feat(release): activate release signing with the production minisign key

Replaces the REPLACE_ME placeholder public key in libreportal.pub and install.sh
with the real LibrePortal release-signing public key (id BC92526B3ECA7F41). The
secret half is held offline by the maintainer.

This activates the signature-required path everywhere it was wired but inert:
install.sh now REQUIRES a valid tarball signature on release installs, the
updater (fetch.sh) requires it on update, and the integrity check (verify.sh)
will report a real "Verified" state once a signed release is installed.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
This commit is contained in:
librelad 2026-05-28 20:20:38 +01:00
parent 1c3531b932
commit 3b0b3a0a1f
2 changed files with 3 additions and 3 deletions

View File

@ -28,7 +28,7 @@ NO_VERIFY_SIG=0
# paste the public key here AND into libreportal.pub. While it contains REPLACE_ME,
# signature verification is skipped (the sha256 still runs); once replaced, a valid
# signature becomes REQUIRED for release installs.
LP_MINISIGN_PUBKEY="RWREPLACE_ME_run_minisign_-G_then_paste_the_public_key_here_and_in_install.sh"
LP_MINISIGN_PUBKEY="RWRBf8o+a1KSvF08fA3oKrVz/71D60YeF4GO66ntVeJvzAkI57sjgM1S"
usage() {
sed -n '3,12p' "$0" | sed 's/^# \{0,1\}//'

View File

@ -1,2 +1,2 @@
untrusted comment: LibrePortal release signing key — REPLACE_ME (run `minisign -G`)
RWREPLACE_ME_run_minisign_-G_then_paste_the_public_key_here_and_in_install.sh
untrusted comment: LibrePortal release signing key (id BC92526B3ECA7F41)
RWRBf8o+a1KSvF08fA3oKrVz/71D60YeF4GO66ntVeJvzAkI57sjgM1S