almet/blog.notmyidea.org
1
0
Fork 0
mirror of https://github.com/almet/notmyidea.git synced 2025-04-28 11:32:39 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

GPG keys

Browse source
This commit is contained in:
Alexis Métaireau 2024-05-27 13:22:44 +02:00
parent d749105e34
commit f4b81f9dff
No known key found for this signature in database
GPG key ID: 1C21B876828E5FF2
6 changed files with 164 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

79
content/code/2024-05-27-github-gpg-signing-key.md Normal file
View file

@ -0,0 +1,79 @@
---
title: Setting up GPG signing key for github
tags: gpg, github
---
I recently had to create a new GPG signing key and add it as a correct signature
for my github account. Here is how I did, for future reference.
## Creating the key and exporting it
I created the key in thunderbird, which I use for my mails. I did it directly
there to avoid having to import it then, but I could also have generated it on
the command line.
I had some trouble finding how to export the key from thunderbird, you actually
have to open the OpenPGP key manager, select you key and then do "file/export",
which is kind of unintuitive.
I realized afterhand that the code I entered here will be stored in my keyring
manager. Choose something unique ;-)
## Importing it in the local keyring
```bash
gpg --import /Volumes/o5avOD-1fyGp/Clés/Alexis\ Métaireau\ --redacted--@freedom.press-\(0xC65C7A89A8FFC56E\)-secret.asc
```
It should show up when using `gpg --list-keys`:
```bash
gpg --list-keys
[keyboxd]
---------
pub ed25519 2024-05-27 [SC] [expire : 2027-05-27]
454294C6FF8B9716A5F641A9C65C7A89A8FFC56E
uid [ inconnue] Alexis Métaireau <--redacted--@freedom.press>
sub cv25519 2024-05-27 [E] [expire : 2027-05-27]
```
## Signing your commits
There is [a comprehensive guide](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits)
on how to do that, which basically tells you to:
```bash
git config --global commit.gpgsign true
```
## Using multiple identities dependening the git repo
Because I have multiple identities I commit with, I had to change the identity
used for a specific repository.
The way to do that was to have a different `.gitconfig` loaded depending on the
repo being used. I put this in my `.gitconfig`:
```ini
[includeIf "gitdir:~/dev/**/.git"]
path = .gitconfig-user
[includeIf "gitdir:~/dev/fpf/**/.git"]
path = ~/.gitconfig-fpf
````
And the `~/.gitconfig-fpf` file to be like:
```ini
[user]
name = Alexis Métaireau
email = --redacted--@freedom.press
```
## Exporting the public PGP keys
At some point, I needed to give github the public key associated with my private
key. As I'm using Thunderbird to store the keys, I asked it to export the public
key.

13
content/extra/keys/alexis@freedom.press.asc Normal file
View file

@ -0,0 +1,13 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
xjMEZlRXRhYJKwYBBAHaRw8BAQdAMU/SH0aZTDdnnfi0+Ra5Fza40nmUTXukyltb
zeE4EzzNKEFsZXhpcyBNw6l0YWlyZWF1IDxhbGV4aXNAZnJlZWRvbS5wcmVzcz7C
jwQTFggANxYhBEVClMb/i5cWpfZBqcZceomo/8VuBQJmVFdGBQkFo5qAAhsDBAsJ
CAcFFQgJCgsFFgIDAQAACgkQxlx6iaj/xW6jFQD/bP3/I7w8ZPWpI4YqZWlT3jMA
DXdlkLS88BUbGPFXYMQA/ROcFcKphO11urGfTa3xNA8PhW5D8MULB0xmLMS1dogG
zjgEZlRXRxIKKwYBBAGXVQEFAQEHQJXoNlN+8H7wnY+93EasUDk8rmBsStsijiCS
EXUcIs5cAwEIB8J+BBgWCAAmFiEERUKUxv+Llxal9kGpxlx6iaj/xW4FAmZUV0cF
CQWjmoACGwwACgkQxlx6iaj/xW5MTAD/aBv24vYSRbqm8APEAVj3yx8SEwTYZKdL
wa8uXdogLJ0BAPPqlaezTb1LKnrgAa11lDZDKVRN05/ZzqEPEY3y7xsL
=zV69
-----END PGP PUBLIC KEY BLOCK-----

13
content/extra/keys/alexis@notmyidea.org.asc Normal file
View file

@ -0,0 +1,13 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
xjMEZUO7NRYJKwYBBAHaRw8BAQdA1S59xYb0n4zS68BdOmKihh76Sd3fQwvRea5S
btJjfBjNKEFsZXhpcyBNw6l0YWlyZWF1IDxhbGV4aXNAbm90bXlpZGVhLm9yZz7C
jwQTFggANxYhBOpaZSe6UpTNpvWHahwhuHaCjl/yBQJlQ7s1BQkFo5qAAhsDBAsJ
CAcFFQgJCgsFFgIDAQAACgkQHCG4doKOX/LNzQD/YzJ7nLzyLu0P1KMLZrulVlgu
DiYaAaOSpgDOIgr5284BANgtHSY0HNOMnipgDtCck7Yi3k7fbaREEUqFrv5qafwJ
zjgEZUO7NRIKKwYBBAGXVQEFAQEHQHMvNh0F6VXmagKGT5WK2MJAla3pCUeyxEqT
p5KP9wMxAwEIB8J+BBgWCAAmFiEE6lplJ7pSlM2m9YdqHCG4doKOX/IFAmVDuzUF
CQWjmoACGwwACgkQHCG4doKOX/JFZAEAzjTYQEPVe8nVq7nM8Le3OSUCtuZ+uRY2
g7tsyLuu27UBAMwWb13239Ybs6pXkBHeyLm2LuDGRGJiYYZ6qEn7a0QO
=8ZnQ
-----END PGP PUBLIC KEY BLOCK-----

50
content/pages/worklog/dangerzone.md Normal file
View file

@ -0,0 +1,50 @@
---
title: dangerzone
save_as: dangerzone/index.html
template: worklog-en
---
## Lundi 27 Mai 2024 ()
- Created PGP keys for `alexis@freedom.press` and setup github to work with it.
## Vendredi 24 Mai 2024 (5h, 5/5)
- Completed the Sexual Harassment NYC training, and forms. I was pretty surprised by the (good) quality of it, actually.
- Reviewed alex.p PR on the gVisor design document.
- Read the currently opened pull requests.
- build: bumped the minimum python version to 3.9 (in a PR)
## Jeudi 23 Mai 2024 (8h, 5/5)
- Read on how Dangerzone is currently being integrated in the tails docs, yay!
- Synced this morning with Alex, and discussed about how containerization works, and what's the difference between OSes.
- Split my "small changes" pull request in two parts, with minor changes on one side, and changes on how test fixtures are run on the other side.
- Spent some time with Alex understanding why the tests weren't working anymore, and we found that the current tests weren't using the proper fixtures. That was fun and instructive: I'm happy to have a better understanding of how the test suite works, and interacts with QT apps.
- Read the gVisor documentation Alex wrote. Learned about secomp filters.
- Started using the devscripts to install the different environments locally, and started to install a X11 server on OSX to have the application show up... to be continued tomorrow.
## Mercredi 22 Mai 2024 (8h, 5/5)
What I did today (a lot of reading, some meetings):
- Read a bunch of issues to better understand the packaging status of dangerzone. Notes for myself:
- [Debian discussion](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986856#29), how it works [on arch](), the goal to [have a small image for tails](https://github.com/freedomofpress/dangerzone/issues/669) (and in general, I guess)
- The [Python Packaging User Guide](https://packaging.python.org), I was looking for resources on how to package on different targets, but didn't encounter this.
- Read the documentation of [PyMuPDF](https://pymupdf.readthedocs.io/en/latest/installation.html), and [the presentation](https://github.com/freedomofpress/dangerzone/files/13821818/Considering.PyMuPDF-1.pdf) that was made for DangerZone (found out about [dangerzone-test-set](https://github.com/freedomofpress/dangerzone-test-set))
- Read on the difference between podman and Docker, I'm still lagging on this front, as I'm not a user myself.
- Read the different Pull Requests on the repository to get a grasp of what is currently going on. (I learned about MacOS [entitlements](https://developer.apple.com/documentation/bundleresources/entitlements) and more specifically [App Sandbox](https://developer.apple.com/documentation/security/app_sandbox))
- Read the [security audit](https://freedom.press/news/dangerzone-receives-favorable-audit/) for dangerzone (and the OWASP [Docker security cheatsheet](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html) that was linked there)
- Looked at the dangerzone redesign documents from superbloom, both for the application and for the website. Nice work :-)
- Read the current code and made [a PR with minor changes](https://github.com/freedomofpress/dangerzone/pull/811), and currently trying to setup my machine to work the same way Circle CI does.
- Did the security 101 presentation with Davis and David
- Welcome meeting with Erik, Harris and Alex.p
## Mardi 21 Mai 2024 (9h, 5/5)
- I'm looking at the current codebase and current infrastructure. I'm installing a development environment locally (using `uv`)
- I'm discovering how everything is structured. I find out about [yum-tools-prod](https://github.com/freedomofpress/yum-tools-prod) and [apt-tools-prod](https://github.com/freedomofpress/apt-tools-prod)
- I'm reading the [Code of Conduct](https://github.com/freedomofpress/.github/blob/main/CODE_OF_CONDUCT.md). It's nice to see this is though of, and well phrased.
- I'm reading the [meeting notes](https://github.com/freedomofpress/dangerzone/wiki/Meeting-Notes) and clicked on some issues to see what's worked-on at the moment ([Explore how to Simplify Save Options · Issue #427 · freedomofpress/dangerzone · GitHub](https://github.com/freedomofpress/dangerzone/issues/427))
-

16
content/weeknotes/30.md
View file

@ -11,14 +11,14 @@ Une semaine concentré sur uMap, ou j'ai pu aller quasiment au bout du travail e
**[uMap](https://umap-project.org)** 🗺️
*uMap est un outil libre pour faire des cartes personnalisées*
: Une présentation de mes avancées sur la synchro, et une discussion sur les points liés. C'est
: Je fais passer la suite de tests actuelle et j'en écris de nouveaux pour m'assurer que tout fonctionne bien comme prévu. Le serveur de websockets tourne durant les tests, ça fonctionne ! Et ça me permet de trouver quelques problèmes au passage :-)
: Une discussion sur la manière d'avoir nos discussions.
- Une présentation de mes avancées sur la synchro, et une discussion sur les points liés.
- Je fais passer la suite de tests actuelle et j'en écris de nouveaux pour m'assurer que tout fonctionne bien comme prévu. Le serveur de websockets tourne durant les tests, ça fonctionne ! Et ça me permet de trouver quelques problèmes au passage :-)
- Une discussion sur la manière d'avoir nos discussions.
**[Danger Zone](https://dangerzone.rocks/)** ⚠️
*DangerZone permet de consulter des documents de sources inconnues en minimisant la prise de risque, entre autres pour les journalistes*
: J'ai signé le contrat avec [Freedom of the Press Foundation](https://freedom.press/), je commence le 21 Mai pour une période de 6 mois.
- J'ai signé le contrat avec [Freedom of the Press Foundation](https://freedom.press/), je commence le 21 Mai pour une période de 6 mois.
## Des joies 🤗
- Me sentir inspiré suite à des discussions avec l'équipe de FPF qui me donnent beaucoup d'énergie à chaque fois. C'est inspirant de voir la manière dont iels accueillent.
@ -37,7 +37,7 @@ Une semaine concentré sur uMap, ou j'ai pu aller quasiment au bout du travail e
## Vu, Lu, etc
- 🎧 [Inventer une thérapie féministe](https://www.arteradio.com/son/61686022/inventer_une_therapie_feministe) de « un podcast à soi ».
- 📘 J'ai terminé ma lecture (en français cette fois ci, c'est plus simple !) de « la volonté de changer » de bell hooks.
- 📘 J'ai terminé ma lecture (en français cette fois ci, c'est plus simple !) de « la volonté de changer » de bell hooks. Notes à venir :-)
- 📖 J'ai commencé et bien avancé le livre de l'université du nous [Réinventons le faire ensemble](https://universite-du-nous.org/re-inventons-le-faire-ensemble) qui parle et précise plusieurs techniques dont j'ai entendu parler, ou que j'ai pu pratiquer.
- ⏯ [Peut-on encore défendre les insoumis](https://www.youtube.com/watch?v=VXycYC2xqrE) de Rhinoceros, chez Blast. Intéressant de voir l'accueil médiatique qui est fait, y compris sur certains médias publics.
- ⏯ [Transphobie, la nouvelle panique des médias de l'extrème droite](https://www.youtube.com/watch?v=ObdXww-PX1A). Content de voir une vidéo d'analyse sur le sujet, et… malheureusement j'ai été assez déçu par le manque de fond proposé, au delà du « regardez, elles font tous les plateaux d'extrème-droite ». Au vu de la thématique, et de l'équipe de Rhinoceros, je m'attendais à mieux, surtout au vu du sujet qui le mérite.
@ -77,7 +77,5 @@ Une semaine concentré sur uMap, ou j'ai pu aller quasiment au bout du travail e
#### Objectifs
> There are two framings I find useful when a goal presents itself. The first is to ask, what do you expect will be different when that goal is achieved? How will you _change_ in becoming the person who can reach that goal? (And you _will_ change, count on it.) **Who do you expect to _be_ when you get to the end of this road?** Those questions (and others like them) can help you work out _why_ this goal is the one you want to point yourself at; **they can, at the same time, reveal to you if the goal you are contemplating is what _you_ really want or is perhaps something you may have unconsciously adopted from others** (your colleagues, or your boss, your parents, partner, friends, etc.).
## Ailleurs…
Chez [Benjamin](https://blog.benj.me/2024/05/14/notes-hebdo-4/), [Julie](https://juliebrillet.fr/notes/2024_05_13_notes/), [Fabien](https://frica.github.io/blog/notes-12-fr.html)
>
> — [Farfetching](https://everythingchanges.us/blog/farfetching/)

4
mnmlist/templates/article.html
View file

@ -18,7 +18,7 @@
{% if article.prev_article %}
<li>
<a href="{{ SITEURL }}/{{ article.prev_article.url }}"
title="{{ article.prev_article.title }}">← Précédent</a>
title="{{ article.prev_article.title | striptags }}">← Précédent</a>
</li>
{% endif %}
<li>
@ -27,7 +27,7 @@
{% if article.next_article %}
<li>
<a href="{{ SITEURL }}/{{ article.next_article.url }}"
title="{{ article.next_article.title }}">Suivant →</a>
title="{{ article.next_article.title | striptags }}">Suivant →</a>
</li>
{% endif %}
</ul>