Run keystored in development
Generate the certificate and the private key pair for localhost if you haven't done so:
cd github.com/stellar/go/exp/services/keystore ./tls/regen.sh
Simply choose all the default options. This will create three files: tls/server.crt, tls/server.key, and tls/server.csr.
We will only be using
cd github.com/stellar/go/exp/services/keystore go install ./cmd/keystored
keystore Postgres database locally:
createdb keystore keystored migrate up
You can undo all migrations by running
keystored migrate down
You can redo the last migration by running
keystored migrate redo
You can check whether there is any unapplied migrations by running
keystored migrate status
keystored in development with authentication disabled:
You might want to set the
KEYSTORE_LISTENER_PORT environment variable
for the keystored listener. Otherwise, the default value is port 8000.
keystored -tls-cert=tls/server.crt -tls-key=tls/server.key -auth=false serve
Before you have a valid endpoint that can handle your auth token and return a user id in plaintext, you might want to disable authentication for testing.
keystored in production with authentication disabled:
There are four environment variables used for starting keystored:
DB_MAX_OPEN_CONNSare default to 5.
KEYSTORE_AUTHFORWARDING_URLis ignored when authentication is turned off.
keystored -tls-cert=PATH_TO_TLS_CERT -tls-key=PATH_TO_TLS_KEY -auth=false serve
You can put the log messages in a designated file with the
-log-file flag as well as determine
the log severity level with the
keystored -log-file=PATH_TO_YOUR_LOG_FILE -log-level=[debug|info|warn|error] serve
There is no documentation for this package.