Small fix + Add verify page

2020-09-23 16:59:23 +02:00 · 2020-09-23 16:59:23 +02:00 · f93014e8db
commit f93014e8db
parent 2500b3d9eb
2 changed files with 79 additions and 31 deletions
--- a/content/about.html
+++ b/content/about.html
@ -1,38 +1,40 @@
 <!-- title: About "PapaTutuWawa" -->
 <!-- description: -->
 <!-- render: yes -->
-<div class="horizontal-center">
-    <div class="vertical text">
-        <h3>About "PapaTutuWawa"</h3>
+<div class="vertical text">
+    <div class="horizontal-center">
+        <div class="text-content">
+            <h3>About "PapaTutuWawa"</h3>

-        <div class="container">
-            <img
-            	class="profile-picture"
-            	src="assets/img/profile.jpg"
-            	alt="Profile Picture" />
+            <div class="container">
+                <img
+                	class="profile-picture"
+                 	src="assets/img/profile.jpg"
+        	        alt="Profile Picture" />
+            </div>
+
+            <div class="quote">
+                Student, Anime expert, Vocaloid listener, Docker and Linux fan
+                and hobby SysAdmin.
+            </div>
+
+            <ul>
+                <li><a href="https://{{ git_url }}/">Code</a></li>
+                <li><a href="https://{{ blog_url }}/">Blog</a></li>
+                <li><a href="https://{{ mastodon_url }}/">Mastodon</a></li>
+            </ul>
+
+            <h3>Contact</h3>
+            <ul>
+                <li>EMail: <i>{{ email_user }} ["a" with a weird circle] {{ email_domain }}</i> (<a href="{{ email_gpg_url}}">GPG</a>)</li>
+            </ul>
+
+            <h3>About This Page</h3>
+            <ul>
+                <li><a href="https://{{ git_url }}/PapaTutuWawa/blog.polynom.me">Source</a></li>
+                <li>All pages are signed using my public key. Use this <a href="/assets/files/verify.sh">script</a> (<a href="/assets/files/verify.sh.sig"><u>signature</u></a>) to verify or <a href="/verify.html">see here</a> to learn more</li>
+                <li>Last updated <i>{{ build_time }}</i></li>
+            </ul>
        </div>
-
-        <div class="quote">
-            Student, Anime expert, Vocaloid listener, Docker and Linux fan
-            and hobby SysAdmin.
-        </div>
-
-        <ul>
-            <li><a href="https://{{ git_url }}/">Code</a></li>
-            <li><a href="https://{{ blog_url }}/">Blog</a></li>
-            <li><a href="https://{{ mastodon_url }}/">Mastodon</a></li>
-        </ul>
-
-        <h3>Contact</h3>
-        <ul>
-            <li>EMail: <i>{{ email_user }} ["a" with a weird circle] {{ email_domain }}</i> (<a href="{{ email_gpg_url}}">GPG</a>)</li>
-        </ul>
-
-        <h3>About This Page</h3>
-        <ul>
-            <li><a href="https://{{ git_url }}/PapaTutuWawa/blog.polynom.me">Source</a></li>
-            <li>All pages are signed using my public key. Use this <a href="/assets/files/verify.sh">script</a> (<a href="/assets/files/verify.sh.sig"><u>signature</u></a>) to verify</li>
-            <li>Last updated <i>{{ build_time }}</i></li>
-        </ul>
    </div>
 </div>
--- a/content/verify.html
+++ b/content/verify.html
@ -0,0 +1,46 @@
+<!-- title: Page Verification -->
+<!-- description: -->
+<!-- render: yes -->
+<div class="vertical text">
+    <div class="horizontal-center">
+        <div class="text-content">
+            <h2>Page Verification</h3>
+
+            <p>
+                In order to allow people to verify that a post has really been
+                created by me, I sign all blog posts and my "About" page using
+                my <a href="{{ email_gpg_url }}">public key</a>.
+            </p>
+        
+            <h3>Using My Script</h3>
+            <p>
+                To verify a page, you can use
+                <a href="/assets/files/verify.sh">this script</a>
+                (<a href="/assets/files/verify.sh.sig">signature</a>), which you
+                can also find <a href="https://git.polynom.me/PapaTutuWawa/blog.polynom.me/src/branch/master/assets/files/verify.sh">here</a> in my blog repository.
+
+                <code>verify.sh "$URL"</code>, where <code>$URL</code> is the URL on my blog you want to
+                verify.
+
+                <div class="warning">
+                    WARNING: Never execute a script that you downloaded from the
+                    Internet without checking it first. This also holds true for this one.
+                </div>
+            </p>
+
+            <h3>What The Script Does</h3>
+            <p>
+                The following are the steps that my script takes to verify a page's signature. It
+                is written down so that you could verify a page signature even without downloading
+                my script.
+
+                <ul>
+                    <li>Download the page source to "page.html"</li>
+                    <li>Extract the PGP signature from the top and save it to "page.html.sig"</li>
+                    <li>Replace the signature in "page.html" with "%%%SIGNED_PAGES_PGP_SIGNATURE%%%" (Without the ")</li>
+                    <li>Verify using <code>gpg --verify page.html.sig page.html</code></li>
+                </ul>
+            </p>
+        </div>
+    </div>
+</div>