Wednesday, April 17, 2019

Yesterday I decided to resurrect my keybase account. For those of you that don’t know what Keybase is, I suggest you check it out. Among also being (another) secure method to chat, they have a unique feature that allows you to verify that you are the person who is behind other accounts and/or websites. For instance, I verified my Github account, so you can be sure that the Github account @binaryronin is actually the same person writing this article (as I also verified this website), and the person you are messaging on Keybase.

I won’t get into the details of the verification process (see here if you are interested), but wanted to share the simple thought process of how to integrate this into my Hugo blog. Basically, you need to place a file containing a bunch of json into the .well-known directory of your website. Keybase looks for this, and then verifies you. Hugo, being a static generator site, is a little tricky because in my build scripts I kill the entire public directory to cleanly generate the html. This poses an issue if I forgot about the .well-known directory and the Keybase file that is in there.

My simple solution was to use my Dockerfile to add this directory and file during the CI process, which happens after the Hugo generation happens. This way it always gets added during build:

RUN mkdir /srv/.well-known
COPY keybase.txt /srv/.well-known/keybase.txt

So now my Keybase verification for this website is here.

privacygpgsecuritykeybasehugo and the GCR

Testing Ansible AWX/Tower roles