diff options
Diffstat (limited to 'doc/examples')
| -rw-r--r-- | doc/examples/cloud-config-apt.txt | 24 | 
1 files changed, 18 insertions, 6 deletions
| diff --git a/doc/examples/cloud-config-apt.txt b/doc/examples/cloud-config-apt.txt index f4392326..7baa141c 100644 --- a/doc/examples/cloud-config-apt.txt +++ b/doc/examples/cloud-config-apt.txt @@ -149,6 +149,7 @@ apt:    # security is optional, if not defined it is set to the same value as primary    security:      - uri: http://security.ubuntu.com/ubuntu +    - arches: [default]    # If search_dns is set for security the searched pattern is:    #   <distro>-security-mirror @@ -212,14 +213,14 @@ apt:    #    # The key of each source entry is the filename and will be prepended by    # /etc/apt/sources.list.d/ if it doesn't start with a '/'. -  # If it doesn't end with .list it will be appended so that apt picks up it's +  # If it doesn't end with .list it will be appended so that apt picks up its    # configuration.    #    # Whenever there is no content to be written into such a file, the key is    # not used as filename - yet it can still be used as index for merging    # configuration.    # -  # The values inside the entries consost of the following optional entries: +  # The values inside the entries consist of the following optional entries:    #   'source': a sources.list entry (some variable replacements apply)    #   'keyid': providing a key to import via shortid or fingerprint    #   'key': providing a raw PGP key @@ -276,13 +277,14 @@ apt:      my-repo2.list:        # 2.4 replacement variables        # -      # sources can use $MIRROR, $PRIMARY, $SECURITY and $RELEASE replacement -      # variables. +      # sources can use $MIRROR, $PRIMARY, $SECURITY, $RELEASE and $KEY_FILE +      # replacement variables.        # They will be replaced with the default or specified mirrors and the        # running release.        # The entry below would be possibly turned into:        #   source: deb http://archive.ubuntu.com/ubuntu xenial multiverse -      source: deb $MIRROR $RELEASE multiverse +      source: deb [signed-by=$KEY_FILE] $MIRROR $RELEASE multiverse +      keyid: F430BBA5      my-repo3.list:        # this would have the same end effect as 'ppa:curtin-dev/test-archive' @@ -310,9 +312,19 @@ apt:        keyid: B59D 5F15 97A5 04B7 E230  6DCA 0620 BBCF 0368 3F77        keyserver: pgp.mit.edu +    ignored5: +      # 2.8 signed-by +      # +      # One can specify [signed-by=$KEY_FILE] in the source definition, which +      # will make the key be installed in the directory /etc/cloud-init.gpg.d/ +      # and the $KEY_FILE replacement variable will be replaced with the path +      # to the specified key. If $KEY_FILE is used, but no key is specified, +      # apt update will (rightfully) fail due to an invalid value. +      source: deb [signed-by=$KEY_FILE] $MIRROR $RELEASE multiverse +      keyid: B59D 5F15 97A5 04B7 E230  6DCA 0620 BBCF 0368 3F77      my-repo4.list: -      # 2.8 raw key +      # 2.9 raw key        #        # The apt signing key can also be specified by providing a pgp public key        # block. Providing the PGP key this way is the most robust method for | 
