V8.13.296.2025.10.29

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

lib/lib_lb_config_write_trixie.sh

@@ -116,10 +116,21 @@ lb_config_write_trixie() {
 
 
   ### Installing PGP Public Keys for signature verification.
-  mkdir -p "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/root/.ciss/cdlb/keys"
-  install -m 0444 -o root -g root "${VAR_WORKDIR}/.pubkey/marc_s_weidner_msw+bot@coreseret.dev_0x8733B021_public.gpg" "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/root/.ciss/cdlb/keys/0x8733B021_public.gpg"
-  install -m 0444 -o root -g root "${VAR_WORKDIR}/.pubkey/marc_s_weidner_msw@coresecret.dev_0xE62E84F8_public.gpg" "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/root/.ciss/cdlb/keys/0xE62E84F8_public.gpg"
+  mkdir -p "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/etc/ciss/keys"
+  install -m 0444 -o root -g root "${VAR_WORKDIR}/.pubkey/marc_s_weidner_msw+bot@coreseret.dev_0x8733B021_public.gpg" "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/etc/ciss/keys/0x8733B021_public.gpg"
+  install -m 0444 -o root -g root "${VAR_WORKDIR}/.pubkey/marc_s_weidner_msw@coresecret.dev_0xE62E84F8_public.gpg" "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/etc/ciss/keys/0xE62E84F8_public.gpg"
 
+  #### Installing PGP Private Deploy Key for signature creation
+  #mkdir -p "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/root/.ciss/cdlb/private_keys"
+  #cat << 'EOF' >| "${VAR_HANDLER_BUILD_DIR}/config/includes.chroot/root/.ciss/cdlb/private_keys/"
+#{{ secrets.PGP_MSW_DEPLOY_CORESECRET_DEV }}
+#EOF
+
+  #if grep -q '{{ secrets.' /root/.config/sops/age/keys.txt; then
+  #  : >| /root/.config/sops/age/keys.txt
+  #fi
+
+  #chmod 0400 /root/.config/sops/age/keys.txt
 
   ### https://wiki.debian.org/ReproducibleInstalls/LiveImages
   ### https://reproducible-builds.org/docs/system-images/