.. | ||
mongo_docker | ||
.env | ||
LICENSE.txt | ||
nginx.conf | ||
README.md |
- We need SSL certificates and a DNS entry.
- Allow only the
/pks/lookup
URL?
Disable eMail functions
In src/server.js
Change this line
const Email = require('./modules/email');
to
// const Email = require('./modules/email');
Replace this
const email = new Email();
email.init(conf.email);
with
const email = null;
// const email = new Email();
// email.init(conf.email);
In src/modules/public-key.js
Replace this line
await this._email.send({template: tpl.verifyKey, userId, keyId, origin, publicKeyArmored: userId.publicKeyArmored, i18n});
with
// await this._email.send({template: tpl.verifyKey, userId, keyId, origin, publicKeyArmored: userId.publicKeyArmored, i18n});
and this
await this._email.send({template: tpl.verifyRemove, userId, keyId, origin, i18n});
with
// await this._email.send({template: tpl.verifyRemove, userId, keyId, origin, i18n});
REST
Upload new key
POST /api/v1/key
Payload (JSON):
{
"publicKeyArmored": "-----BEGIN PGP PUBLIC KEY BLOCK----- ... -----END PGP PUBLIC KEY BLOCK-----"
}
Use mongodb connection to overwrite all entries in
keyserver.publickey.userIds
list with:
verified: true,
verified: true,
nonce: null
as well as in the
keyserver.publickey
overwrite with
verifyUntil: null
Micromanage the email addresses
Use mongodb connection to control the
keyserver.publickey.userIds
list.
Entries are like:
userIds: [
{
name: 'David Rotermund',
email: 'davrot@uni-bremen.de',
verified: true,
publicKeyArmored: null,
nonce: null
}
],
If the last email is removed, the
keyserver.publickey
entry needs to be removed completly.
Remove entry with all email addresses
Use mongodb connection to remove the
keyserver.publickey
entry which contains a userIds with the email address.
Notes
mongosh
use keyserver-int
db.createUser({ user:"keyserver", pwd:"REDACTED", roles:[{ role:"readWrite", db:"keyserver-int" }] })
git clone https://github.com/mailvelope/keyserver /app
cd /app
npm install
# Deal with .env
npm test
mongosh
use keyserver
db.createUser({ user:"keyserver", pwd:"REDACTED", roles:[{ role:"readWrite", db:"keyserver" }] })
db.adminCommand({setParameter:1, ttlMonitorSleepSecs: 86400})
db.publickey.createIndex({"userIds.email" : 1, "userIds.verified" : 1})
db.publickey.createIndex({"keyId" : 1, "userIds.verified" : 1})
db.publickey.createIndex({"fingerprint" : 1, "userIds.verified" : 1})
npm start