op public repos

Commit Diff

Commit:: a08e0451ed4a17dd2d7eb4f24eb0a90d052d58b6
From:: Omar Polo <op@omarpolo.com>
Date:: Thu Jan 11 12:44:09 2024 UTC
Message:: other misc tweaks for the site
Actions:: Patch | Tree
commit - 89b564c31204b51a3cd000db07690038fe0c8d77
commit + a08e0451ed4a17dd2d7eb4f24eb0a90d052d58b6
blob - a280383ac9506a538b1dc2d8d630a6171414da5a
blob + f9db073724bdbcba78d2a64d9b9fcc8e558655f8
--- site/Makefile
+++ site/Makefile
@@ -20,9 +20,9 @@ REPOLOGY_BANNER =	https://repology.org/badge/vertical-
 REPOLOGY_URL =		https://repology.org/project/gmid/versions
 
 SUBST =		./subst GITHUB=https://github.com/omar-polo/gmid \
-			VERS=1.8.6 \
-			CURV=1.8 \
-			NEXTV=1.9 \
+			SITE=https://ftp.omarpolo.com \
+			VERS=2.0 \
+			PUBKEY=gmid-2.0.pub \
 			TREE=https://github.com/omar-polo/gmid/blob/master
 
 SUBST_GEM =	${SUBST} MANEXT=txt  EXT=gmi  REPOLOGY=${REPOLOGY_URL}
blob - 3cae2d50d7b8348c128c21f4eade569b7e46f92a
blob + 096332f7cd345e361e7081bb53e8955078c24ef5
--- site/index.gmi
+++ site/index.gmi
@@ -20,7 +20,7 @@ Some distros provide a package — thanks to the maint
 
 Otherwise, compile it from source: it’s easy and takes less than a minute on a raspberry pi 3
 
-=> GITHUB/releases/download/VERS/gmid-VERS.tar.gz	gmid-VERS.tar.gz
+=> SITE/gmid-VERS.tar.gz	gmid-VERS.tar.gz
 
 => https://git.omarpolo.com/?action=summary&path=gmid.git git repository
 => https://codeberg.org/op/gmid/		Codeberg mirror
@@ -35,7 +35,7 @@ The dependencies are:
 Once all the dependencies are installed, building is as easy as:
 
 ```Example of how to compile from source
-$ curl -LO GITHUB/releases/download/VERS/gmid-VERS.tar.gz
+$ curl -LO SITE/gmid-VERS.tar.gz
 $ tar xzvf gmid-VERS.tar.gz
 $ cd gmid-VERS
 $ ./configure
@@ -43,17 +43,21 @@ $ make
 $ sudo make install # eventually
 ```
 
-A SHA256 file is available.  However, it only checks for accidental corruption.  You can use signify (SHA256.sig and the public key gmid-CURV.pub) to cryptographically verify the downloaded tarball.  The signify public key for the next release ‘gmid-NEXTV.pub’ is also included.
+A SHA256 file is available.  However, it only checks for accidental corruption.  You can use signify (gmid-VERS.sha256.sig) and the public key PUBKEY to cryptographically verify the downloaded tarball.  The signify public key for the previous and the next release is included in the tarball.
 
-=> GITHUB/releases/download/VERS/SHA256		SHA256
-=> GITHUB/releases/download/VERS/SHA256.sig	SHA256.sig
+=> SITE/gmid-VERS.sha256	gmid-VERS.sha256
+=> SITE/gmid-VERS.sha25.sig	gmid-VERS.sha256.sig
 
-To verify the signatures with signify(1)
+To verify the signatures with signify(1):
 
 ```Example of how to verify the signature with signify
-% signify -C -p gmid-1.8.pub -x SHA256.sig
+% signify -C -p PUBKEY -x gmid-VERS.sha256.sig
 Signature Verified
 gmid-VERS.tar.gz: OK
-gmid-CURV.pub: OK
-gmid-NEXTV.pub: OK
 ```
+
+Git tags are signed with the following ssh key:
+
+```
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ0nD5I8BNVJknT87gnpLIJWK0fXTayDktQOlS38CGj4 op@omarpolo.com
+```