
Description=SKS OpenPGP keyserver container
Requires=docker.service
After=docker.service
[Service]
ExecStartPre=-/usr/bin/docker kill sks
ExecStartPre=-/usr/bin/docker rm sks
ExecStartPre=/usr/bin/docker pull connectical/sks:VERSION_TAG
ExecStart=/usr/bin/docker run \
--network host \
--name sks \
-v /docker/sks:/var/lib/sks \
-e "SKS_HOSTNAME=your.host.example.com" \
-e "SKS_RECON_ADDR=0.0.0.0" \
-e "SKS_RECON_PORT=11370" \
-e "SKS_HKP_ADRESS=0.0.0.0" \
-e "SKS_HKP_PORT=11371" \
-e "SKS_SERVER_CONTACT=YOUR_OPENPGP_KEYID" \
-e "SKS_NODENAME=keys" \
connectical/sks:VERSION_TAG
ExecStop=/usr/bin/docker stop -t 2 sks
Restart=always
[Install]
WantedBy=multi-user.target
```
Reference in New Issue View Git Blame Copy Permalink