Provide a way to configure keria through environment variables

[lenkan]

Feature request description/rationale

It would be convenient to be able to configure a keria instance through environment variables instead of having to create configuration files and modifying the entrypoint.

The entrypoint and command in the docker image could be:

ENTRYPOINT ["keria"]
CMD ["start"]

Then environment variables can control any deviations from the default configuration options. For example:

• KERIA_PASSCODE for setting the passcode for the keystore
• KERIA_CURLS to configure the curls entry from the configuration file, e.g. https://mykeriainstance.com:3902.
• KERIA_ADMIN_PORT to configure the admin port
• KERIA_HTTP_PORT to configure the "http" port
• KERIA_BOOT_PORT to configure the "boot" port

The order of precedence for configuration can be:

• Command line option
• Environment variable
• Configuration file

This would allow us to configure a KERIA container without having to create a custom config file and without customizing the entrypoint and command.

Current state:

To illustrate the current state, something like the following is currently needed to configure a passcode and agent urls:

// config/keria.json
{
    "dt": "2023-12-01T10:05:25.062609+00:00",
    "keria": {
        "dt": "2023-12-01T10:05:25.062609+00:00",
        "curls": ["http://keria:3902/", "http://localhost:3902/"]
    }
}

// config/entrypoint.sh
#!/bin/bash
keria start --config-dir /keria/config --config-file keria --name agent --passcode $PASSCODE --admin $KERIA_ADMIN_PORT

// docker-compose.yaml
services:
    keria:
        image: weboftrust/keria
        environment:
            KERI_AGENT_CORS: 1
            KERIA_ADMIN_PORT=3901
        volumes:
            - ./config/keria.json:/keria/config/keri/cf/keria.json
            - ./config/entrypoint.sh:/keria/entrypoint.sh
        entrypoint: /keria/entrypoint.sh

Suggested use case

To illustrate the proposed use case, I would like the published keria image to support the following:

// docker-compose.yaml
services:
    keria:
        image: weboftrust/keria
        environment:
            KERI_AGENT_CORS: 1
            KERIA_PASSCODE: <secret injected passcode>
            KERIA_ADMIN_PORT: 3901
            KERIA_AGENT_CURLS: http://localhost:3902/;http://keria:3902/

This would make it easier to deploy the published KERIA image to container runtimes (like kubernetes, AWS ECS etc.) without modifications.

Notes

• I already have some code for this and will open up a PR if people agree.
• Please share your thoughts about any implications of configuring the "curls" value this way.
• If we do this, what do you think about the KERI_ vs KERIA_ prefix of the environment variable names?

[iFergal]

Agree in general.

Would the environment variables actually be written to the agent config file when a new agent is provisioned? Just considering the recently added endpoint to get the agent config that I'm using.

Re the env variables, I'd actually be in favour of removing KERI_AGENT_CORS and just always loosen the CORS checks. I don't think there's a need for ever checking CORS with KERIA, unless we have an admin dashboard in the future or something.

[lenkan]

Would the environment variables actually be written to the agent config file when a new agent is provisioned? Just considering the recently added endpoint to get the agent config that I'm using.

Yes, the way I implemented it. The Agency will be configured with these values and pass them onto the agent config when an agent is created.

Re the env variables, I'd actually be in favour of removing KERI_AGENT_CORS and just always loosen the CORS checks. I don't think there's a need for ever checking CORS with KERIA, unless we have an admin dashboard in the future or something.

I agree to this as well. Perhaps that could be a separate issue to track.

[iFergal]

Great, in that case I think this change makes sense.

Opened #328 for the other issue.

[2byrds]

Make sure KERIA states what the active settings are, so that the user can understand the result of their choices (command line, env, and config)