GithubHelp home page GithubHelp logo

drgrove / docker-wkd Goto Github PK

View Code? Open in Web Editor NEW
5.0 2.0 2.0 149 KB

A Web Key Directory generating docker image

License: GNU General Public License v3.0

Dockerfile 12.41% Shell 85.63% Makefile 1.97%

docker-wkd's Introduction

docker-wkd

A OpenPGP WKD (Web Key Directory) generating docker image.

Usage

ENV VAR Required Defaults Description
MAIL_DOMAIN * The domain you'd like to generate key files for. (ex. drgrovellc.com)
DATA_FILE_PATH /data/keys.txt The path to the datafile
HU_FOLDER /data/ The folder you'd like to generate the wkd in 
# Make your folders
mkdir data hu .gnupg

# Make your keys.txt file

# This will pull the key from a keyserver and then generate the correct file for WKD.
# If you'd like to provide your own keys use the folder option

echo "C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD # Danny Grove" > data/keys.txt

# Using folder.
gpg --export --armour <FINGERPRINT> > data/<email-username>.asc

docker run --rm \
  -v $PWD/data:/data/ -v $PWD/hu:/root/hu -v $PWD/.gnupg:/root/.gnupg \
  -e MAIL_DOMAIN=drgrovellc.com
  drgrove/wkd

Deploying in Kubernetes

You can use the kustomization provided as a base, but you will need to add a few overrides.

Adding a Key

To add a key to WKD you simpely create a configmap for that key with the label wkd: enroll. The example below with use a configMapGenerator

# kustomization.yaml
...
configMapGenerator:
  - name: mykey
    options:
      labels:
        wkd: 'enroll'
      files:
      - pgp/mykey.asc

Assumed folder structure of above example:

kustomize
|- kustomization.yaml
|- pgp/
   |- mykey.asc

Patching your ingress

The example below is using nginx-ingress-controller. This is binding /.well-known/openpgp to the wkd service.

# ingess.yaml

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: wkd
  labels:
    app.kubernetes.io/name: wkd
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt
spec:
  tls:
    - hosts:
      - mywebsite.com
      secretName: mywebsite-tls
  rules:
    - host: mywebsite.com
      http:
        paths:
        - path: /.well-known/openpgpkey/
          pathType: Prefix
          backend:
            service:
              name: wkd
              port:
                number: 80

Cluster Install

If you'd like to be able in aggregate PGP keys that have been installed in other namespaces you can do so by adding cluster-rbac to your install

# kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: wkd
resources:
  - github.com/drGrove/docker-wkd/kustomize/direct
  - github.com/drGrove/docker-wkd/kustomize/cluster-rbac

docker-wkd's People

Contributors

drgrove avatar james-callahan avatar kellerfuchs avatar

Stargazers

Mehdi MAHFOUDI avatar Ayush avatar Klaus K. avatar Ben Harris avatar David Pflug avatar

Watchers

James Cloos avatar avatar

Forkers

james-callahan hashbang

docker-wkd's Issues

Failure to build kustomization 

$ kustomize build https://github.com/drGrove/docker-wkd/kustomize/advanced?ref=9e0721ef88ed33aac78533bbb5e21f7d9a0c69cd
Error: invalid Kustomization: json: cannot unmarshal string into Go struct field Kustomization.patches of type types.Patch

$ kustomize version
5.0.1

it may have broken with the kustomize 5.0.0 release

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.