Skip to content

Commit

Permalink
chore: GPG note
Browse files Browse the repository at this point in the history
  • Loading branch information
@oklopfer
oklopfer authored Jan 9, 2025
1 parent 92f1d2d commit dbf5b32
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ sudo certbot --apache -d ppr.pacstall.dev
./scripts/creator.sh
```
Then, set the following repository secrets for GitHub Actions:
- generate an ssh keygen pair and set `SSH_USER`, `SSH_IP`, and `SSH_KEY`:
- Generate an ssh keygen pair and set `SSH_USER`, `SSH_IP`, and `SSH_KEY`:
- `SSH_USER` - the host user
- `SSH_IP` - the IP of the server
- `SSH_KEY` - the contents of the generated `ppr_ssh_key` file:
Expand All @@ -45,9 +45,14 @@ ssh-keygen -t ed25519 -C "github-actions@ppr" -f ppr_ssh_key < /dev/null
cat ppr_ssh_key.pub >> ~/.ssh/authorized_keys
```

- get the `keyid` from `ppr-public-key.asc` and set it to `GPG_KEY`:
- Get the `keyid` from `ppr-public-key.asc` and set it to `GPG_KEY`:
```bash
gpg --list-packets ppr-public-key.asc | awk '/keyid: / {print $2}'
gpg --list-packets server/ppr-public-key.asc | awk '/keyid: / {print $2}'
```

- On the server, import the private GPG key (get from maintainers):
```bash
gpg --import ppr-private-key.asc
```

If the GPG key ever needs to be regenerated:
Expand Down

0 comments on commit dbf5b32

Please sign in to comment.