How to embedd a gpg key in static Nikola websites? - gnupg

What is the best way to include gpg public keys on a website, which is generated by the Nikola website generator?
It should be easy to import by visitors.
Nikola must not the key while rendering the page.
Edit: After 7 months I think the ideal solution makes use of WKD

As a default, all files within the files/ folder will be copied 1:1 into the output files. So if you're using the default config: to have your public key on your page, you can simply store it in files/key.txt and it will be available as https://yourpage.com/key.txt.
In the conf.py you can find the following:
# One or more folders containing files to be copied as-is into the output.
# The format is a dictionary of {source: relative destination}.
# Default is:
# FILES_FOLDERS = {'files': ''}
# Which means copy 'files' into 'output'```

Related

Create file from variable in ansible

I want to create a file (namely an id_rsa key) using ansible.
It seems that using the copy builtin module is no longer recommended and users are advised to use template.
If I understand correcly, I will have to put the contents of the id_rsa to an id_rsa.j2 and then render it on the target host.
This of course will then have to be encrypted with ansible-vault.
My question is whether there is a workaround (since I already have a vars file with secrets) so that I add the contents of the private key to this (already encrypted) file to avoid adding yet another encrypted file just for this purpose.
You wouldn't put any sensitive information in your template, just the variable name, the same way you would have with copy + content.
{{ my_private_key_var }}

dockerfile copy list of files, when list is taken from a local file

I've got a file containing a list of paths that I need to copy by Dockerfile's COPY command on docker build.
My use case is such: I've got a python requirements.txt file, when inside I'm calling multiple other requirements files inside the project, with -r PATH.
Now, I want to docker COPY all the requirements files alone, run pip install, and then copy the rest of the project (for cache and such). So far i haven't managed to do so with docker COPY command.
No need of help on fetching the paths from the file - I've managed that - just if it is possible to be done - how?
thanks!
Not possible in the sense that the COPY directive allows it out of the box, however if you know the extensions you can use a wildcard for the path such as COPY folder*something*name somewhere/.
For simple requirements.txt fetching that could be:
# but you need to distinguish it somehow
# otherwise it'll overwrite the files and keep the last one
# e.g. rename package/requirements.txt to package-requirements.txt
# and it won't be an issue
COPY */requirements.txt ./
RUN for item in $(ls requirement*);do pip install -r $item;done
But if it gets a bit more complex (as in collecting only specific files, by some custom pattern etc), then, no. However for that case simply use templating either by a simple F-string, format() function or switch to Jinja, create a Dockerfile.tmpl (or whatever you'd want to name a temporary file), then collect the paths, insert into the templated Dockerfile and once ready dump to a file and execute afterwards with docker build.
Example:
# Dockerfile.tmpl
FROM alpine
{{replace}}
# organize files into coherent structures so you don't have too many COPY directives
files = {
"pattern1": [...],
"pattern2": [...],
...
}
with open("Dockerfile.tmpl", "r") as file:
text = file.read()
insert = "\n".join([
f"COPY {' '.join(values)} destination/{key}/"
for key, values in files.items()
])
with open("Dockerfile", "w") as file:
file.write(text.replace("{{replace}}", insert))
You might want to do this for example:
FROM ...
ARG files
COPY files
and run with
docker build -build-args items=`${cat list_of_files_to_copy.txt}`

Can I build multiple PDFs from the same source in readthedocs?

I have a lot of documentation in a readthedocs site, and I'd like to be able to serve it as two separate PDF files. I've separated the contents for each into two top-level *.rst files (formal.rst and informal.rst), specified them both in the conf.py (as suggested here), but I'm struggling with an error during the build:
Latexmk: Need to specify at most one filename if jobname specified,
but 2 were found (after defaults and wildcarding).
I'm not sure whether it's possible for readthedocs to build more than one PDF? If not, does that mean I should have an entirely separate branch ...? or ...?
conf.py:
latex_documents = [
('formal', 'formal.tex', u'My stuff', u'My contributors', 'manual'),
('informal', 'informal.tex', u'My stuff', u'My contributors', 'manual'),
]
Currently, it's not possible to output more than one PDF file per build. This is a limitation. There is an issue opened at https://github.com/readthedocs/readthedocs.org/issues/2045 in case you want to subscribe to follow up with the news.

Ruby hiding API keys and IP address?

I have a ruby script main.rb which takes in two parameters, ipaddress and apitoken.
$token = "VALUE"
$ip_addr = "ADDRESS"
These values are hard coded into the script. When I push the project into Github's repo, I get a warning that my keys are visible.
What is the recommended way to hide these variables? Is it as simple as adding a separate file for these values and adding them to .gitignore?
Personally, I don't like using open and file operations in code. Better way would be to use one of the following approaches,
Put the keys in system environment as follows,
export MY_TOKEN=xyz
export MY_IP_ADDR=a.b.c.d
If you want it to be available after you restart shell, then put it in ~/.bash_profile.
and in your code use as follows,
$token = ENV["MY_TOKEN"]
$ip_addr = ENV["MY_IP_ADDR"]
OR
You can use dotenv gem, if you don't want system wide environment variables and exclude .env from git but putting the file in .gitignore.
Following this guide, a simple way to do this is to create folders .auth_token and .ip_addr.
Add the necessary keys in them and access them by reading the files as follows:
$token = open("lib/assets/.auth_token").read()
$ip_addr = open("lib/assets/.ip_addr").read()
If pushing to a repository, make sure the folders are added to .gitignore

How do I write an Albacore zip task that includes only certain folders and the folders themselves?

I'm trying to zip up the artifacts of a rake build, using Albacore's ZipTask. The solution I'm building has three projects that have artifacts that need to be zipped up individually, but only the ASP.NET MVC project will be mentioned here. Here's the directory structure of the solution:
rakefile.rb
solution.sln
src/
(other projects that are not relevant)
website/
(various folders I don't want included in the artifacts)
bin/
Content/
Scripts/
Views/
Default.aspx
Global.asax
web.config
At first I wrote this task:
website_directory = File.join '.', 'src', 'website'
website_project_name = 'website'
zip :zip => [ :run_unit_tests, :less ] do |zip|
zip.directories_to_zip = [ 'bin', 'Content', 'Scripts', 'Views' ].map{ |folder| File.join website_directory, folder }
zip.additional_files = [ 'Default.aspx', 'favicon.ico', 'Global.asax', 'web.config'].map{ |file| File.join website_directory, file }
zip.output_file = get_output_file_name
zip.output_path = get_artifacts_output_path website_project_name
end
Problem is, the output of this task is a zip file containing the contents of those folders, not the folders themselves, which is obviously undesirable.
Next, I tried flipping the flatten_zip field to false (which is not a documented field but you can find it in the source). This produced a zip that contained the above folders, but at the bottom of the whole ./src/website/ folder hierarchy. I want the above folders at the root of the zip, so that's not working either.
So my next shot was this, using exclusions, which is also not documented:
zip :zip => [ :run_unit_tests, :less ] do |zip|
zip.directories_to_zip website_directory
zip.exclusions = [ /.git/, /.+\.cs/, /App_Data/, /Attributes/, /AutoMapper/, /Controllers/, /Diagrams/, /Extensions/, /Filters/, /Helpers/, /Models/, /obj/, /Properties/, /StructureMap/, /Templates/, /CompTracker.Web.csproj/, /Default.aspx.cs/, /Global.asax.cs/, /Publish.xml/, /pdb/ ]
zip.output_file = get_output_file_name
zip.output_path = get_artifacts_output_path website_project_name
end
This worked for me, but when I recently added /AutoMapper/ and /StructureMap/ to the exclusions array, it also caused AutoMapper.dll and StructureMap.dll to (of course) also be excluded from the bin folder.
How should I edit any of the above tasks to have only the folders and files I want at the root of my zip?
You can copy all the files and folders you need into a temp directory and then zip that up. In other words, set the property directories_to_zip to one folder which has all the correct files already copied in - where the copying code is what does all the filtering for you. I think that's the unspecified expected usage (and the way I use it). I'll just contrast the two ideas to make it clear.
Strategy A: Copy the folder structure
Copy what you need into a temp directory. This way, you set the 'directories_to_zip' property to one folder eg:
directories_to_zip = 'ziptemp/all.my.stuff.copied.here/'
Strategy B: Use a filter
(This is your current strategy)
Use the directories_to_zip property as a filter on an original directory (it is an array that takes multiple directories, so you couldn't be blamed for assuming it should work this way). You then use various properties to filter the files/folders you need.
Possible Resolution
To solve your issue, then, you could adopt Strategy A. Actually, unless there's any extraordinary issues with this (slow PC, amazingly low on disk space), I would have thought this would be a slightly more robust way of going about it because you can be sure that what you are zipping is exactly what you are copying, which can be verified by checking the ziptemp directory.
Incidentally, I can be sure Strategy A works because I use it (with Albacore) to zip files for our installers.
I had the same problem using 'albacore', I wanted to zip a folder called 'tools' (not just the contents), store it in a folder called 'out' and name the zip 'tools.zip ... so instead I used this;
require 'zip/zipfilesystem'
Zip::ZipFile::open("out/tools.zip", Zip::ZipFile::CREATE) { |z|
Dir['{tools}/**/*'].each { |f|
z.add(f, f)
}
}
I know its late but I hope this helps someone.

Resources