Prerequisites

A production dataset of ~6M keys will require ~40GB of disk space for postgres and ~15GB for the dump files.

Hockeypuck requires PostgreSQL. You will normally have to create a fresh database in PostgreSQL, and a user account with full privileges on that database. The only exception is if you are using the docker-compose/standalone deployment template, which will provision a PostgreSQL instance automatically.

A public-facing instance of Hockeypuck SHOULD be located behind a haproxy instance with connection rate-limiting enabled. This is most easily done using the docker-compose/standalone deployment template. Otherwise, the haproxy configuration can be extracted and implemented separately.

Migration

To migrate from SKS-keyserver to Hockeypuck:

• Perform a dump from SKS-keyserver to local disk. The dump itself should be no more than 20GB in size. The procedure may however require up to 25GB of extra (temporary) disk space, if using the "filesystem snapshots" method.
• If using docker-compose/standalone, follow the instructions there.
• Otherwise:
  • Install Hockeypuck from source or docker image.
  • Configure it with a PostgreSQL connection string.
  • Incant hockeypuck-load {{dumpfile-directory}} to load the dumps.
  • Now start up your service.

It is recommended not to enable any partner keyservers when initially setting up and testing Hockeypuck. Most keyserver operators will wish to test your haproxy rate limiting before peering - this ensures that no one keyserver can be used as a back door for abuse into the rest of the network. In addition, existing sync partners may see a large delta of keys when re-connecting to your new Hockeypuck instance, and this may result in unnecessary network and/or disk traffic. Please compare notes with your partners before re-enabling sync.