mirror of https://github.com/docker/docs.git
Merge pull request #9 from docker/notaryserver_readme
Notary Server README
This commit is contained in:
David Lawrence
commit
ffc135ace9
|
|
@ -1,4 +1,4 @@
|
||||||
**N.B. The project is a work in progress and is not ready for production.**
|
# ALPHA: The project is a work in progress and is not ready for production.
|
||||||
|
|
||||||
# Notary
|
# Notary
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1 +1,63 @@
|
||||||
# Notary Server
|
# Notary Server
|
||||||
|
|
||||||
|
Notary Server manages TUF data. It may be configured to use either JWT
|
||||||
|
or HTTP Basic Auth for authentication. Currently it only supports MySQL
|
||||||
|
for store of the TUF data, we intend to expand this to other storage
|
||||||
|
options.
|
||||||
|
|
||||||
|
## Setup for Development
|
||||||
|
|
||||||
|
The notary repository comes with Dockerfiles and a docker-compose file
|
||||||
|
to faciliate development. Simply run the following commands to start
|
||||||
|
a notary server with a temporary MySQL database in containers:
|
||||||
|
|
||||||
|
```
|
||||||
|
$ docker-compose build
|
||||||
|
$ docker-compose up
|
||||||
|
```
|
||||||
|
|
||||||
|
If you are on Mac OSX with boot2docker or kitematic, you'll need to
|
||||||
|
update your hosts file such that the name `notary` is associated with
|
||||||
|
the IP address of your VM (for boot2docker, this can be determined
|
||||||
|
by running `boot2docker ip`, with kitematic, `echo $DOCKER_HOST` should
|
||||||
|
show the IP of the VM). If you are using the default Linux setup,
|
||||||
|
you need to add `127.0.0.1 notary` to your hosts file.
|
||||||
|
|
||||||
|
## Compiling Notary Server
|
||||||
|
|
||||||
|
From the root of this git repository, run `make binaries`. This will
|
||||||
|
compile the notary and notary-server applications and place them in
|
||||||
|
a `bin` directory at the root of the git repository (the `bin` directory
|
||||||
|
is ignored by the .gitignore file).
|
||||||
|
|
||||||
|
## Running Notary Server
|
||||||
|
|
||||||
|
The `notary-server` application has the following usage:
|
||||||
|
|
||||||
|
```
|
||||||
|
$ bin/notary-server --help
|
||||||
|
usage: bin/notary-serve
|
||||||
|
-config="": Path to configuration file
|
||||||
|
-debug=false: Enable the debugging server on localhost:8080
|
||||||
|
```
|
||||||
|
|
||||||
|
## Configuring Notary Server
|
||||||
|
|
||||||
|
The configuration file must be a json file with the following format:
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"server": {
|
||||||
|
"addr": ":4443",
|
||||||
|
"tls_cert_file": "./fixtures/notary.pem",
|
||||||
|
"tls_key_file": "./fixtures/notary.key"
|
||||||
|
}
|
||||||
|
"logging": {
|
||||||
|
"level": 5
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
The pem and key provided in fixtures are purely for local development and
|
||||||
|
testing. For production, you must create your own keypair and certificate,
|
||||||
|
either via the CA of your choice, or a self signed certificate.
|
||||||
|
|
|
||||||
|
|
@ -109,7 +109,7 @@ func main() {
|
||||||
}
|
}
|
||||||
|
|
||||||
func usage() {
|
func usage() {
|
||||||
fmt.Println("usage:", os.Args[0], "<config>")
|
fmt.Println("usage:", os.Args[0])
|
||||||
flag.PrintDefaults()
|
flag.PrintDefaults()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue