I don't think keyserver is considered a service. maybe it should have its own markdown file

maybe move this to the end of the .env file

Agree with @varun that keyserver shouldn't be considered one of our services

You're missing URL config, which is pretty necessary in order to be able to test the keyserver:

COMM_JSONCONFIG_facts_landing_url='{"baseDomain":"http://localhost","basePath":"/commlanding/","baseRoutePath":"/commlanding/","https":false}'
COMM_JSONCONFIG_facts_commapp_url='{"baseDomain":"http://localhost:3000","basePath":"/comm/","https":false,"baseRoutePath":"/comm/","proxy":"none"}'

Don't think we should say <located in keyserver/secrets/db_config.json>".. there's no requirement that this matches that value, and somebody should be able to configure the keyserver Docker image without previously having a db_config.json file

These values honestly just need to be set to something (can be whatever)

It might be good to explain what these are, maybe outside of the code block. I could imagine some explanation outside of the code block of:

1. One section to explain MariaDB config
2. One section to explain identity config (identity_service_config and user_credentials)
3. One section for ETH login
4. One section for URL config

1. Does this comment format work in .env files? Good to know if so
2. We should be consistent about spacing patterns. It looks like you mostly have an extra newline between sections, but this section doesn't have the extra newline

Honestly I think we can just omit this

In the title, you outline three steps: configuration, build, and deploy. Should we reflect that this section handles two of the steps?

Seems a little vague, and not very helpful if you need to configure these values. You may want to mention that it will reflect a proxy (e.g. apache) configuration if in use. Not sure if defining baseDomain, basePath, baseRoutePath, and proxy is a goal, but they seem pretty "magical" as they required but not explained.

I think at least baseDomain should be explained. If someone wanted to use a domain for their keyserver, they would need to set this value. If someone wanted to host the keyserver at https://keyserver.mydomain.com/ then they would need:

{
  "baseDomain": "https://keyserver.mydomain.com",
  "basePath": "/comm/",
  "https": false,
  "baseRoutePath": "/",
  "proxy": "none"
}

As far as I understand (ashoat can correct me):

• baseDomain: base domain used for constructing links
• baseRoutePath: Endpoint added to all links. (e.g. keyserver in https://mydomain.com/keyserver/)
• basePath: Endpoint used by web app
• proxy: "none" | "apache" Checks request headers and protocol to determine if request is secure.
• https: If true, attempts proxy check above, otherwise avoids https check altogether.

So if someone want to see chat/thread/256|123/ resource, then the rendered url to the user would be:

# Using bash-style substitution
"${baseDomain}${baseRoutePath}chat/thread/256|123/"

And the proxy or load balancer would need to hit:

"http://${IP_ADDRESS_AND_PORT}${basePath}chat/thread/256|123/

I'm sure I have some details off, but Ashoat would know for certain.