knowtheory.net
forked from
smokesignal.events/localdev
this repo has no description
1# PDS
2
3## Configuration
4
5This is a fully operational PDS and needs appropriate configuration. If you decide to run multiple PDS instances for testing, be sure to configure each one individually.
6
7Copy the `env.example` file to `env` and update the following entry "PLACEHOLDER" values.
8
9* `PDS_JWT_SECRET` value set with `openssl rand --hex 16`
10* `PDS_ADMIN_PASSWORD` value set with `openssl rand --hex 16`
11* `PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX` value set with `openssl ecparam --name secp256k1 --genkey --noout --outform DER | tail --bytes=+8 | head --bytes=32 | xxd --plain --cols 32`
12* `PDS_HOSTNAME` value updated to relflect your internal tailnet
13* `PDS_ADMIN_EMAIL` value updated to relflect your internal tailnet
14* `PDS_DID_PLC_URL` value updated to relflect your internal tailnet
15* Optionally, if you are not using the `pyroclastic.cloud` domain (it's fine to leave this as-is) then change that.
16
17Copy `docker-compose.example.yml` to `docker-compose.yml` and make the following changes:
18
19* Optional, set the `TS_AUTHKEY` if you are using one.
20
21## Operation
22
231. Create the configuration file and update it accordingly.
24
252. Bring networking up.
26
27 `docker compose up tailscale -d`
28
29 If you are using dynamic machine authentication, you'll need to view the logs and click on the link.
30
31 `docker compose logs tailscale`
32
333. Generate an SSL certificate for the node. Be sure to change `internal.ts.net` to whatever your Tailnet name is (i.e. `sneaky-fox.ts.net`)
34
35 `docker compose exec tailscale /bin/sh -c "tailscale cert --cert-file /mnt/tls/cert.pem --key-file /mnt/tls/cert.key pds.internal.ts.net"`
36
374. Bring the app and proxy up.
38
39 `docker compose up -d`
40
41## Usage
42
43The PDS will be available at https://pds.internal.ts.net/.
44
45The maildev service will be available at http://pds.internal.ts.net:1080/.