Test signing packages

poudriere/poudriere.d/poudriere.key

@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDEvoH/E1GSpRJp
+4tYqLqLGX6stejSmIdf9OtEQaQlewHLfutUyTZYaXki/nKrUM2P5Xabpd9vNkHqd
+q0g39nLOx73vsDgeVeSlKXmzTkz1VVr9HDtFHuFn3nvAzSq1VmA8r53O87iQDvDg
+mbu0iG8fikemA2KvWZcNrQCYvhYyzHfBAIpGJbdQSR47L5UT6KRHIyV8EbHwXb7e
+zyq6WVrXp1yk5VX8WMSquqagdOuiA+SHdoxlFwA+t8BWn2QBAi0HddAIGFBrD7ah
+BJqbi3sgIx7+eFFbS92avqj0b/+eJ1a0yLMTM/5dxwSC4UIT4aJysSEx3ZP8iYUj
+ROgqDOPy+VNaZyyGqIesC0pR3zlrdMyz36g7IJkGRVXDVpLAwsXKpdj6ft4PSub6
+cJpnn+hTb8cE68jTwVqNe57rDiLJZI/qAWRsvwEfjm+jVJ0ngtFomcbnXCOTBMl0
+IQ3IuG4kLUvAueFoCPlAEzjuTw/sFu66yl/dAApMk4WiJGdzT4sSu8jONcqjEz2Q
+FheWkaUKRmlMP9uXEQ31ChBNcnFZyNJahSou67ks2XX38krfrQ4DJHgO+EGW6yHc
+c3L7jtuHp4qyn5x7iYyVpaDj87K1GspbENyRRer2rXtwGLEEtwyjCUHXVpQb/j7b
+Lbry/QJZ/so9LMomQzJIfNCe8+pIrQIDAQABAoICADAfL8Ex2rctYIBdLwiAwSgX
+wND+DdAfwYpq/zVOF7BhDofqFRj5cLAw5QbW/VKrYjXdYgTDYBQa1V7oxOCJS2IH
+6Y1tkwBafnMmXqHMklbEgp2bsOSSbcwf1zGcjShvANl/E/CJXNiBiwnImGiLIXD7
+u9Qfilz84w1Bhj6V6eyRZe4jYW7QbVK6G6aa2BIXSk0rC9FZq6Xw7A1n6xnK3sUW
+JrsfbAVtuebPgg+HoZXOcXBvvt2//zuX6rfVQxrbCyQCvTgpqEvTe1ZNf7pxZpOA
++6T+zVlxCDpADafCGCn5EcRkvaZCBqKt2czgZ27g9sCqUgX2Hir8AQBUK5wTbJJ0
++oyvp4wbcY0Xc6RZHlyFQOlTSoZMYsZ0dmEM7zE1aALWMbvXhWOKbnHzWQfm2zKR
+xVKTv0moP5fDYvTCC/QROhj4N8KwD/KSzbFjRtDQGlrmohh8g8XfgnYvAYqJjMZS
+zxRQYWCD/FUYxxoHZsMbAvaiJbyyLxkTDtaunomkHv3CMED2iSxpsXz+aygLzzZj
+YdzVw3KG6JhbeVdlKxEPYpZxxaGVL1t389pCw+jn0c3vv4tnmrKA2/IYIGjNOcX8
+nVDQDukDDwUYQye5Q0h0rtylgr/v+1usMvObaPqvxtVWw6Xmxk4LXlbEdIzbuQoL
+2XBWHpXosIHtEGG26/PxAoIBAQDkuHOjjeI7JPJFK3qWcSLJUF/PavQisCL9JjtK
+3WLfzkx+TDvdqUGmP8JxOvJfPxI4oP8g1kJ95gzWsM1iwmjenmBw0sYPzXeiqfOn
+Xy3wphRDqjBF4jP9VhfD1tbt2v0Jusn01UCnvJG/VIx0I9cP4wYnIMCbv4horM5P
+Ji4EouCsYrnEkJmCRwn1/ltyeHoGIC8wLVjLPXB1KdnlyUT+7PDVVGgq3XGSyX6L
+oShNz+AeS5TdufBEru8PFvo7EbSSod5sEy49H2V3ueEwV2kV0uAMpHxyrlSarVhZ
+9uumeoR1/sL//E/QxfulwjqawmRMotbtN2t1SJGmHjxTdWBxAoIBAQDcNbgLMukR
+W7THdlVepHG8VNgy0UXPvAF9cPk57Th5fcqLkAzHw0wfdQOUDX+YXEl8C9BUv9z9
+eB6ebT2/71NPFDGbcvQlregNwLVb0HHyzYouMccx+cUnmftdcEkB94Ig33Gthi9B
+YPK+I68C+6k7SJL5eObmhnN/teiXUpYYh9MdIxLyzLKO5HVhy0O00+KcyiJXZxtc
+JJ8LF9+h36yXVvwBSleLBwI1DKLRcRIlyD5xvPAbGF9GJRKkQKYx0HkH6a40uwU3
+kZwqfyj9RdhoK0+WV03a+1HwAwJsQkd2XXzJWH4z4NIYiXXMjQwkyCJd2990O4T3
+0gMu/eFj5gn9AoIBABKA8aoLsn/Cb281I0fEg2HyBK5NIs8jnNEKJMXbv0IH+JxH
+Ipi+NrdydRKgCDe4bIr0S2+mpd51nBhKWXNh8wX/niHCi49/uewI/9NMmfTcGsuW
+my0sLbSTIH0RhnXbv5jn6arLDd4EHW5zMqG6vI1menrz5WE0T57YTCCPIC3z12Va
+31iNsj2d7apfF5rdMFIKjIbDRGm84Lo51o0GiXRuStWXbI37OFL9xiUZtp8E8EbD
+Kpn9jvifhmucGkZpGki6m7n2m0kKnzTebt9wUuoXE1UygXbtr56L45fzqADh7JF3
+OONo0DQ9sCwq2H7otyCUE/tA/oqQgmgEDjFaT6ECggEBANvbZl0H/1qtTNi4dJOB
+a2y06QYTmrfE5Vfwq2QCTBhAVzDwKVJo0l+13FS9BV+BBH0s7lsvE9ydSTSzrKss
+ruiNKNoi80+LSdwxQuDgRGQ+gm+Mk2x6CzV2r1ii+sFT9EAN1tmA1z1XJgRgbCN2
+T4g49UTOSPpv0nD3lbk/Y0wqj8TPd+OiK8QupGN3Jaoswlv4FEFfWBmvFntk4ooj
+X5XZ6tD/AFh2LuX4L7ccRRojyvSTxsXGl5jY+ruzMDscATq9PIi5EIRihKCJRMta
+KK4YT+WyVLEFqtEOsCSWJ/Mtc6EzEQ2KsTh+RXZsfGtcxbMgCwFpS2CB9Vu9boLm
+8aECggEBAN/3tpASUlXUFNOwvabdxN7OKkqtylt8EhYOYuhM0YMw+Wn3UDDUuE+e
+X/m68uC314Cwclt3Nh7Epp+vA4uaC0qAeLMQfIQoTpye0V2t77vVKyYMcWieQo8X
+8UAxD6dcymxxcRAmBOuixuDN1vZuYn1sBAIqcK1Hj8hqytcvUf4rC3R9a4yRlDOG
+Rv9lrT1RX8NYgd7nkOQwhcdG/9zuNTCdcNqsixle+IHIEaJshh47OAjSKu4BoLm+
+G+49IuAxQVY1RZU1GbSKyLqJ/rJd9jNQyI8p7uY0v4f0kDSAaQnQ+LJR1r4Lh8pK
+dLO7T6yKN3qaUVddnkuWhcwyxbv1Xgs=
+-----END PRIVATE KEY-----

poudriere/poudriere.d/poudriere.pub

@@ -0,0 +1,14 @@
+-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxL6B/xNRkqUSaeLWKi6i
+xl+rLXo0piHX/TrREGkJXsBy37rVMk2WGl5Iv5yq1DNj+V2m6XfbzZB6natIN/Zy
+zse977A4HlXkpSl5s05M9VVa/Rw7RR7hZ957wM0qtVZgPK+dzvO4kA7w4Jm7tIhv
+H4pHpgNir1mXDa0AmL4WMsx3wQCKRiW3UEkeOy+VE+ikRyMlfBGx8F2+3s8qulla
+16dcpOVV/FjEqrqmoHTrogPkh3aMZRcAPrfAVp9kAQItB3XQCBhQaw+2oQSam4t7
+ICMe/nhRW0vdmr6o9G//nidWtMizEzP+XccEguFCE+GicrEhMd2T/ImFI0ToKgzj
+8vlTWmcshqiHrAtKUd85a3TMs9+oOyCZBkVVw1aSwMLFyqXY+n7eD0rm+nCaZ5/o
+U2/HBOvI08FajXue6w4iyWSP6gFkbL8BH45vo1SdJ4LRaJnG51wjkwTJdCENyLhu
+JC1LwLnhaAj5QBM47k8P7Bbuuspf3QAKTJOFoiRnc0+LErvIzjXKoxM9kBYXlpGl
+CkZpTD/blxEN9QoQTXJxWcjSWoUqLuu5LNl19/JK360OAyR4DvhBlush3HNy+47b
+h6eKsp+ce4mMlaWg4/OytRrKWxDckUXq9q17cBixBLcMowlB11aUG/4+2y268v0C
+Wf7KPSzKJkMySHzQnvPqSK0CAwEAAQ==
+-----END PUBLIC KEY-----

poudriere/sign.txt

@@ -0,0 +1,29 @@
+# 1. Générer les clés (une seule fois)
+openssl genrsa -out /usr/local/etc/ssl/private/poudriere.key 4096
+openssl rsa -in /usr/local/etc/ssl/private/poudriere.key \
+            -pubout -out /usr/local/etc/ssl/certs/poudriere.pub
+
+# 2. poudriere.conf
+echo 'PKG_REPO_SIGNING_KEY=/usr/local/etc/ssl/private/poudriere.key' \
+  >> /usr/local/etc/poudriere.conf
+
+# 3. Construire (poudrière signe automatiquement)
+poudriere bulk -j 14amd64 -p default -f /usr/local/etc/poudriere/pkglist
+
+# 4. Distribuer la clé publique aux clients
+scp /usr/local/etc/ssl/certs/poudriere.pub client:/usr/local/etc/ssl/certs/
+
+# 5. Sur le client : /etc/pkg/poudriere.conf
+cat > /etc/pkg/poudriere.conf << 'EOF'
+poudriere: {
+  url: "http://build-server/packages/14amd64-default",
+  mirror_type: "http",
+  signature_type: "pubkey",
+  pubkey: "/usr/local/etc/ssl/certs/poudriere.pub",
+  enabled: yes
+}
+EOF
+
+# 6. Vérifier
+pkg update
+pkg install mon-paquet