Hockeypuck is an OpenPGP public keyserver.
Hockeypuck uses semantic versioning and should always be installed from the latest release tag (or branch) for production use. If you wish to configure SKS peering, you should ensure that all peers are using the same minor version. Hockeypuck is not guaranteed to sync successfully between different minor versions.
The current release branch is 2.2
A quick and easy way to run Hockeypuck locally is with docker-compose.
First, obtain a keydump from an existing server.
A partial list of dump sources can be found in contrib/data-sources.md.
Unpack the *.pgp files from the dump under contrib/docker-compose/devel/keydump/, then:
cd contrib/docker-compose/devel
docker-compose up -d
You can change the configuration by editing contrib/docker-compose/devel/etc/hockeypuck.conf and running docker-compose restart.
To stop, run docker-compose down.
BEWARE that if you are building a docker image on Windows, you MUST clone this repository with autocrlf disabled:
git clone --config core.autocrlf=false https://github.com/hockeypuck/hockeypuck
You can use docker-compose to build and deploy a standalone Hockeypuck instance in a production environment.
This includes automated database population and TLS certificate management.
See contrib/docker-compose/standalone/README.md for full instructions.
Add this to your ansible playbook to deploy hockeypuck using the sebix.hockeypuck ansible role:
- hosts: servers
roles:
- sebix.hockeypuck
vars:
# optional variables, see documentation for a complete list and default values
- hockeypuck_contact: "YOUR_KEY_FINGERPRINT"
With Go 1.20 installed, simply run:
make build
Hockeypuck binaries will be in bin/.
Optionally run sudo make install to install the executables to /usr/bin/.
It will also install configuration examples and static files.
The dependencies for this project are managed via Go modules. To update the dependencies run:
cd src/hockeypuck
go get -u -m
go mod vendor
After which you can ensure that the code continues to build and that the tests still pass.
To locally build the hockeypuck binaries:
make install-build-depends
make
If it's installed, remove the snapcraft Ubuntu package:
sudo apt remove snapcraft
Install snapcraft from the Snap store:
snap install snapcraft
Confirm that you're using a recent enough version of snapcraft:
$ which snapcraft
/snap/bin/snapcraft
$ snapcraft version
snapcraft, version 3.7.2
$ _
Now you can build the snap:
snapcraft snap
snapcraft defaults to building in a multipass VM. If you're already in a throwaway environment, you can build the snap as follows instead:
SNAPCRAFT_BUILD_ENVIRONMENT=host snapcraft snap
Or use LXD for a lighter-weight isolated build:
SNAPCRAFT_BUILD_ENVIRONMENT=lxd snapcraft snap
Enabling cpu or memory profiling:
sudo snap set hockeypuck cpuprof=1
sudo snap set hockeypuck memprof=1
sudo systemctl restart snap.hockeypuck.hockeypuck.service
Disabling cpu or memory profiling:
sudo snap unset hockeypuck cpuprof
sudo snap unset hockeypuck memprof
sudo systemctl restart snap.hockeypuck.hockeypuck.service
In order to release a new version of hockeypuck:
make dch
git add debian/changelog
git commit -m 'x.y.z release'
git tag -s -u <keyid> -m 'x.y.z release' x.y.z
git push --tags
make deb-src
dput <your ppa> ../hockeypuck\_x.y.z\_source.changes
Where x.y.z is the appropriate version number.
This will upload the debian source package to the Launchpad PPA for building.
The configuration file supports templating using the Go text/template package with Sprig extensions. The template is rendered before the configuration file is parsed, so the configuration file can contain environment variables as well.
For example, setting the database configuration to use environment variables:
[hockeypuck.openpgp.db]
driver="postgres-jsonb"
dsn="database=hkp host=postgres user={{ .POSTGRES_USER }} password={{ .POSTGRES_PASSWORD }} port=5432 sslmode=disable"You can also use the osenv custom function to read environment variables by prefix:
{{ range $key, $value := osenv "HKP_" }}
{{ $key }}={{ $value }}
{{ end }}Copyright 2024, The Hockeypuck Developers; see CONTRIBUTORS and LICENSE for details.