From 5f4d894a82dfd15dd1b66b7f7bd63c13d9687ac2 Mon Sep 17 00:00:00 2001
From: Antoine Beaupre <anarcat@koumbit.org>
Date: Wed, 24 Jun 2009 14:14:18 -0400
Subject: create the gnupg signature in key.asc so people can import. also put
 our README there

---
 files/README.txt  | 36 ++++++++++++++++++++++++++++++++++++
 manifests/init.pp | 15 ++++++++++++---
 2 files changed, 48 insertions(+), 3 deletions(-)
 create mode 100644 files/README.txt

diff --git a/files/README.txt b/files/README.txt
new file mode 100644
index 0000000..1cc3699
--- /dev/null
+++ b/files/README.txt
@@ -0,0 +1,36 @@
+Introduction
+============
+
+This is the Debian package repository of Koumbit. It is used for internal
+distribution of locally built packages not yet part of Debian. Feel free to use
+it for yourself, but it comes at no warranty, see http://wiki.koumbit.net/Beta
+for more information.
+
+How to use
+==========
+
+In your /etc/apt/source.list:
+
+deb http://debian.koumbit.net/debian lenny main
+deb-src http://debian.koumbit.net/debian lenny main
+
+"lenny", of course, can be replaced by your distribution. Know that we usually
+package straight for etch or lenny. Packages will likely not be available in
+squeeze or sid.
+
+Adding the archive key to your keyring
+--------------------------------------
+
+This archive self-signs packages uploaded to it (and packages uploaded are
+verified against a whitelist of trusted uploaders) using OpenPGP (GnuPG, to be
+more precise).
+
+The key of the archive is in the key.asc file above, and it is signed with
+another key you may be able to find a path to in key.asc.asc.
+
+So in short, you should add the key using something like this:
+
+wget http://debian.koumbit.net/debian/key.asc
+wget http://debian.koumbit.net/debian/key.asc.asc
+gpg -v key.asc.asc && apt-key add key.asc
+apt-get update
diff --git a/manifests/init.pp b/manifests/init.pp
index 1e4bd70..bf50770 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -69,9 +69,13 @@ class reprepro {
     mode => 0664, owner => root, group => reprepro,
     source => "puppet://$servername/reprepro/incoming";
 
-    "$basedir/index.html":
+    "$basedir/README.txt":
     mode => 0664, owner => root, group => reprepro,
-    source => "puppet://$servername/reprepro/index.html";
+    source => "puppet://$servername/reprepro/README.txt";
+
+    "$basedir/.gnupg":
+    mode => 750, owner => reprepro, group => root,
+    ensure => directory;
   }
 
   exec { "reprepro -b $basedir createsymlinks":
@@ -79,7 +83,12 @@ class reprepro {
     subscribe => File["$basedir/conf/distributions"],
     path => "/usr/bin:/bin",
   }
-  
+
+  exec { "gpg --export -a `gpg --with-colon --list-secret-keys | awk -F ':' '{ print $5 }' | head -1` > $basedir/key.asc":
+    creates => "$basedir/key.asc",
+    subscribe => File["$basedir/.gnupg"],
+  }
+
 # TODO: additional things this class could do
 # setup inotincoming cronjob
 # ensure it stays running
-- 
cgit v1.2.3