Project

jekyll-wkd

0.0
No release in over a year
Jekyll plugin to generate an OpenPGP Web Key Directory (WKD)
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Runtime

~> 2.0
>= 3.0, < 5.0
 Project Readme

Jekyll Web Key Directory

Gem Version License: LGPLv3+ CI

A Jekyll plugin to generate an OpenPGP Web Key Directory (WKD).

Web Key Directory is a standard and decentralized way of distributing OpenPGP keys without relying on the traditional public key servers, like SKS, which have proven increasingly unreliable and prone to abuse and impersonation.

Given a set of public keys, this plugin can generate either an "advanced" format directory, suitable for hosting under an openpgpkey subdomain e.g. https://openpgpkey.example.com; or a "direct" format directory, for hosting under a root or apex domain.

Installation

Add the plugin's gem to your site's Gemfile like so:

group :jekyll_plugins do
  gem "jekyll-wkd"
end

And install the newly added gem with the command:

bundle install

Older versions of Jekyll might not automatically activate the plugins under the :jekyll_plugins group. If so, you'll need to add it into your site's _config.yml file:

plugins:
  - jekyll-wkd

Usage

This plugin should work without any further configuration. Just place the public keys you wish to export under the keys directory within your site's source, and the plugin will export them into the .well-known/openpgpkey directory on the generated site.

By default, the exported key directory will be in the advanced format, with keys being placed on a folder corresponding to their domain, each with their own separate policy file. To use the direct format, meant to be served from the root of a domain, you'll need to change the mode option in your _config.yml file to direct, as shown further below.

The keys will still be regarded as static files by Jekyll, so they'll also be copied over to the generated side under the same directory they're in.

If you need to scan keys from a different directory, or change which file extensions are considered as key files, you can change these settings on your site's _config.yml file. The default settings are:

wkd:
  mode: 'advanced'
  exts: ['.asc', '.pub']
  path: 'keys'

Also note that if you change your site's baseurl, PGP tools might not be able to find your published keys, since the .well-known directory needs to be on the root of the URL.