Korbs revised this gist . Go to revision
1 file changed, 59 insertions
README.md(file created)
| @@ -0,0 +1,59 @@ | |||
| 1 | + | # SudoVanilla Ark and Commit Signing | |
| 2 | + | Sign commits when pushing to SudoVanilla Ark and other Forgejo/Gitea instances. | |
| 3 | + | ||
| 4 | + | ## Generate SSH Key | |
| 5 | + | Generate a new SSH key using the `ssh-keygen` key. We'll name it `ark` so we know in the future that this key is used for SudoVanilla Ark or whatever you originally planned to use it for. | |
| 6 | + | ||
| 7 | + | Run: | |
| 8 | + | ```bash | |
| 9 | + | ssh-keygen -o -f ~/.ssh/ark -a 100 -b 4096 -C "KeyName" | |
| 10 | + | ``` | |
| 11 | + | ||
| 12 | + | > Keep the `passphrase` blank. | |
| 13 | + | ||
| 14 | + | > The `KeyName` can be whatever you want it to be. I usually set it as the device's name or related, so I would use something like `Framework-laptop-20241217` sometimes, with date included. | |
| 15 | + | ||
| 16 | + | The files should of been generated to the following: | |
| 17 | + | - Identification: `~/.ssh/ark` | |
| 18 | + | - Public Key: `~/.ssh/ark.pub` | |
| 19 | + | ||
| 20 | + | ## Setup Git | |
| 21 | + | Setup Git to match the username and email you use on SudoVanilla Ark: | |
| 22 | + | ```bash | |
| 23 | + | git config --global user.email "korbs@sudovanilla.org" | |
| 24 | + | git config --global user.name "Korbs" | |
| 25 | + | ``` | |
| 26 | + | ||
| 27 | + | > Remove `--global` if you want to set this per repository. If so, run the commands within the repository. | |
| 28 | + | ||
| 29 | + | Then, setup Git to use SSH to sign each commit: | |
| 30 | + | ```bash | |
| 31 | + | git config --global commit.gpgsign true | |
| 32 | + | git config --global gpg.format ssh | |
| 33 | + | git config --global user.signingkey ~/.ssh/ark | |
| 34 | + | ``` | |
| 35 | + | ||
| 36 | + | ## Add SSH Key to SudoVanilla Ark | |
| 37 | + | Go to your [Keys settings](https://ark.sudovanilla.org/user/settings/keys) and click "Add Key" for SSH Keys. | |
| 38 | + | ||
| 39 | + | After running the `cat` command, use the output and insert it into the "Content" box. The "Key name" box will be auto-filled, but you can still change it if you want to. | |
| 40 | + | ```bash | |
| 41 | + | cat ~/.ssh/ark.pub | |
| 42 | + | ``` | |
| 43 | + | ||
| 44 | + | Now you need to verify the key in the Keys settings of your account, click "Verify". | |
| 45 | + | ||
| 46 | + | Following the on-screen instructions, you'll need to run the following: | |
| 47 | + | ```bash | |
| 48 | + | echo -n 'TOKEN_HERE' | ssh-keygen -Y sign -n gitea -f ~/.ssh/ark | |
| 49 | + | ``` | |
| 50 | + | ||
| 51 | + | > A token is generated for you already in the on-screen instructions, no need to generate one manually. | |
| 52 | + | ||
| 53 | + | > `gitea` is required, don't change it. | |
| 54 | + | ||
| 55 | + | Insert the SSH signanture into the settings and click "Verify". If done correctly, a green message should appear at the top of the page saying it has been verified. | |
| 56 | + | ||
| 57 | + | ## Completed | |
| 58 | + | ||
| 59 | + | That's it. Next time you use commit, it is signed automatically. When you push, you can see a green lock icon indicating that the commit you pushed was successfully signed. | |
Newer
Older