Deploying the keyserver requires configuring it, building its Docker image, and deploying that image with Docker Compose.
In order for the keyserver to interface with dependencies, host the landing page, and host the Comm web application, the following must be added to keyserver/.env:
# Mandatory
COMM_DATABASE_DATABASE=comm
COMM_DATABASE_USER=<MariaDB user>
COMM_DATABASE_PASSWORD=<MariaDB password>
COMM_JSONCONFIG_secrets_user_credentials='{"username":"<user>","password":"<password>"}'
COMM_JSONCONFIG_facts_landing_url='{"baseDomain":"http://localhost","basePath":"/commlanding/","baseRoutePath":"/commlanding/","https":false}'
COMM_JSONCONFIG_facts_webapp_url='{"baseDomain":"http://localhost:3000","basePath":"/webapp/","https":false,"baseRoutePath":"/webapp/","proxy":"none"}'
COMM_JSONCONFIG_facts_keyserver_url='{"baseDomain":"http://localhost:3000","basePath":"/keyserver/","baseRoutePath":"/keyserver/","https":false,"proxy":"none"}'
COMM_JSONCONFIG_facts_webapp_cors='{"domain": "http://localhost:3000"}'
# Required to connect to production Identity service
COMM_JSONCONFIG_secrets_identity_service_config="{\"identitySocketAddr\":\"https://identity.commtechnologies.org:50054\"}"
# Required for ETH login
COMM_JSONCONFIG_secrets_alchemy='{"key":"<alchemy key>"}'
COMM_JSONCONFIG_secrets_walletconnect='{"key":"<wallet connect key>"}'
# Required for Farcaster login
COMM_JSONCONFIG_secrets_neynar='{"key":"<neynar key>"}'
# Example backup configuration that stores up to 10 GiB of backups in /home/comm/backups
COMM_JSONCONFIG_facts_backups='{"enabled":true,"directory":"/home/comm/backups","maxDirSizeMiB":10240}'
COMM_DATABASE_DATABASE: Specifies the name of the database the keyserver will use.COMM_DATABASE_USER: The username the keyserver uses to connect to MariaDB. Replace<MariaDB user>with your desired username.COMM_DATABASE_PASSWORD: Corresponding password for the above user. Replace<MariaDB password>with your desired password.
COMM_NODE_ROLE: Specifies whether a node is primary or secondary. Currently only used for multi-node keyservers, and as such is irrelevant to the Docker Compose workflow described here.
COMM_JSONCONFIG_secrets_user_credentials: Credentials for authenticating against the Identity service. Replace<user>and<password>with any values. In the future, they will need to be actual credentials registered with the Identity service.COMM_JSONCONFIG_secrets_identity_service_config: Socket address for the Identity service. If omitted, the keyserver will try to connect to a local instance of the Identity service.
COMM_JSONCONFIG_secrets_alchemy: Alchemy key used for Ethereum Name Service (ENS) resolution and retrieving ETH public keys. Replace<alchemy key>with your actual key.COMM_JSONCONFIG_secrets_walletconnect: WalletConnect key used to enable Sign-In with Ethereum (SIWE). Replace<wallet connect key>with your actual key.
COMM_JSONCONFIG_facts_keyserver_url: Your keyserver needs to know what its externally-facing URL is in order to construct links. It also needs to know if it’s being proxied to that externally-facing URL, and what the internal route path is.baseDomain: Externally-facing domain. Used for constructing links.basePath: Externally-facing path. Used for constructing links.baseRoutePath: Internally-facing path. Same as basePath if no proxy. If there’s a proxy, this is the local path (e.g. http://localhost:3000/landing would correspond with /landing/)proxy:"none" | "apache"Determines which request headers to use for HTTPS validation and IP address timezone detection.https: If true, checks request headers to validate that HTTPS is in use.
COMM_JSONCONFIG_facts_webapp_cors: Your keyserver needs to be able to include CORS headers with the domain where the comm web application is hosted.domain: Domain where the web application is hosted.
COMM_JSONCONFIG_facts_backups: Specifies whether to enable backups, where to store them, and the max size of the backups directory.
Once configured, the keyserver can be built and deployed by simply running:
cd keyserver
./bash/dc.sh up --build