Re-arrange README.md, reduce workers to 1, and perfer /var/lib/jjakkekeyserver instead of /var/jjakkekeyserver

README.md

@@ -12,6 +12,8 @@ A pure Perl keyserver!  When it receives a key, it does stuff to it then sticks
 * Postgresql server
 * A dedicated user would be nice
 
+## Install Instructions from Top to Bottom
+
 ### Install on your distro
 Maybe it is packaged by your distro maintainers?
 
@@ -20,15 +22,27 @@ Maybe it is packaged by your distro maintainers?
 apt install libmojolicious-perl libmojo-pg-perl
 ```
 Note: the latest Perl at the time of writing on Debian stable is v5.36.x which doesn't have class support...  I really wanted to use class().  Sorry!
-So, you're likely better off installing perlbrew and having the dedicated user that will run this program compile and install v5.38.x.
+So, right now, you're likely better off installing perlbrew and having the dedicated user that will run this program compile and install perl v5.38.x or higher.
+
+
+### Create user:
+#### Debian's adduser
+```
+sudo adduser --group --home /var/lib/jjakkekeyserver --system -- jjakkekeyserver
+```
+
+#### not Debian
+```
+sudo useradd --system --create-home --home-dir /var/lib/jjakkekeyserver --shell /bin/nologin jjakkekeyserver
+```
 
 ### postgres
 Probably not needed info, but postgres here is version 15.
 ```
-% sudo apt install postgresql postgresql-server-dev-15
+% sudo apt install postgresql postgresql-server-dev-xx
 % sudo -u postgres psql                                 # test if 'active' so to speak.
 ```
-Follow instructions from 'Create relevent details for the database.'
+Follow instructions from 'Create relevant details for the database.'
 
 ### perlbrew (with Debian 12.8)
 ```
@@ -50,26 +64,18 @@ jjakkekeyserver% exit
 % sudo chsh jjakkekeyserver -s /bin/nologin
 ```
 
-### Install via cpan (or cpan-minus, considered way better by most)
+### Install modules via cpan (or cpan-minus, considered way better by most)
 ```
-cpanm Mojolicious Mojo::Pg Mojo::File Mojo::Util
+cpanm Mojolicious Mojo::Pg
 ```
-Installing via cpan(m) will work because the Mojolicious devs are competent (to be more specific, they opt to recreate everything, that way if a dependency breaks because the author is ignoring issues or fucking DEAD there won't be permanently broken cpan repos that mojolicious depends on)
+Installing via cpan(m) will work because the Mojolicious devs are competent (to be more specific, they opt to recreate everything, that way if a dependency breaks because the author is ignoring issues or has passed on there won't be permanently broken cpan repos that mojolicious depends on)
 
 ## To use
-### Create a dedicated user to run this program (Debian)
-```
-sudo adduser --group --home /var/jjakkekeyserver --system -- jjakkekeyserver
-```
-
-### Create a dedicated user to run this program (not Debian)
-```
-sudo useradd --system --create-home --home-dir /var/jjakkekeyserver --shell /bin/nologin jjakkekeyserver
-```
-
 ###  Create the config file
 ```
 cp keyserver.conf.example keyserver.conf
+vim keyserver.conf
+chmod 600 keyserver.conf  # this file has secrets
 ```
 
 ### Create relevant details for the database.
@@ -84,23 +90,21 @@ jjakkekeyserverdb=# grant all privileges on schema public to jjakkekeyserver;
 jjakkekeyserverdb=# exit
 ```
 
-### Caveats
+## Caveats
 #### config file
 For some reason, hypnotoad (or morbo) lacks a 'config' flag and there isn't a way to set it as far as I can tell (even in program (for now)).  What I do know is that it looks for keyserver.conf somewhere, most likely working directory, but maybe the directory the program itself is in.
 
-#### Usage of 'lib'
+### Usage of 'lib'
 I used `use lib qw(lib)` in my program, which means the working directory has have 'lib/KeyData.pm' in it, or be manually installed somewhere (really not recommended).  Basically the directory keyserver program resides in.
 
 I will add a dedicated installer for this, later.  KeyData.pm is useful.
 
-
-### Start Program
+## Start Program
 ```
 sudo -u jjakkekeyserver hypnotoad -f ./keyserver; # -f = starts in foreground
 ```
 
-
-### Proxy
+## Proxy
 It's a good idea to proxy this program behind another dedicated program that listens on relevant ports: no TLS, 11371 and 80; with TLS, 11372 and 443.
 
 ## Usage
@@ -114,7 +118,6 @@ gpg --keyserver hkp(s)://hostname --recv-keys <keyid>
 ### Web browser
 http(s)://hostname
 
-
 ## SystemD
 
 Make sure the service file actually makes sense for your use case; unless you've followed the guide in this README, it most certainly does not.

jjakkekeyserver.service

@@ -4,10 +4,10 @@ After=network.target
 
 [Service]
 User=jjakkekeyserver
-WorkingDirectory=/var/jjakkekeyserver/keyserver
-ExecStart=/var/jjakkekeyserver/perl5/perlbrew/perls/perl-5.40.0/bin/hypnotoad -f /var/jjakkekeyserver/keyserver/keyserver
-Environment=PERL5LIB=/var/jjakkekeyserver/perl5/lib/perl5
-Environment=PATH=/var/jjakkekeyserver/perl5/perlbrew/bin:/var/jjakkekeyserver/perl5/perlbrew/perls/perl-5.40.0/bin:$PATH
+WorkingDirectory=/var/lib/jjakkekeyserver/keyserver
+ExecStart=/var/lib/jjakkekeyserver/perl5/perlbrew/perls/perl-5.40.0/bin/hypnotoad -f /var/lib/jjakkekeyserver/keyserver/keyserver
+Environment=PERL5LIB=/var/lib/jjakkekeyserver/perl5/lib/perl5
+Environment=PATH=/var/lib/jjakkekeyserver/perl5/perlbrew/bin:/var/lib/jjakkekeyserver/perl5/perlbrew/perls/perl-5.40.0/bin:$PATH
 Restart=always
 RestartSec=5
 

keyserver.conf.example

@@ -4,7 +4,7 @@
 			'http://127.0.0.1:8080'
 		],
 		pid_file => './jjakkekeyserver.pid',
-		workers => 6
+		workers => 1  # you're unlikely to need more
 	},
 	pguser => 'jjakkekeyserver',
 	pgpass => 'password',