Server Service Keys
Server Ed25519 keypair for client authentication and registration.
Generate
./bin/gen-server-keys.sh
Creates:
server-service.pub— public key; clients download viaGET /v1/service-keyserver-service.key— private key (keep secret)server-service.env— env vars for docker compose (ADMIN_PUBLIC_KEY,SERVICE_PUBLIC_KEY)
Client Usage
Clients fetch the server public key and use it to:
- Register — sign the server pubkey, post to
POST /v1/auth/register-by-signature - Verify server identity — for future signed responses or request validation
Docker Compose
The api service uses env_file: etc/server-service.env and mounts ./etc so keys are available. Run ./bin/gen-server-keys.sh before first docker compose up.