Skip to content

Dockerfile and instructions #327

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
rhiaro wants to merge 6 commits into from
Closed

Dockerfile and instructions #327

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
002ee2a
Dockerfile and instructions
rhiaro May 1, 2016
c5df357
Dockerfile and instructions
rhiaro May 1, 2016
c7868b4
Cleanup, remove acl
rhiaro May 2, 2016
c3fc0a6
Update readme with owner
rhiaro May 2, 2016
ddeb738
Remove acl, cleanup
rhiaro May 2, 2016
79b375e
Merge branch 'master' into dockerize
rhiaro May 4, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 13 additions & 0 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
FROM node:5.11-wheezy
Copy link
Contributor

@nicola nicola May 1, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By removing 5.11-wheezy, I think we are guaranteed to get the latest, should we change it to that? is it good practice?

Copy link

@KitB KitB May 2, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pinning is probably the better idea, always updating from latest is handy when developing and cuts down on "update base image to ..." commits, but pinned versions mean repeatable builds and always knowing where you're building from, in particular it means that the version of the base image is tracked in git which I consider to be important.


RUN cd /opt \
&& mkdir -p ldnode/certs && cd ldnode/certs \
&& openssl genrsa 2048 > ssl-key.pem \
&& openssl req -new -x509 -nodes -sha256 -days 3650 -key ssl-key.pem -subj '/CN=*.localhost' > ssl-cert.pem

COPY . /src
RUN cd /src && mkdir data \
&& npm install

ENTRYPOINT ["node", "/src/bin/ldnode.js"]
Copy link

@SvenDowideit SvenDowideit Aug 25, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i presume this has changed to solid.js?

CMD ["--port=8443", "--ssl-key=/opt/ldnode/certs/ssl-key.pem", "--ssl-cert=/opt/ldnode/certs/ssl-cert.pem", "--root=/src/data"]
Copy link

@SvenDowideit SvenDowideit Aug 25, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please add an EXPOSE 8443 line to let users (and docker) know that you're expecting to expose that port in the container :)

53 changes: 52 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,58 @@ $ openssl genrsa 2048 > ../localhost.key
$ openssl req -new -x509 -nodes -sha256 -days 3650 -key ../localhost.key -subj '/CN=*.localhost' > ../localhost.cert
```

### Single-user server with Docker

(First, install [Docker](https://docs.docker.com/engine/installation/)).

Self-signed SSL cert and key are generated at build time (not for production! You can override this during the `run` step).

```bash
$ sudo docker build -t ldnode .
```

Then `run`, mounting the directory in which your data will be contained (this can be anywhere on your local machine):

```bash
$ sudo docker run -d -p 8443:8443 -v /path/to/data:/src/data --name my-ldnode ldnode
```

If you already have an SSL cert (eg. from LetsEncrypt), make sure they are named `ssl-cert.pem` and `ssl-key.pem` and mount the containing directory (which doesn't contain anything else) for those as well:

```bash
$ sudo docker run -d -p 8443:8443 -v /path/to/data:/src/data -v /path/to/certs:/opt/ldnode/certs --name my-ldnode ldnode
```

Go to `https://localhost:8443` and you should be good to go.

#### With owner

If you have an existing WebID (with corresponding cert installed) that you want to use as the owner, you can either run with all the args:

```
sudo docker run -d -p 8443:8443 -v /path/to/data:/src/data -v /path/to/certs:/opt/ldnode/certs --name my-ldnode ldnode --owner=YOUR WEBID HERE --port 8443 --ssl-key /opt/ldnode/certs/ssl-key.pem --ssl-cert /opt/ldnode/certs/ssl-cert.pem --root=/src/data
```

OR include this `.acl` in your local `data` directory:

```
@prefix n0: <http://www.w3.org/ns/auth/acl#>.
@prefix n1: <http://xmlns.com/foaf/0.1/>.

<#owner>
a n0:Authorization;
n0:accessTo <./>;
n0:agent <YOUR WEBID HERE>;
n0:defaultForNew <./>;
n0:mode n0:Control, n0:Read, n0:Write.
<#everyone>
a n0:Authorization;
n0: n1:Agent;
n0:accessTo <./>;
n0:defaultForNew <./>;
n0:mode n0:Read.
```

### Run multi-user server (intermediate)

You can run `solid` so that new users can sign up, in other words, get their WebIDs _username.yourdomain.com_.
Expand Down Expand Up @@ -103,7 +155,6 @@ $ solid start --port 8080 --ssl-key key.pem --ssl-cert cert.pem --no-webid

**Note:** if you want to run on HTTP, do not pass the `--ssl-*` flags, but keep `--no-webid`


### Extra flags (expert)
The command line tool has the following options

Expand Down