openpgpkey-control : WKD website content management
Phil Pennock
gnupg-devel at spodhuis.org
Sun Jan 12 00:18:01 CET 2020
I've just published something I've been using for a little while:
https://github.com/PennockTech/openpgpkey-control
I use WKD, but I don't use WKS. I want content of websites to be
redeployable, and tracked with revision history. The repo above manages
that for me. It should be something which anyone can fork, change the
content of config/, then use for their own sites.
It uses shell (bash), and Python3 in one place, for handling zbase32; it
has no dependencies upon any Python not in the standard library. (This
is why I hadn't published it before now, but I just broke out my
personal zbase32 library and included it in-repo; seems to work).
In the repo: bin/ and lib/ are static, while config/ has three very
simple control files. The content of keyrings/ and sites/ is managed by
the tools in bin/.
Update the keyids in config/keys and run bin/update-keyrings to pull in
keys from your external GnuPG keyring.
Run bin/update-sites to blow away and re-create the sites/ directory; it
uses config/keys and config/domains to control what gets created. It
needs Python (3) installed.
Run bin/deploy-sites to deploy websites; controlled by config/deploys;
at present, only the `rsync` mechanism is supported, it's all I've
needed. `rsync:delete` is used in practice, but leave off the `:delete`
until you're happy.
I just added exim.org to this setup. Having the repo be public should
be fine: there are no secret memberships in exim.org and the whole point
is to make PGP keys publicly available. The email addresses are all
obfuscated, either by being inside a PGP key, or via zbase32 encoding,
so it should be spammer-safe (until they start using PGP).
Regards,
-Phil
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 996 bytes
Desc: Digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20200111/2d8b626a/attachment.sig>
More information about the Gnupg-devel
mailing list