Add update and init scripts for apt publisher

apt-publisher/initialize.sh

@@ -0,0 +1,33 @@
+export KEYNAME=dpkg
+export EMAIL=${KEYNAME}@cppse.nl
+
+# We invoke this script with "bash ../initialize.sh", hence this weirdness..
+echo "cert-digest-algo SHA256" >> ~/.gnupg/gpg.conf
+echo "digest-algo SHA256" >> ~/.gnupg/gpg.conf
+####
+
+pushd keys
+cat > $KEYNAME.batch <<EOF
+ %echo Generating a standard key
+ Key-Type: RSA
+ Key-Length: 4096
+ Subkey-Length: 4096
+ Name-Real: ${KEYNAME}
+ Name-Email: ${EMAIL}
+ Expire-Date: 0
+ %pubring ${KEYNAME}.pub
+ %secring ${KEYNAME}.key
+ # Do a commit here, so that we can later print "done" :-)
+ %commit
+ %echo done
+EOF
+
+gpg --batch --gen-key $KEYNAME.batch
+gpg --no-default-keyring --secret-keyring ${KEYNAME}.key --keyring ${KEYNAME}.pub --list-secret-keys
+gpg --import ${KEYNAME}.key
+gpg ${KEYNAME}.key
+
+gpg --output KEY.gpg --armor --export $KEYNAME
+gpg --output KEY.asc --export -a $KEYNAME
+popd
+

apt-publisher/update.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+export KEYNAME=dpkg
+
+gpg --import keys/${KEYNAME}.key
+
+pushd /repo
+    apt-ftparchive --arch amd64 packages amd64 > Packages
+    gzip -k -f Packages
+    apt-ftparchive release . > Release
+    rm -fr Release.gpg; gpg --default-key ${KEYNAME} -abs -o Release.gpg Release
+    rm -fr InRelease; gpg --default-key ${KEYNAME} --clearsign -o InRelease Release
+popd