Add docker-compose

.dockerignore

@@ -0,0 +1,2 @@
+node_modules
+npm-debug.log

.gitea/workflows/docker-publish.yaml

@@ -0,0 +1,44 @@
+name: Build & publish images
+
+on: [push]
+
+env:
+  REGISTRY: git.plantroon.com
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-latest
+    container:
+      image: catthehacker/ubuntu:act-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Log into registry ${{ env.REGISTRY }}
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.CR_PAT }}
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: https://github.com/docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
+        with:
+          images: git.plantroon.com/aux/keyserver
+
+      - name: Build and push Docker image
+        id: build-and-push
+        uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
+        with:
+          context: .
+          push: true
+          labels: ${{ steps.meta.outputs.labels }}
+          tags: ${{ steps.meta.outputs.tags }}
+

Dockerfile

@@ -0,0 +1,9 @@
+FROM node:16
+
+WORKDIR /app
+COPY package*.json ./
+RUN npm ci --omit=dev
+COPY . .
+EXPOSE 3000
+
+CMD [ "node", "index.js" ]

docker-compose.yml

@@ -0,0 +1,26 @@
+version: '3'
+
+services:
+  mongodb:
+    image: mongo
+    volumes:
+    - ./data/db:/data/db
+    - ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
+    networks:
+    - backend
+    env_file:
+    - env.sample
+
+  keyserver:
+    image: git.plantroon.com/aux/keyserver:master
+    ports:
+    - "12345:3000"
+    depends_on:
+    - mongodb
+    networks:
+    - backend
+    env_file:
+    - env.sample
+
+networks:
+  backend:

env.sample

@@ -0,0 +1,30 @@
+NODE_ENV=production
+LOG_LEVEL=debug
+PORT=3000
+PAPERTRAIL_HOST=''
+PAPERTRAIL_PORT=''
+
+MONGO_URI=mongodb:27017/keyserver_db
+MONGO_USER=keyserver
+MONGO_PASS=changeme
+MONGO_INITDB_ROOT_USERNAME=keyserver
+MONGO_INITDB_ROOT_PASSWORD=changeme
+MONGO_INITDB_DATABASE=keyserver_db
+
+SENDER_NAME=keyserver
+SENDER_EMAIL=changeme
+
+SMTP_HOST=changeme
+SMTP_PORT=587
+SMTP_TLS=false
+
+SMTP_STARTTLS=true
+SMTP_PGP=''
+SMTP_USER=''
+SMTP_PASS=''
+
+HTTPS_UPGRADE=true
+HTTPS_KEY_PIN=''
+HTTPS_KEY_PIN_BACKUP=''
+
+PUBLIC_KEY_PURGE_TIME=30

mongo-init.js

@@ -0,0 +1,12 @@
+db.createUser(
+        {
+            user: process.env.MONGO_INITDB_ROOT_USERNAME,
+            pwd: process.env.MONGO_INITDB_ROOT_PASSWORD,
+            roles: [
+                {
+                    role: "readWrite",
+                    db: process.env.MONGO_INITDB_DATABASE
+                }
+            ]
+        }
+);

package-lock.json

@@ -1994,9 +1994,9 @@
       "dev": true
     },
     "qs": {
-      "version": "6.11.0",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz",
-      "integrity": "sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==",
+      "version": "6.10.1",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.10.1.tgz",
+      "integrity": "sha512-M528Hph6wsSVOBiYUnGf+K/7w0hNshs/duGsNXPUCLH5XAqjEtiPGwNONLV0tBH8NoGb0mvD5JubnUTrujKDTg==",
       "requires": {
         "side-channel": "^1.0.4"
       }