diff options
| author | Matt Rude <[email protected]> | 2020-01-05 03:34:34 +0000 |
|---|---|---|
| committer | Matt Rude <[email protected]> | 2020-01-05 03:34:34 +0000 |
| commit | 07e713d028da9bd877bd7b260ea6df99e3eb4ec7 (patch) | |
| tree | ef31938efcd18307a61f81fc388e93169e4ab5da | |
| parent | 5a98b11b1109acfcea461c3ee799aed2c7ef5dda (diff) | |
| parent | d807a5d85698b0753ca8f875cb9c2ca304d4232e (diff) | |
| download | pgpkeyserver-07e713d028da9bd877bd7b260ea6df99e3eb4ec7.tar.gz pgpkeyserver-07e713d028da9bd877bd7b260ea6df99e3eb4ec7.tar.bz2 pgpkeyserver-07e713d028da9bd877bd7b260ea6df99e3eb4ec7.zip | |
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | _config.yml | 3 | ||||
| -rw-r--r-- | _includes/header.html | 7 | ||||
| -rw-r--r-- | _includes/toc.html | 96 | ||||
| -rw-r--r-- | _layouts/default.html | 4 | ||||
| -rw-r--r-- | _layouts/docs.html | 14 | ||||
| -rw-r--r-- | _sass/pks.scss (renamed from assets/css/pks.css) | 85 | ||||
| -rw-r--r-- | _sass/site.scss (renamed from assets/css/small.less) | 69 | ||||
| -rw-r--r-- | assets/css/main.less | 8 | ||||
| -rw-r--r-- | assets/css/main.scss | 6 | ||||
| -rw-r--r-- | assets/css/pks.min.css | 1 | ||||
| -rw-r--r-- | assets/css/pks.scss | 6 | ||||
| -rw-r--r-- | assets/css/site.less | 33 | ||||
| -rw-r--r-- | assets/css/syntax.css | 196 | ||||
| -rw-r--r-- | assets/css/syntax.less | 196 | ||||
| -rw-r--r-- | doc/building-server.md | 1 | ||||
| -rw-r--r-- | doc/web-key-directory.md | 174 |
17 files changed, 366 insertions, 534 deletions
@@ -1,4 +1,5 @@ Gemfile.lock _site/ .jekyll-cache/ +.sass-cache .DS_Store diff --git a/_config.yml b/_config.yml index ed580a8..1e679e0 100644 --- a/_config.yml +++ b/_config.yml @@ -1,7 +1,7 @@ # Site settings title: OpenPGP Keyserver email: [email protected] -description: "" +description: "A SKS OpenPGP Keyserver" url: "https://keyserver.mattrude.com" name: "keyserver.mattrude.com" baseurl: "" @@ -23,7 +23,6 @@ google_analytics_id: UA-9532791-9 # Build settings markdown: kramdown -#permalink: pretty permalink: /changelog/:year-:month-:day-:title/ highlighter: rouge date: YYYY-MM-DD HH:MM diff --git a/_includes/header.html b/_includes/header.html index 81d8065..feba463 100644 --- a/_includes/header.html +++ b/_includes/header.html @@ -2,10 +2,9 @@ <head> <meta charset="utf-8"> <title>{% if page.title %}{{ page.title }} - {{ site.title }}{% else %}{{ site.title }}{% endif %}</title> - {% if page.description %}<meta name="description" content="{{ page.description }}">{% else %}{% endif %} - {% if page.tags %}<meta name="keywords" content="{{ page.tags }}">{% else %}{% endif %} + {% if page.description %}<meta name="description" content="{{ page.description }}">{% else %}<meta name="description" content="{{ site.description }}">{% endif %} + {% if page.tags %}<meta name="keywords" content="{{ page.tags }}">{% endif %} <meta name="viewport" content="width=device-width"> - <meta name="description" content="{{ site.description }}"> {% if page.url != '/nginx-before.txt' %} <link rel="canonical" href="{{ page.url | replace:'index.html','' | prepend: site.url }}"> {% endif %} @@ -15,6 +14,6 @@ {% if page.url contains "/graphs/" %} <meta http-equiv="refresh" content="300" /> {% endif %} - <link rel="stylesheet" href="/assets/css/main.css"> + <link rel="stylesheet" href="{{ '/assets/css/main.css' | prepend: site.url }}"> </head> <body data-spy="scroll" data-target=".navbar" data-offset="70"> diff --git a/_includes/toc.html b/_includes/toc.html new file mode 100644 index 0000000..67bbdd2 --- /dev/null +++ b/_includes/toc.html @@ -0,0 +1,96 @@ +{% capture tocWorkspace %} + {% comment %} + Version 1.0.8 + https://github.com/allejo/jekyll-toc + + "...like all things liquid - where there's a will, and ~36 hours to spare, there's usually a/some way" ~jaybe + + Usage: + {% include toc.html html=content sanitize=true class="inline_toc" id="my_toc" h_min=2 h_max=3 %} + + Parameters: + * html (string) - the HTML of compiled markdown generated by kramdown in Jekyll + + Optional Parameters: + * sanitize (bool) : false - when set to true, the headers will be stripped of any HTML in the TOC + * class (string) : '' - a CSS class assigned to the TOC + * id (string) : '' - an ID to assigned to the TOC + * h_min (int) : 1 - the minimum TOC header level to use; any header lower than this value will be ignored + * h_max (int) : 6 - the maximum TOC header level to use; any header greater than this value will be ignored + * ordered (bool) : false - when set to true, an ordered list will be outputted instead of an unordered list + * item_class (string) : '' - add custom class(es) for each list item; has support for '%level%' placeholder, which is the current heading level + * baseurl (string) : '' - add a base url to the TOC links for when your TOC is on another page than the actual content + * anchor_class (string) : '' - add custom class(es) for each anchor element + + Output: + An ordered or unordered list representing the table of contents of a markdown block. This snippet will only + generate the table of contents and will NOT output the markdown given to it + {% endcomment %} + + {% capture my_toc %}{% endcapture %} + {% assign orderedList = include.ordered | default: false %} + {% assign minHeader = include.h_min | default: 1 %} + {% assign maxHeader = include.h_max | default: 6 %} + {% assign nodes = include.html | split: '<h' %} + {% assign firstHeader = true %} + + {% capture listModifier %}{% if orderedList %}1.{% else %}-{% endif %}{% endcapture %} + + {% for node in nodes %} + {% if node == "" %} + {% continue %} + {% endif %} + + {% assign headerLevel = node | replace: '"', '' | slice: 0, 1 | times: 1 %} + + {% if headerLevel < minHeader or headerLevel > maxHeader %} + {% continue %} + {% endif %} + + {% if firstHeader %} + {% assign firstHeader = false %} + {% assign minHeader = headerLevel %} + {% endif %} + + {% assign indentAmount = headerLevel | minus: minHeader | add: 1 %} + {% assign _workspace = node | split: '</h' %} + + {% assign _idWorkspace = _workspace[0] | split: 'id="' %} + {% assign _idWorkspace = _idWorkspace[1] | split: '"' %} + {% assign html_id = _idWorkspace[0] %} + + {% assign _classWorkspace = _workspace[0] | split: 'class="' %} + {% assign _classWorkspace = _classWorkspace[1] | split: '"' %} + {% assign html_class = _classWorkspace[0] %} + + {% if html_class contains "no_toc" %} + {% continue %} + {% endif %} + + {% capture _hAttrToStrip %}{{ _workspace[0] | split: '>' | first }}>{% endcapture %} + {% assign header = _workspace[0] | replace: _hAttrToStrip, '' %} + + {% assign space = '' %} + {% for i in (1..indentAmount) %} + {% assign space = space | prepend: ' ' %} + {% endfor %} + + {% unless include.item_class == blank %} + {% capture listItemClass %}{:.{{ include.item_class | replace: '%level%', headerLevel }}}{% endcapture %} + {% endunless %} + + {% capture heading_body %}{% if include.sanitize %}{{ header | strip_html }}{% else %}{{ header }}{% endif %}{% endcapture %} + {% capture my_toc %}{{ my_toc }} +{{ space }}{{ listModifier }} {{ listItemClass }} [{{ heading_body | replace: "|", "\|" }}]({% if include.baseurl %}{{ include.baseurl }}{% endif %}#{{ html_id }}){% if include.anchor_class %}{:.{{ include.anchor_class }}}{% endif %}{% endcapture %} + {% endfor %} + + {% if include.class %} + {% capture my_toc %}{:.{{ include.class }}} +{{ my_toc | lstrip }}{% endcapture %} + {% endif %} + + {% if include.id %} + {% capture my_toc %}{: #{{ include.id }}} +{{ my_toc | lstrip }}{% endcapture %} + {% endif %} +{% endcapture %}{% assign tocWorkspace = '' %}{{ my_toc | markdownify | strip }}
\ No newline at end of file diff --git a/_layouts/default.html b/_layouts/default.html index 9b69824..808164f 100644 --- a/_layouts/default.html +++ b/_layouts/default.html @@ -2,7 +2,7 @@ {% include header.html %} {% include menu.html %} {% include title.html %} -<div class="container"> - {{ content }} +<div id="guide" class="container"> + {{ content }} </div> {% include footer.html %} diff --git a/_layouts/docs.html b/_layouts/docs.html new file mode 100644 index 0000000..510b5b6 --- /dev/null +++ b/_layouts/docs.html @@ -0,0 +1,14 @@ +<!DOCTYPE html> +{% include header.html %} +{% include menu.html %} +{% include title.html %} +<div id="guide" class="container"> + {% if page.displaytitle %} + <h1>{{ page.displaytitle }}</h1> + {% endif %} + <div class="page-toc" style="float:right;"> + {% include toc.html html=content h_max=4 %} + </div> + {{ content }} +</div> +{% include footer.html %} diff --git a/assets/css/pks.css b/_sass/pks.scss index 9dd30f3..71213df 100644 --- a/assets/css/pks.css +++ b/_sass/pks.scss @@ -1,35 +1,35 @@ html { font-family: sans-serif; -webkit-text-size-adjust: 100%; - -ms-text-size-adjust: 100% + -ms-text-size-adjust: 100%; } body { - margin: 0 + margin: 0; } a { - background-color: transparent + background-color: transparent; } a:active,a:hover { - outline: 0 + outline: 0; } b,strong { - font-weight: 700 + font-weight: 700; } h1 { margin: .67em 0; - font-size: 2em + font-size: 2em; } hr { height: 0; -webkit-box-sizing: content-box; -moz-box-sizing: content-box; - box-sizing: content-box + box-sizing: content-box; } table { border-spacing: 0; - border-collapse: collapse + border-collapse: collapse; } td,th { @@ -39,18 +39,18 @@ td,th { * { -webkit-box-sizing: border-box; -moz-box-sizing: border-box; - box-sizing: border-box + box-sizing: border-box; } :after,:before { -webkit-box-sizing: border-box; -moz-box-sizing: border-box; - box-sizing: border-box + box-sizing: border-box; } html { font-size: 10px; - -webkit-tap-highlight-color: rgba(0,0,0,0) + -webkit-tap-highlight-color: rgba(0,0,0,0); } body { @@ -58,74 +58,59 @@ body { font-size: 14px; line-height: 1.42857143; color: #333; - background-color: #fff + background-color: #fff; } a { color: #337ab7; - text-decoration: none + text-decoration: none; } hr { margin-top: 20px; margin-bottom: 20px; border: 0; - border-top: 1px solid #eee + border-top: 1px solid #eee; } -.h1,.h2,.h3,.h4,.h5,.h6,h1,h2,h3,h4,h5,h6 { +h1,h2,h3 { font-family: inherit; font-weight: 500; line-height: 1.1; - color: inherit -} - -.h1,.h2,.h3,h1,h2,h3 { + color: inherit; margin-top: 20px; - margin-bottom: 10px -} - -.h1,h1 { - font-size: 36px -} - -.h2,h2 { - font-size: 30px + margin-bottom: 10px; } -.h3,h3 { - font-size: 24px -} - -.h4,h4 { - font-size: 18px +h1 { + font-size: 36px; } -.h5,h5 { - font-size: 14px +h2 { + font-size: 30px; } -.h6,h6 { - font-size: 12px +h3 { + font-size: 24px; } p { - margin: 0 0 10px + margin: 0 0 10px; } -.small,small { - font-size: 85% +small { + font-size: 85%; } -.text-center { - text-align: center -} .container { padding-right: 15px; padding-left: 15px; margin-right: auto; - margin-left: auto + margin-left: auto; + .text-center { + text-align: center; + } } .uid { color: green; text-decoration: underline; } @@ -133,29 +118,29 @@ p { @media(min-width: 768px) { .container { - width:750px + width:750px; } } @media(min-width: 992px) { .container { - width:970px + width:970px; } } @media(min-width: 1200px) { .container { - width:1170px + width:1170px; } } table { - background-color: transparent + background-color: transparent; } blockquote, pre { border:1px solid #999; - page-break-inside:avoid + page-break-inside:avoid; } code,kbd,pre,samp { diff --git a/assets/css/small.less b/_sass/site.scss index 5403b67..d694872 100644 --- a/assets/css/small.less +++ b/_sass/site.scss @@ -1,3 +1,71 @@ +@charset "utf-8"; +body { + max-width: 1160px; +} + +h2 { + small { + font-size:100%; + } +} + +#footer { + font-size: 80%; + border-top: 1px solid #CCC; + .container { + padding: 10px 0 10px 0; + } + p { + margin:0; + } +} + +.footer-left { + text-align: left; + float: left; + width: 49%; +} + +.footer-right { + display: block; + text-align: right; + float: right; + width: 49%; +} + +#guide { + h1 { + font-size: 2.6em; + } + h2 { + font-size: 2.2em; + } + h3 { + font-size: 2em; + } + h4 { + font-size: 1.8em; + } + h5 { + font-size: 1.6em; + } + h6 { + font-size: 1.4em; + } + h2,h3,h4 { + padding-top: 60px; + } + .page-toc { + padding-left: 15px; + padding-bottom: 15px; + ul { + padding-inline-start: 20px; + } + } +} + +// This is the small section + @media (max-width: 600px) { #form { &.submit { @@ -51,4 +119,3 @@ } } } - diff --git a/assets/css/main.less b/assets/css/main.less deleted file mode 100644 index baef032..0000000 --- a/assets/css/main.less +++ /dev/null @@ -1,8 +0,0 @@ -// Import the main site less file -@import "site.less"; - -// Import the syntax.less content for Highlighting code snippets -@import "syntax.less"; - -// Import the small.less content for small screen display -@import "small.less"; diff --git a/assets/css/main.scss b/assets/css/main.scss new file mode 100644 index 0000000..6d1d94c --- /dev/null +++ b/assets/css/main.scss @@ -0,0 +1,6 @@ +--- +# this ensures Jekyll reads the file to be transformed into CSS later +# only Main files contain this front matter, not partials. +--- + +@import "site"; diff --git a/assets/css/pks.min.css b/assets/css/pks.min.css deleted file mode 100644 index f4b3522..0000000 --- a/assets/css/pks.min.css +++ /dev/null @@ -1 +0,0 @@ -html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}a{background-color:transparent}a:active,a:hover{outline:0}b,strong{font-weight:700}h1{margin:.67em 0;font-size:2em}hr{height:0;-webkit-box-sizing:content-box;-moz-box-sizing:content-box;box-sizing:content-box}table{border-spacing:0;border-collapse:collapse}td,th{padding:5px}*{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}:after,:before{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}html{font-size:10px;-webkit-tap-highlight-color:rgba(0,0,0,0)}body{font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:14px;line-height:1.42857143;color:#333;background-color:#fff}a{color:#337ab7;text-decoration:none}hr{margin-top:20px;margin-bottom:20px;border:0;border-top:1px solid #eee}.h1,.h2,.h3,.h4,.h5,.h6,h1,h2,h3,h4,h5,h6{font-family:inherit;font-weight:500;line-height:1.1;color:inherit}.h1,.h2,.h3,h1,h2,h3{margin-top:20px;margin-bottom:10px}.h1,h1{font-size:36px}.h2,h2{font-size:30px}.h3,h3{font-size:24px}.h4,h4{font-size:18px}.h5,h5{font-size:14px}.h6,h6{font-size:12px}p{margin:0 0 10px}.small,small{font-size:85%}.text-center{text-align:center}.container{padding-right:15px;padding-left:15px;margin-right:auto;margin-left:auto}.uid{color:green;text-decoration:underline}.warn{color:red;font-weight:bold}@media(min-width:768px){.container{width:750px}}@media(min-width:992px){.container{width:970px}}@media(min-width:1200px){.container{width:1170px}}table{background-color:transparent}blockquote,pre{border:1px solid #999;page-break-inside:avoid}code,kbd,pre,samp{font-family:monospace,monospace;font-size:1em;padding:5px;background-color:lightgray}pre{display:block;padding:9.5px;margin:0 0 10px;font-size:13px;line-height:1.42857143;color:#333;word-break:break-all;word-wrap:break-word;background-color:#f5f5f5;border:1px solid #ccc;border-radius:4px}
\ No newline at end of file diff --git a/assets/css/pks.scss b/assets/css/pks.scss new file mode 100644 index 0000000..9550ac2 --- /dev/null +++ b/assets/css/pks.scss @@ -0,0 +1,6 @@ +--- +# this ensures Jekyll reads the file to be transformed into CSS later +# only Main files contain this front matter, not partials. +--- + +@import "pks"; diff --git a/assets/css/site.less b/assets/css/site.less deleted file mode 100644 index 8a22bbc..0000000 --- a/assets/css/site.less +++ /dev/null @@ -1,33 +0,0 @@ -body { - max-width: 1160px; -} - -h2 { - small { - font-size:100%; - } -} - -#footer { - font-size: 80%; - border-top: 1px solid #CCC; - .container { - padding: 10px 0 10px 0; - } - p { - margin:0; - } -} - -.footer-left { - text-align: left; - float: left; - width: 49%; -} - -.footer-right { - display: block; - text-align: right; - float: right; - width: 49%; -} diff --git a/assets/css/syntax.css b/assets/css/syntax.css deleted file mode 100644 index 25c52f9..0000000 --- a/assets/css/syntax.css +++ /dev/null @@ -1,196 +0,0 @@ -/* Downloaded from: https://github.com/mojombo/tpw/blob/master/css/syntax.css */ -.highlight { - background: #ffffff; -} -.highlight .c { - color: blue; - font-weight: bold; -} -.highlight .err { - color: #a61717; - background-color: #e3d2d2; -} -.highlight .k { - font-weight: bold; -} -.highlight .o { - font-weight: bold; -} -.highlight .cm { - color: #999988; - font-style: italic; -} -.highlight .cp { - color: #999999; - font-weight: bold; -} -.highlight .c1 { - color: #999988; - font-style: italic; -} -.highlight .cs { - color: #999999; - font-weight: bold; - font-style: italic; -} -.highlight .gd { - color: #000000; - background-color: #ffdddd; -} -.highlight .gd .x { - color: #000000; - background-color: #ffaaaa; -} -.highlight .ge { - font-style: italic; -} -.highlight .gr { - color: #aa0000; -} -.highlight .gh { - color: #999999; -} -.highlight .gi { - color: #000000; - background-color: #ddffdd; -} -.highlight .gi .x { - color: #000000; - background-color: #aaffaa; -} -.highlight .go { - color: #888888; -} -.highlight .gp { - color: #555555; -} -.highlight .gs { - font-weight: bold; -} -.highlight .gu { - color: #aaaaaa; -} -.highlight .gt { - color: #aa0000; -} -.highlight .kc { - font-weight: bold; -} -.highlight .kd { - font-weight: bold; -} -.highlight .kp { - font-weight: bold; -} -.highlight .kr { - font-weight: bold; -} -.highlight .kt { - color: #445588; - font-weight: bold; -} -.highlight .m { - color: #009999; -} -.highlight .s { - color: #dd1144; -} -.highlight .na { - color: #008080; -} -.highlight .nb { - color: #0086b3; -} -.highlight .nc { - color: #445588; - font-weight: bold; -} -.highlight .no { - color: #008080; -} -.highlight .ni { - color: #800080; -} -.highlight .ne { - color: #990000; - font-weight: bold; -} -.highlight .nf { - color: #990000; - font-weight: bold; -} -.highlight .nn { - color: #555555; -} -.highlight .nt { - color: #000080; -} -.highlight .nv { - color: #008080; -} -.highlight .ow { - font-weight: bold; -} -.highlight .w { - color: #bbbbbb; -} -.highlight .mf { - color: #009999; -} -.highlight .mh { - color: #009999; -} -.highlight .mi { - color: #009999; -} -.highlight .mo { - color: #009999; -} -.highlight .sb { - color: #dd1144; -} -.highlight .sc { - color: #dd1144; -} -.highlight .sd { - color: #dd1144; -} -.highlight .s2 { - color: #dd1144; -} -.highlight .se { - color: #dd1144; -} -.highlight .sh { - color: #dd1144; -} -.highlight .si { - color: #dd1144; -} -.highlight .sx { - color: #dd1144; -} -.highlight .sr { - color: #009926; -} -.highlight .s1 { - color: #dd1144; -} -.highlight .ss { - color: #990073; -} -.highlight .bp { - color: #999999; -} -.highlight .vc { - color: #008080; -} -.highlight .vg { - color: #008080; -} -.highlight .vi { - color: #008080; -} -.highlight .il { - color: #009999; -} diff --git a/assets/css/syntax.less b/assets/css/syntax.less deleted file mode 100644 index 25c52f9..0000000 --- a/assets/css/syntax.less +++ /dev/null @@ -1,196 +0,0 @@ -/* Downloaded from: https://github.com/mojombo/tpw/blob/master/css/syntax.css */ -.highlight { - background: #ffffff; -} -.highlight .c { - color: blue; - font-weight: bold; -} -.highlight .err { - color: #a61717; - background-color: #e3d2d2; -} -.highlight .k { - font-weight: bold; -} -.highlight .o { - font-weight: bold; -} -.highlight .cm { - color: #999988; - font-style: italic; -} -.highlight .cp { - color: #999999; - font-weight: bold; -} -.highlight .c1 { - color: #999988; - font-style: italic; -} -.highlight .cs { - color: #999999; - font-weight: bold; - font-style: italic; -} -.highlight .gd { - color: #000000; - background-color: #ffdddd; -} -.highlight .gd .x { - color: #000000; - background-color: #ffaaaa; -} -.highlight .ge { - font-style: italic; -} -.highlight .gr { - color: #aa0000; -} -.highlight .gh { - color: #999999; -} -.highlight .gi { - color: #000000; - background-color: #ddffdd; -} -.highlight .gi .x { - color: #000000; - background-color: #aaffaa; -} -.highlight .go { - color: #888888; -} -.highlight .gp { - color: #555555; -} -.highlight .gs { - font-weight: bold; -} -.highlight .gu { - color: #aaaaaa; -} -.highlight .gt { - color: #aa0000; -} -.highlight .kc { - font-weight: bold; -} -.highlight .kd { - font-weight: bold; -} -.highlight .kp { - font-weight: bold; -} -.highlight .kr { - font-weight: bold; -} -.highlight .kt { - color: #445588; - font-weight: bold; -} -.highlight .m { - color: #009999; -} -.highlight .s { - color: #dd1144; -} -.highlight .na { - color: #008080; -} -.highlight .nb { - color: #0086b3; -} -.highlight .nc { - color: #445588; - font-weight: bold; -} -.highlight .no { - color: #008080; -} -.highlight .ni { - color: #800080; -} -.highlight .ne { - color: #990000; - font-weight: bold; -} -.highlight .nf { - color: #990000; - font-weight: bold; -} -.highlight .nn { - color: #555555; -} -.highlight .nt { - color: #000080; -} -.highlight .nv { - color: #008080; -} -.highlight .ow { - font-weight: bold; -} -.highlight .w { - color: #bbbbbb; -} -.highlight .mf { - color: #009999; -} -.highlight .mh { - color: #009999; -} -.highlight .mi { - color: #009999; -} -.highlight .mo { - color: #009999; -} -.highlight .sb { - color: #dd1144; -} -.highlight .sc { - color: #dd1144; -} -.highlight .sd { - color: #dd1144; -} -.highlight .s2 { - color: #dd1144; -} -.highlight .se { - color: #dd1144; -} -.highlight .sh { - color: #dd1144; -} -.highlight .si { - color: #dd1144; -} -.highlight .sx { - color: #dd1144; -} -.highlight .sr { - color: #009926; -} -.highlight .s1 { - color: #dd1144; -} -.highlight .ss { - color: #990073; -} -.highlight .bp { - color: #999999; -} -.highlight .vc { - color: #008080; -} -.highlight .vg { - color: #008080; -} -.highlight .vi { - color: #008080; -} -.highlight .il { - color: #009999; -} diff --git a/doc/building-server.md b/doc/building-server.md index d91f826..6f6828f 100644 --- a/doc/building-server.md +++ b/doc/building-server.md @@ -1,6 +1,7 @@ --- layout: default title: Building a PGP SKS Keyserver +displaytitle: Building a PGP SKS Keyserver permalink: /guides/building-server/ --- diff --git a/doc/web-key-directory.md b/doc/web-key-directory.md index 367445d..fadff21 100644 --- a/doc/web-key-directory.md +++ b/doc/web-key-directory.md @@ -1,32 +1,40 @@ --- -layout: default -title: Publish A Public PGP Key via HTTPS: Web Key Directory (WKD) +layout: docs +title: Publishing A Public Key via Web Key Directory (WKD) +displaytitle: Publishing A Public Key via WKD: <small>Web Key Directory</small> permalink: /guides/web-key-directory/ -description: Web Key Directory (WKD) allows you to publish your OpenPGP key on your HTTPS server -tags: wkd, Web Key Directory, pgp, gpg, GnuPG +description: Web Key Directory (WKD) allows you to publish your OpenPGP key on your HTTPS server in way other peoples email clients can easily find. redirect_from: - /web-key-directory/ - /wkd/ --- -## Publishing A Public PGP Key via HTTPS: <small>Web Key Directory (WKD)</small> +This document describes how to setup GnuPG Web Key Directory for an OpenPGP key. + +An OpenPGP Web Key Directory is a method for users to discover the public key of a new contact. The user requests the public key from the contacts organization maintains. This differs from a [Key Server]() where a the user looks up a key on a 3rd party server, the server provides all keys that match requested address and the user must determine which key to use. This practice bears the problem that the key-servers are not able to give a positive confirmation that a key actually belongs to the mail addresses given in the key. Further, there are often several keys matching a mail address and thus one needs to pick a key on good luck. + +GnuPG has a new key discovery scheme - Web Key Directory. Compared to previous schemes that relied on DNS, WKD can be easily deployed on any HTTPS server. -<div class="alert alert-warning"> - <strong>Notice!</strong> +<div class="alert alert-warning" style="display:flex;"> + <strong style="padding-right:5px;">Notice!</strong> WKD lookup is implemented in GnuPG since v2.1.12. It is enabled by default since 2.1.23. </div> -This document describes how to setup GnuPG Web Key Directory for an OpenPGP key. +## Building a Web Key Directory Service -An OpenPGP Web Key Directory is a method for users to discover the public key of a new contact. The user requests the public key from the contacts organization maintains. This differs from a [Key Server]() where a the user looks up a key on a 3rd party server, the server provides all keys that match requested address and the user must determine which key to use. This practice bears the problem that the key-servers are not able to give a positive confirmation that a key actually belongs to the mail addresses given in the key. Further, there are often several keys matching a mail address and thus one needs to pick a key on good luck. +Web Key Directory is simply a lookup scheme that relies on HTTPS and correctly placed files on a web server. No other software is required to run on the web server. -GnuPG has a new key discovery scheme - Web Key Directory. Compared to previous schemes that relied on DNS, WKD can be easily deployed on any HTTPS server. +There are two methods of key discovery described in network working group specification [section 3.1 (Key Discovery)](https://tools.ietf.org/html/draft-koch-openpgp-webkey-service#section-3.1), the basic method and the advanced method. + +These two methods are fundamentally the same. -Web Key Directory is simply a lookup scheme that relies on HTTPS and correctly placed files on your web server. No other software is required to run on the web server. +The <b>Basic</b> method uses the domain address <code>https://example.com</code> while the <b>Advanced</b> method uses domain address like <code>https://openpgpkey.example.com</code>. -## Building the Web Key Directory Service +### Method 1: Basic WKD Service -### Setting up the File System +The basic method stories the public keys under the main domain name (ie. example.com), opposed to the advanced method that stores the keys under unique domain name (openpgpkey.example.com). All requests must be made via a TLS channel (https://). + +#### Setting up the File System Once complete the key/file must be accessible via a special URL constructed by appending `https://`, user domain, `/.well-known/openpgpkey/hu/` and a hash value. @@ -36,11 +44,15 @@ So you must create the directory `.well-known/openpgpkey/hu/` inside the root of For example, if you use the default Ubuntu config, you may simply run the following command. -<pre>mkdir -p /var/www/html/.well-known/openpgpkey/hu</pre> +<pre>$ mkdir -p /var/www/html/.well-known/openpgpkey/hu</pre> + +After you have created the WKD directory, you need to create a policy file. This file tells clients how your WKD service works. Since we are creating a default setup, the file should be empty, so you can may just run. -### Setting up the Web Server +<pre>$ touch /var/www/html/.well-known/openpgpkey/policy</pre> -#### On Nginx +#### Setting up the Web Server + +**On Nginx** <pre> location ^~ /.well-known/openpgpkey { @@ -49,35 +61,33 @@ For example, if you use the default Ubuntu config, you may simply run the follow } </pre> -#### On Apache +**On Apache** <pre> <Directory "/.well-known/openpgpkey"> - <IfModule mod_headers.c> + $gt;IfModule mod_headers.c> Header set Access-Control-Allow-Origin "*" - </IfModule> + $gt;/IfModule> </Directory> </pre> -#### On Lighttpd - -<pre>setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )</pre> +**On Lighttpd** -## Building a Single Public Key File +<pre> setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )</pre> -### Finding the hash to create the name with +#### Finding the local-part hash After you have created the needed directories, you next need to find the hash of the UID you are going to use. The simplest way of doing that is via the `--with-wkd` option. -<pre> -$ gpg --list-keys --with-wkd 0xDD23BF73 -pub rsa4096 2014-06-21 [SCEA] - AE7384272B91AD635902320B27143AFFDD23BF73 -uid [ unknown] Matt Rude <[email protected]> +<pre> $ gpg --list-keys --with-wkd 0x94c32ac158aea35c +pub ed25519 2019-03-05 [SC] [expires: 2024-03-03] + 1B9910529DF4FE1FE3C6B03794C32AC158AEA35C +uid [ultimate] Matt Rude <[email protected]> <strong>d6tq6t4iirtg3qpyw1nyzsr5nsfcqrht</strong>@mattrude.com +sub cv25519 2019-03-05 [E] [expires: 2024-03-03] </pre> -### Create the file +#### Creating the WKD file Now that you have UID hash, you are ready to go. @@ -85,13 +95,82 @@ All you need to do is export your public key **binary** (not ASCII armored) file So assuming that the root of your webserver is at `/var/www/html/`, you will run the following command. -<pre>$ gpg --export 0xDD23BF73 > /var/www/html/.well-known/openpgpkey/hu/d6tq6t4iirtg3qpyw1nyzsr5nsfcqrht</pre> +<pre>$ gpg --export 0x94c32ac158aea35c > /var/www/html/.well-known/openpgpkey/hu/d6tq6t4iirtg3qpyw1nyzsr5nsfcqrht</pre> + +For that key the full URL is: <code>https://mattrude.com/.well-known/openpgpkey/hu/d6tq6t4iirtg3qpyw1nyzsr5nsfcqrht</code> + +### Method 2: Advanced WKD Service -For that key the full URL is: +The Advanced method is basically the same as the basic method, but has a different URL and URI structure. -https://mattrude.com/.well-known/openpgpkey/hu/d6tq6t4iirtg3qpyw1nyzsr5nsfcqrht -## Building a Group of Public Key Files + +#### Setting up the File System + +Once complete the key/file must be accessible via a special URL constructed by appending `https://openpgpkey.<example.com>/.well-known/openpgpkey/<example.com>/hu/` and a hash value. + +For the key I will be using in this how-to the full URL should be: `https://openpgpkey.mattrude.com/.well-known/openpgpkey/mattrude.com/hu/d6tq6t4iirtg3qpyw1nyzsr5nsfcqrht` + +So you must create the directory `.well-known/openpgpkey/mattrude.com/hu/` inside the root of your html website. + +For example, if you use the default Ubuntu config, you may simply run the following command. + +<pre>$ mkdir -p /var/www/openpgpkey.mattrude.com/.well-known/openpgpkey/mattrude.com/hu</pre> + +After you have created the WKD directory, you need to create a policy file. This file tells clients how your WKD service works. Since we are creating a default setup, the file should be empty, so you can may just run. + +<pre>$ touch /var/www/openpgpkey.mattrude.com/.well-known/openpgpkey/mattrude.com/policy</pre> + +#### Setting up the Web Server + +**On Nginx** + +<pre> + location ^~ /.well-known/openpgpkey { + default_type "text/plain"; + add_header 'Access-Control-Allow-Origin' '*' always; + } +</pre> + +**On Apache** + +<pre> + <Directory "/.well-known/openpgpkey"> + <IfModule mod_headers.c> + Header set Access-Control-Allow-Origin "*" + </IfModule> + </Directory> +</pre> + +**On Lighttpd** + +<pre> setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )</pre> + +#### Finding the local-part hash + +After you have created the needed directories, you next need to find the hash of the UID you are going to use. The simplest way of doing that is via the `--with-wkd` option. + +<pre> $ gpg --list-keys --with-wkd 0x94c32ac158aea35c +pub ed25519 2019-03-05 [SC] [expires: 2024-03-03] + 1B9910529DF4FE1FE3C6B03794C32AC158AEA35C +uid [ultimate] Matt Rude <[email protected]> + <strong>d6tq6t4iirtg3qpyw1nyzsr5nsfcqrht</strong>@mattrude.com +sub cv25519 2019-03-05 [E] [expires: 2024-03-03] +</pre> + +#### Creating the WKD file + +Now that you have UID hash, you are ready to go. + +All you need to do is export your public key **binary** (not ASCII armored) file and place it as a correctly named file on your webserver. + +So assuming that the root of your openpgpkey webserver is at `/var/www/mattrude.com/`, you will run the following command. + +<pre>$ gpg --export 0x94c32ac158aea35c > /var/www/openpgpkey.mattrude.com/.well-known/openpgpkey/mattrude.com/hu/d6tq6t4iirtg3qpyw1nyzsr5nsfcqrht</pre> + +For that key the full URL is: <code>https://openpgpkey.mattrude.com/.well-known/openpgpkey/mattrude.com/hu/d6tq6t4iirtg3qpyw1nyzsr5nsfcqrht</code> + +### Method 3: Building a Group of Files Using the `generate-openpgpkey-hu` script, you can build your WKD from a GnuPG keyring you already have populated with keys. @@ -101,19 +180,22 @@ chmod 755 generate-openpgpkey-hu</pre> Once the script is downloaded and the permissions are set correctly, you are ready to start. - - ## Testing key discovery GnuPG can be instructed to force discovery of the key via WKD even if it is locally present: -<pre>$ gpg --auto-key-locate clear,wkd,nodefault --locate-key [email protected] -gpg: key 27143AFFDD23BF73: public key "Matt Rude <[email protected]>" imported +<pre>$ gpg -v --auto-key-locate clear,wkd,nodefault --locate-key [email protected] +gpg: using pgp trust model +gpg: pub ed25519/94C32AC158AEA35C 2019-03-05 Matt Rude <[email protected]> +gpg: key 94C32AC158AEA35C: public key "Matt Rude <[email protected]>" imported gpg: Total number processed: 1 gpg: imported: 1 -pub rsa4096 2014-06-21 [SCEA] - AE7384272B91AD635902320B27143AFFDD23BF73 +gpg: auto-key-locate found fingerprint 1B9910529DF4FE1FE3C6B03794C32AC158AEA35C +gpg: <strong>automatically retrieved '[email protected]' via WKD</strong> +pub ed25519 2019-03-05 [SC] [expires: 2024-03-03] + 1B9910529DF4FE1FE3C6B03794C32AC158AEA35C uid [ unknown] Matt Rude <[email protected]> +sub cv25519 2019-03-05 [E] [expires: 2024-03-03] </pre> If the key cannot be found via WKD or if it's in a wrong format (e.g. ASCII armored instead of binary) an error will be produced: @@ -122,7 +204,7 @@ If the key cannot be found via WKD or if it's in a wrong format (e.g. ASCII armo gpg: error retrieving '[email protected]' via WKD: No data </pre> -## Importing a key via WKD +**Importing a key via WKD** You may run the following command to import your key into your key ring. Just change **[email protected]** to the email address you wish to import. @@ -143,6 +225,16 @@ you may answer the next question with yes. Use this key anyway? (y/N) <strong>y</strong></pre> +## Web Key Service (WKS) + +The Web Key Service (WKS) is a method for end users to send their public key via email to the WKD server. + +The WKS stores a file the named `submission-address` inside the WKD folder structure. A users email client then checks for this file, downloads it, and should find an email address. The email client then check the WKD site for the public key of the submission address. Assuming it finds a public key, it downloads the public key, then sends the users public key to the submission address via an encrypted email. + +Once the WKS receives the message, it stores the public key in the `pending` folder and sends an encrypted email back to the users email asking for them to confirm the request. + +Once the user confirms the request, an email is sent back to the WKS service that process the confirmation and moves the public key from the pending folder to the `hu` folder. Once the public key is in the `hu` folder, other users may start downloading it via WKD. + ## Other WKD Resources * OpenPGP Web Key Directory [Network Working Group Specification](https://tools.ietf.org/html/draft-koch-openpgp-webkey-service) |