diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..4037320cb --- /dev/null +++ b/Dockerfile @@ -0,0 +1,13 @@ +FROM node:5.11-wheezy + +RUN cd /opt \ + && mkdir -p ldnode/certs && cd ldnode/certs \ + && openssl genrsa 2048 > ssl-key.pem \ + && openssl req -new -x509 -nodes -sha256 -days 3650 -key ssl-key.pem -subj '/CN=*.localhost' > ssl-cert.pem + +COPY . /src +RUN cd /src && mkdir data \ + && npm install + +ENTRYPOINT ["node", "/src/bin/ldnode.js"] +CMD ["--port=8443", "--ssl-key=/opt/ldnode/certs/ssl-key.pem", "--ssl-cert=/opt/ldnode/certs/ssl-cert.pem", "--root=/src/data"] \ No newline at end of file diff --git a/README.md b/README.md index b554e4912..2cc73b14f 100644 --- a/README.md +++ b/README.md @@ -66,6 +66,58 @@ $ openssl genrsa 2048 > ../localhost.key $ openssl req -new -x509 -nodes -sha256 -days 3650 -key ../localhost.key -subj '/CN=*.localhost' > ../localhost.cert ``` +### Single-user server with Docker + +(First, install [Docker](https://docs.docker.com/engine/installation/)). + +Self-signed SSL cert and key are generated at build time (not for production! You can override this during the `run` step). + +```bash +$ sudo docker build -t ldnode . +``` + +Then `run`, mounting the directory in which your data will be contained (this can be anywhere on your local machine): + +```bash +$ sudo docker run -d -p 8443:8443 -v /path/to/data:/src/data --name my-ldnode ldnode +``` + +If you already have an SSL cert (eg. from LetsEncrypt), make sure they are named `ssl-cert.pem` and `ssl-key.pem` and mount the containing directory (which doesn't contain anything else) for those as well: + +```bash +$ sudo docker run -d -p 8443:8443 -v /path/to/data:/src/data -v /path/to/certs:/opt/ldnode/certs --name my-ldnode ldnode +``` + +Go to `https://localhost:8443` and you should be good to go. + +#### With owner + +If you have an existing WebID (with corresponding cert installed) that you want to use as the owner, you can either run with all the args: + +``` +sudo docker run -d -p 8443:8443 -v /path/to/data:/src/data -v /path/to/certs:/opt/ldnode/certs --name my-ldnode ldnode --owner=YOUR WEBID HERE --port 8443 --ssl-key /opt/ldnode/certs/ssl-key.pem --ssl-cert /opt/ldnode/certs/ssl-cert.pem --root=/src/data +``` + +OR include this `.acl` in your local `data` directory: + +``` +@prefix n0: . +@prefix n1: . + +<#owner> + a n0:Authorization; + n0:accessTo <./>; + n0:agent ; + n0:defaultForNew <./>; + n0:mode n0:Control, n0:Read, n0:Write. +<#everyone> + a n0:Authorization; + n0: n1:Agent; + n0:accessTo <./>; + n0:defaultForNew <./>; + n0:mode n0:Read. +``` + ### Run multi-user server (intermediate) You can run `solid` so that new users can sign up, in other words, get their WebIDs _username.yourdomain.com_. @@ -103,7 +155,6 @@ $ solid start --port 8080 --ssl-key key.pem --ssl-cert cert.pem --no-webid **Note:** if you want to run on HTTP, do not pass the `--ssl-*` flags, but keep `--no-webid` - ### Extra flags (expert) The command line tool has the following options