cdist-type__apt_key(7)

1CDIST-TYPE__APT_KEY(7)               cdist              CDIST-TYPE__APT_KEY(7)
2
3
4

NAME

6       cdist-type__apt_key - Manage the list of keys used by apt
7

DESCRIPTION

9       Manages the list of keys used by apt to authenticate packages.
10
11       This  is  done  by  placing  the  requested  key in a file named $__ob‐
12       ject_id.gpg in the keydir directory.
13
14       This is supported by modern releases of Debian-based distributions.
15
16       In order of preference, exactly one of: source, uri or  keyid  must  be
17       specified.
18

REQUIRED PARAMETERS

20       None.
21

OPTIONAL PARAMETERS

23       keydir keyring  directory, defaults to /etc/apt/trusted.pgp.d, which is
24              enabled system-wide by default.
25
26       source path to a file containing the GPG key of the repository.   Using
27              this  is recommended as it ensures that the manifest/type manin‐
28              tainer has validated the key.  If -, the GPG key  is  read  from
29              the type's stdin.
30
31       state  'present' or 'absent'. Defaults to 'present'
32
33       uri    the  URI  from  which  to download the key.  It is highly recom‐
34              mended that you only use protocols with TLS  like  HTTPS.   This
35              uses  __download  but does not use checksums, if you want to en‐
36              sure that the key doesn't change, you are better off downloading
37              it and using --source.
38

DEPRECATED OPTIONAL PARAMETERS

40       keyid  the id of the key to download from the keyserver.  This is to be
41              used  in  absence  of  --source  and  --uri  or  together   with
42              --use-deprecated-apt-key  for  key  removal.  Defaults to $__ob‐
43              ject_id.
44
45       keyserver
46              the  keyserver  from  which  to  fetch  the  key.   Defaults  to
47              pool.sks-keyservers.net.
48

DEPRECATED BOOLEAN PARAMETERS

50       use-deprecated-apt-key
51              apt-key(8) will last be available in Debian 11 and Ubuntu 22.04.
52              You can use this parameter to force usage of apt-key(8).  Please
53              only  use this parameter to remove keys from the keyring, in or‐
54              der to prepare for removal of apt-key.  Adding  keys  should  be
55              done  without  this  parameter.   This parameter will be removed
56              when Debian 11 stops being supported.
57

EXAMPLES

59          # add a key that has been verified by a type maintainer
60          __apt_key jitsi_meet_2021 \
61             --source cdist-contrib/type/__jitsi_meet/files/apt_2021.gpg
62
63          # remove an old, deprecated or expired key
64          __apt_key jitsi_meet_2016 --state absent
65
66          # Get rid of a key that might have been added to
67          # /etc/apt/trusted.gpg with apt-key
68          __apt_key 0x40976EAF437D05B5 --use-deprecated-apt-key --state absent
69
70          # add a key that we define in-line
71          __apt_key jitsi_meet_2021 --source '-' <<EOF
72          -----BEGIN PGP PUBLIC KEY BLOCK-----
73          [...]
74          -----END PGP PUBLIC KEY BLOCK-----
75          EOF
76
77          # download or update key from the internet
78          __apt_key rabbitmq_2007 \
79             --uri https://www.rabbitmq.com/rabbitmq-signing-key-public.asc
80

AUTHORS

82       Steven  Armstrong  <steven-cdist--@--armstrong.cc>  Ander  Punnar  <an‐
83       der-at-kvlt-dot-ee> Evilham <contact~~@~~evilham.com>
84

COPYING

86       Copyright (C) 2011-2021 Steven Armstrong, Ander Punnar and Evilham. You
87       can redistribute it and/or modify it under the terms of the GNU General
88       Public  License  as  published  by the Free Software Foundation, either
89       version 3 of the License, or (at your option) any later version.
90

COPYRIGHT

92       ungleich GmbH 2021
93
94
95
96
976.9.8                            Aug 24, 2021           CDIST-TYPE__APT_KEY(7)