diff options
author | Varac <varac@leap.se> | 2018-03-20 20:39:08 +0100 |
---|---|---|
committer | Varac <varac@leap.se> | 2018-03-20 21:58:35 +0100 |
commit | 09031d90055e80c8101f06951b824f5c7fa96e14 (patch) | |
tree | 76ef2af702c559797c8f3187c89f704342d73651 /puppet/modules | |
parent | 712f0b0e23c15314ed60f72802e72bb3688d2c8c (diff) |
Bug: Directly deploy leap-archive keyrings
The leap-archive keyring expired March 8th 2018.
We updated it, and published updated installation
docs at https://bitmask.net/en/install/linux.
For jessie, we dont install the leap-archive-keyring
package anymore but directly deploy the keys to
apt's trusted keystore.
- Fixes: https://0xacab.org/leap/bitmask-dev/issues/9279
Diffstat (limited to 'puppet/modules')
-rw-r--r-- | puppet/modules/site_apt/files/keys/leap-archive.gpg | bin | 20188 -> 21915 bytes | |||
-rw-r--r-- | puppet/modules/site_apt/files/keys/leap-experimental-archive.gpg | bin | 3423 -> 5177 bytes | |||
-rw-r--r-- | puppet/modules/site_apt/manifests/leap_repo.pp | 14 |
3 files changed, 10 insertions, 4 deletions
diff --git a/puppet/modules/site_apt/files/keys/leap-archive.gpg b/puppet/modules/site_apt/files/keys/leap-archive.gpg Binary files differindex dd7f3be6..dc19f623 100644 --- a/puppet/modules/site_apt/files/keys/leap-archive.gpg +++ b/puppet/modules/site_apt/files/keys/leap-archive.gpg diff --git a/puppet/modules/site_apt/files/keys/leap-experimental-archive.gpg b/puppet/modules/site_apt/files/keys/leap-experimental-archive.gpg Binary files differindex 5cc9064b..19e6ba1f 100644 --- a/puppet/modules/site_apt/files/keys/leap-experimental-archive.gpg +++ b/puppet/modules/site_apt/files/keys/leap-experimental-archive.gpg diff --git a/puppet/modules/site_apt/manifests/leap_repo.pp b/puppet/modules/site_apt/manifests/leap_repo.pp index 1e18b441..d3ab463d 100644 --- a/puppet/modules/site_apt/manifests/leap_repo.pp +++ b/puppet/modules/site_apt/manifests/leap_repo.pp @@ -21,13 +21,19 @@ class site_apt::leap_repo { } } + file { + '/etc/apt/trusted.gpg.d/leap-archive.gpg': + ensure => present, + source => 'puppet:///modules/site_apt/keys/leap-archive.gpg'; + '/etc/apt/trusted.gpg.d/leap-experimental-archive.gpg': + ensure => present, + source => 'puppet:///modules/site_apt/keys/leap-experimental-archive.gpg' + } + + apt::sources_list { 'leap.list': content => "deb [signed-by=${archive_key}] ${::site_apt::apt_url_platform_basic} ${::site_apt::apt_platform_component} ${::site_apt::apt_platform_codename}\n", before => Exec[refresh_apt] } - package { 'leap-archive-keyring': - ensure => latest - } - } |