From 415f79f82184ab21e6cbcc64cdd5541e3ccc3145 Mon Sep 17 00:00:00 2001
From: Mythie <me@lucasjamessmith.me>
Date: Sun, 10 Mar 2024 11:13:05 +1100
Subject: [PATCH] fix: update docker docs and compose files

---
 .env.example                  | 10 ++++++++++
 docker/README.md              | 16 +++++++++++++++-
 docker/production/compose.yml |  3 +++
 docker/testing/compose.yml    |  2 ++
 4 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/.env.example b/.env.example
index c482c128e..20e1ae2ae 100644
--- a/.env.example
+++ b/.env.example
@@ -27,6 +27,16 @@ E2E_TEST_AUTHENTICATE_USERNAME="Test User"
 E2E_TEST_AUTHENTICATE_USER_EMAIL="testuser@mail.com"
 E2E_TEST_AUTHENTICATE_USER_PASSWORD="test_Password123"
 
+# [[SIGNING]]
+# OPTIONAL: Defines the signing transport to use. Available options: local (default)
+NEXT_PRIVATE_SIGNING_TRANSPORT="local"
+# OPTIONAL: Defines the passphrase for the signing certificate.
+NEXT_PRIVATE_SIGNING_PASSPHRASE=
+# OPTIONAL: Defines the file contents for the signing certificate as a base64 encoded string.
+NEXT_PRIVATE_SIGNING_LOCAL_FILE_CONTENTS=
+# OPTIONAL: Defines the file path for the signing certificate. defaults to ./example/cert.p12
+NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH=
+
 # [[STORAGE]]
 # OPTIONAL: Defines the storage transport to use. Available options: database (default) | s3
 NEXT_PUBLIC_UPLOAD_TRANSPORT="database"
diff --git a/docker/README.md b/docker/README.md
index ba942ac1c..bda1638a2 100644
--- a/docker/README.md
+++ b/docker/README.md
@@ -29,7 +29,16 @@ NEXT_PRIVATE_SMTP_USERNAME="<your-username>"
 NEXT_PRIVATE_SMTP_PASSWORD="<your-password>"
 ```
 
-4. Run the following command to start the containers:
+4. Update the volume binding for the cert file in the `compose.yml` file to point to your own key file:
+
+Since the `cert.p12` file is required for signing and encrypting documents, you will need to provide your own key file. Update the volume binding in the `compose.yml` file to point to your key file:
+
+```yaml
+volumes:
+  - /path/to/your/keyfile.p12:/opt/documenso/cert.p12
+```
+
+1. Run the following command to start the containers:
 
 ```
 docker-compose --env-file ./.env -d up
@@ -70,6 +79,7 @@ docker run -d \
   -e NEXT_PRIVATE_SMTP_TRANSPORT="<your-next-private-smtp-transport>"
   -e NEXT_PRIVATE_SMTP_FROM_NAME="<your-next-private-smtp-from-name>"
   -e NEXT_PRIVATE_SMTP_FROM_ADDRESS="<your-next-private-smtp-from-address>"
+  -v /path/to/your/keyfile.p12:/opt/documenso/cert.p12
   documenso/documenso
 ```
 
@@ -99,6 +109,10 @@ Here's a markdown table documenting all the provided environment variables:
 | `NEXT_PUBLIC_WEBAPP_URL`                     | The URL for the web application.                                                                    |
 | `NEXT_PRIVATE_DATABASE_URL`                  | The URL for the primary database connection (with connection pooling).                              |
 | `NEXT_PRIVATE_DIRECT_DATABASE_URL`           | The URL for the direct database connection (without connection pooling).                            |
+| `NEXT_PRIVATE_SIGNING_TRANSPORT`             | The signing transport to use. Available options: local (default)                                    |
+| `NEXT_PRIVATE_SIGNING_PASSPHRASE`            | The passphrase for the key file.                                                                    |
+| `NEXT_PRIVATE_SIGNING_LOCAL_FILE_CONTENTS`   | The base64-encoded contents of the key file, will be used instead of file path.                     |
+| `NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH`       | The path to the key file, default `/opt/documenso/cert.p12`.                                        |
 | `NEXT_PUBLIC_UPLOAD_TRANSPORT`               | The transport to use for file uploads (database or s3).                                             |
 | `NEXT_PRIVATE_UPLOAD_ENDPOINT`               | The endpoint for the S3 storage transport (for third-party S3-compatible providers).                |
 | `NEXT_PRIVATE_UPLOAD_REGION`                 | The region for the S3 storage transport (defaults to us-east-1).                                    |
diff --git a/docker/production/compose.yml b/docker/production/compose.yml
index 08abcf050..02acc655d 100644
--- a/docker/production/compose.yml
+++ b/docker/production/compose.yml
@@ -57,8 +57,11 @@ services:
       - NEXT_PUBLIC_DOCUMENT_SIZE_UPLOAD_LIMIT=${NEXT_PUBLIC_DOCUMENT_SIZE_UPLOAD_LIMIT}
       - NEXT_PUBLIC_POSTHOG_KEY=${NEXT_PUBLIC_POSTHOG_KEY}
       - NEXT_PUBLIC_DISABLE_SIGNUP=${NEXT_PUBLIC_DISABLE_SIGNUP}
+      - NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH=${NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH?:-/opt/documenso/cert.p12}
     ports:
       - ${PORT:-3000}:${PORT:-3000}
+    volumes:
+      - /opt/documenso/cert.p12:/opt/documenso/cert.p12
 
 volumes:
   database:
diff --git a/docker/testing/compose.yml b/docker/testing/compose.yml
index cecb5bf14..de4a71fea 100644
--- a/docker/testing/compose.yml
+++ b/docker/testing/compose.yml
@@ -49,3 +49,5 @@ services:
       - NEXT_PRIVATE_SMTP_FROM_ADDRESS=noreply@documenso.com
     ports:
       - 3000:3000
+    volumes:
+      - ../../apps/web/example/cert.p12:/opt/documenso/cert.p12