Added new post, Makefile include drafts, updated lastmod on other posts

2019-02-17 16:46:09 -05:00
parent 120f761f59
commit 58b1e85336
6 changed files with 105 additions and 6 deletions
--- a/2
+++ b/2
@@ -24,7 +24,7 @@ build:
 	$(DOCKER_RUN) ${DOCKER_IMAGE}
 run:
-	$(DOCKER_RUN) ${DOCKER_PORT} ${DOCKER_IMAGE} server --bind=0.0.0.0
+	$(DOCKER_RUN) ${DOCKER_PORT} ${DOCKER_IMAGE} server --bind=0.0.0.0 -D
 new:
 	$(DOCKER_RUN) ${DOCKER_IMAGE} new post/$(shell read -p "Post Name (i.e. my_post.md): " pn; echo $$pn)
--- a/content/post/aperture-study.md
+++ b/content/post/aperture-study.md
@@ -1,6 +1,7 @@
 ---
 title: "A Study in Aperture"
-date: 2019-01-16T22:32:33-05:00
+date: 2019-01-16
 lastmod: 2019-02-11
 categories: ["Blog"]
 tags: ["photography"]
 ---
--- a/content/post/archinstall.md
+++ b/content/post/archinstall.md
@@ -1,6 +1,7 @@
 ---
 title: "Installing ArchLinux with Full Disk Encryption (LUKS)"
-date: 2018-12-19T22:35:11-05:00
+date: 2018-12-19
 lastmod: 2019-01-29
 categories: ["Tutorial"]
 tags: ["linux"]
 ---
@@ -138,4 +139,3 @@ The reader may always consult manpages, the [Arch Wiki](https://wiki.archlinux.o
   # unmount -R /mnt
   # reboot
   ```
--- a/content/post/gpg_best_practices_and_git.md
+++ b/content/post/gpg_best_practices_and_git.md
@@ -0,0 +1,96 @@
 ---
 title: "GPG Best Practices (and Git)"
 date: 2019-02-17
 lastmod: 2019-02-17
 categories: ["Blog"]
 tags: ["linux"]
 ---
 I decided to start signing my Git commits for personal, and work Git
 repositories. Currently, most Git third-party services only support signing
 commits, but _do not_ support signing pushes. Regardless, it would still be
 considered good Currently, most Git third-party services only support **signing
 commits**, but _do not_ support signing pushes. Regardless, it would still be
 considered good practice to start signing commits. practice to start signing
 commits.
 <!--more-->
 That being said, I've added my public key to my
 [GitLab](https://gitlab.com/bdebyl), and set the global config to use my key,
 and sign all of my commits:
 ```bash
 git config --global user.signingKey ADAA54FC
 git config --global commit.gpgSign true
 ```
 _Note: I am using git version `2.20.1` in the above example._
 # Getting Started with OpenPGP
 It is recommended to read through the
 [Getting Started](https://www.gnupg.org/gph/en/manual/c14.html) on the official
 GnuPG website. However, I would **strongly** recommend using the `--full-gen-key`
 option in place of the `--gen-key`. This will allow you to specify additional
 details about your key, such as using a 4096-bit RSA key.
 # OpenPGP Keyserver Pool
 In addition to that, there came the addition of using the
 [SKS Keyserver Pool](https://sks-keyservers.net/overview-of-pools.php) for
 sending and receiving keys for OpenPGP. This can be done by obtaining the CA and
 verifying the signature on the
 [HKPS Pool Verification](https://sks-keyservers.net/verify_tls.php) page.
 ## Verification
 ```
 gpg --auto-key-retrieve --verify sks-keyservers.netCA.pem.asc sks-keyservers.netCA.pem
 ```
 The output received was as follows:
 ```
 gpg: Signature made Wed 30 Mar 2016 11:06:29 AM EDT
 gpg:                using RSA key 250B7AFED6379D85
 gpg: key 0B7F8B60E3EDFAE3: 1214 signatures not checked due to missing keys
 gpg: key 0B7F8B60E3EDFAE3: public key "Kristian Fiskerstrand <kristian.fiskerstrand@sumptuouscapital.com>" imported
 gpg: marginals needed: 3  completes needed: 1  trust model: pgp
    gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
 gpg: Total number processed: 1
 gpg:               imported: 1
 gpg: Good signature from "Kristian Fiskerstrand <kristian.fiskerstrand@sumptuouscapital.com>" [unknown]
 gpg:                 aka "Kristian Fiskerstrand <kf@gnupg.net>" [unknown]
 gpg:                 aka "Kristian Fiskerstrand <k_f@gentoo.org>" [unknown]
 gpg:                 aka "Kristian Fiskerstrand <kf@sumptuouscapital.com>" [unknown]
 gpg: Note: This key has expired!
 Primary key fingerprint: 94CB AFDD 3034 5109 5618  35AA 0B7F 8B60 E3ED FAE3
     Subkey fingerprint: B4EA D120 C7F8 9A4A EA47  2707 250B 7AFE D637 9D85
 ```
 ## Adding the HKPS Pool CA
 Once the signature has been verified, the CA can be moved over to
 `/usr/share/ca-certificates` to add to your CA certificates via `sudo
 update-ca-trust` (_Arch_) or `sudo update-ca-certificates` (_Debian/Ubuntu_).
 Lastly, the following parameters should be added to your `~/.gnupg/gpg.conf`:
 ```
 keyserver hkps://hkps.pool.sks-keyservers.net
 keyserver-options ca-cert-file=/path/to/CA/sks-keyservers.netCA.pem
 ```
 {{% admonition info "CA Path" %}}
 On my setup, the full path to the CA certs is:
 `/etc/ca-certificates/extracted/cadir/sks-keyservers.net_CA.pem`
 {{% /admonition %}}
 ## *Optional* - Ensure keys refreshed through keyserver
 To ensure no keys are pulled from insecure sources, or that an attacked would
 not be able to designate a keyserver they control, it is recommended to add the
 following additional parameter to the above `gpg.conf` file:
 ```
 keyserver-options no-honor-keyserver-url
 ```
 ---
 # More Information
 There is a whole load of information on
 [OpenPGP Best Practices](https://riseup.net/en/security/message-security/openpgp/best-practices).
 A few noteworthy points worth exploring:
 - **Keep an encrypted backup of your secret key**
 - Have a separate subkey for signing
 - Keep your primary key entirely offline
--- a/content/post/headphone-fix.md
+++ b/content/post/headphone-fix.md
@@ -1,6 +1,7 @@
 ---
 title: "Make Your Ears Bern"
-date: 2018-01-11T04:26:57+01:00
+date: 2018-01-11
 lastmod: 2019-01-16
 categories: ["Blog"]
 tags: ["electronics"]
 ---
--- a/content/post/humble-beginnings.md
+++ b/content/post/humble-beginnings.md
@@ -1,6 +1,7 @@
 ---
 title: "Humble Beginnings"
-date: 2017-12-21T01:42:57-05:00
+date: 2017-12-21
 lastmod: 2019-01-16
 categories: ["Blog"]
 tags: ["code"]
 ---