Trustroute
Ruby on Rails application for visualizing and managing web of trust of PGP public keys.Abstract
...
Table of contents
- Abstract
- Table of contents
- Development
- Production
- How to use
- Technologies
How to build
Enter development environment shell
nix-shell
Install dependencies
bundle && yarn
Migrate the database
rails neo4j:migrate
Seed the database with some data
rails db:seed
How to run
Create following oAuth applications
Recreate the credentials
rm config/credentials.yaml.enc rails credentials:edit
Append client IDs and secrets to the credentials file
oauth_providers: github: id: ... secret: ... twitter2: id: ... secret: ... discord: id: ... secret: ...
Run the external services
docker compose up
Run the application
overmind start
App is now running on
localhost:3000
How to deploy
Create following oAuth applications
Setup
.env
filecp docker/.env.example docker/.env
Fill the
.env
file with the credentialsvim docker/.env
Pull the latest image (or build it locally) ```bash docker compose -f docker/docker-compose.yaml pull
or
docker compose -f docker/docker-compose.yaml build
5. Run the application
```bash
docker compose -f docker/docker-compose.yaml up
(First time only) Migrate the database and seed production data
docker compose -f docker/docker-compose.yaml exec app bundle exec rake neo4j:migrate docker compose -f docker/docker-compose.yaml exec app bundle exec rake db:seed
App is now running on
localhost:3000
How to use
Sign up flow
- Have a PGP keypair
- Import the public key into the application
/keys/new
- Sign in using signature challenge
/key_sessions/new
Managing identities flow
- Navigate to identities management page
/keys/:uuid/edit
- Add oAuth idenity using one of the providers
- Add and verify email address
- Add and verify DNS record
Vouching flow
- Navigate to the key you want to vouch for
/keys/:uuid
- Click on the
Vouch
button - Confirm vouching checklist
- Create key signature using and upload it to the application
Revoking key flow
- Navigate to your key
/keys/:uuid
- Click on the
Revoke
button - Create and upload revocation certificate
Searchign flow
- Navigate to the root page
/
- Use the search bar to find the key you are interested in (e.g. by email address, DNS record, etc.)
- Click on the key to see the details
Trust checking flow
- Navigate to the key you want to trust
/keys/:uuid
- Using the visuaisation check the path of trust from your key to the key you want to trust
- Consider key's identities and vouches and optionally contact intermediaries
Technologies
- Ruby on Rails
- gpgme
- neo4j
- ElasticSearch
- Vite
- Scss
- Docker
- NixOS
...