Last active
May 9, 2023 15:59
-
-
Save williamtrelawny/d09bdc019a0f38f4c5ed4af3dd9b1c5e to your computer and use it in GitHub Desktop.
Securely install repo with gpg instead of apt-key add
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
### Usage ### | |
# bash ./apt-repo-install-secure.sh "${NAME}" "${GPGKEY}" "${REPO}" | |
# Set your vars here: | |
NAME="$1" # name of package (e.g. "opensearch") | |
GPGKEY="$2" # url to repo gpg key | |
REPO="$3" # url to repo plus args (e.g. "stable main") | |
# Install prereqs: | |
sudo apt install -y gnupg | |
# Create home for apt gpg keyring: | |
[ ! -d /etc/apt/keyrings ] && sudo mkdir /etc/apt/keyrings || echo -e "apt keyring directory already exists, skipping...\n" | |
# Install repo pgp key: | |
curl -o- ${GPGKEY} | gpg --dearmor | sudo tee /etc/apt/keyrings/${NAME}.gpg > /dev/null | |
# Add repo to apt sources: | |
echo "deb [signed-by=/etc/apt/keyrings/${NAME}.gpg] ${REPO}" | sudo tee -a /etc/apt/sources.list.d/${NAME}.list > /dev/null |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment