diff options
| author | Lars Wirzenius <liw@liw.fi> | 2024-01-01 09:36:57 +0200 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2024-01-01 09:36:57 +0200 |
| commit | fb3a03e7be8e09e157b7cfb3e59e13d7b0222aa2 (patch) | |
| tree | b7ddbaf57586051bf3cda9e388478a8cb8c2159e | |
| parent | c5ce30c68d62c3b9b8cfc78085fd8e866810c1db (diff) | |
| download | ansibleness-fb3a03e7be8e09e157b7cfb3e59e13d7b0222aa2.tar.gz | |
apt.liw.fi: improve doc, switch to 2024 signing key
Signed-off-by: Lars Wirzenius <liw@liw.fi>
Sponsored-by: author
| -rw-r--r-- | ansible/apt.liw.fi.html | 35 | ||||
| -rw-r--r-- | ansible/apt.liw.fi.yml | 4 |
2 files changed, 29 insertions, 10 deletions
diff --git a/ansible/apt.liw.fi.html b/ansible/apt.liw.fi.html index b3480b2..bc9c7e4 100644 --- a/ansible/apt.liw.fi.html +++ b/ansible/apt.liw.fi.html @@ -10,17 +10,36 @@ <h1>apt.liw.fi</h1> <p>This is the personal APT repository - of <a href="https://liw.fi">Lars Wirzenius<a>. It contains - software packaged for the <a href="https://debian.org">Debian</a> - operating system as <code>.deb</code> packages. All software here - is free and open source software, but not guaranteed to work. + of <a href="https://liw.fi">Lars Wirzenius</a>. It contains free + and open source software packaged for + the <a href="https://debian.org">Debian</a> operating system + as <code>.deb</code> packages. </p> - <p>The repository is signed using the OpenPGP key with fingerprint - <code>A2F5 BB20 E85F 2C54 1F73 BBD7 B5AB F936 554B A3C6</code>, - which is not easily available at this time. This will be fixed - eventually, but until then, if you need the key, ask Lars directly. + <p>Repository signing keys are in + the <code>apt.liw.fi-keyring</code> package, in this repository. + Those keys in turn are signed by my personal key with + fingerprint <code>EA0B 7399 ECCF 9282 A74E F8F8 31DA 8032 081D + 901D</code>. You can get my key via WKD (using email address + <code>liw@liw.fi</code>), from various key servers, or from + my <a href="https://liw.fi/pgp">home page</a>. </p> + + <p>To add this repository to your APT sources lists, first install + the keyring package, and then create a file + <code>/etc/apt/sources.list.d/apt.liw.fi.list</code> with the + contents (or any other filename that ends in <code>.list</code>): + </p> + + <blockquote> +<code>deb [signed-by=/usr/share/keyrings/apt.liw.fi-keyring.pgp] http://apt.liw.fi/debian unstable main</code> + </blockquote> + + <p>This means the keyring package is only ever used for this + repository. After you've installed the keyring package, you'll get + any new keys for this repository automatically, as long as you + update it at least once a year.</p> + </article> </body> </html> diff --git a/ansible/apt.liw.fi.yml b/ansible/apt.liw.fi.yml index ea66aa1..b10912d 100644 --- a/ansible/apt.liw.fi.yml +++ b/ansible/apt.liw.fi.yml @@ -38,8 +38,8 @@ - codename: unstable description: builds for unstable apt_signing_key: "{{ lookup('pipe', 'pass show ick2/apt_key') }}" - apt_signing_key_pub: "{{ lookup('pipe', 'pass show ick2/apt_key.pub') }}" + apt_signing_key_pub: "{{ lookup('pipe', 'pass show apt.liw.fi-signing-key') }}" apt_signing_key_fingerprint: | - {{ lookup('pipe', 'pass show ick2/apt_key.pub | gpg --show-keys --with-colons | grep "^fpr:" | cut -d: -f10') }} + {{ lookup('pipe', 'pass show apt.liw.fi-signing-key | gpg --show-keys --with-colons | grep "^fpr:" | head -n1 | cut -d: -f10') }} apt_index_content: | {{ lookup('file', 'apt.liw.fi.html') }} |