summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docs/content/doc/advanced/signing.en-us.md30
1 files changed, 17 insertions, 13 deletions
diff --git a/docs/content/doc/advanced/signing.en-us.md b/docs/content/doc/advanced/signing.en-us.md
index 72d294e7bd..1de67f2348 100644
--- a/docs/content/doc/advanced/signing.en-us.md
+++ b/docs/content/doc/advanced/signing.en-us.md
@@ -44,6 +44,16 @@ There are a number of places where Gitea will generate commits itself:
Depending on configuration and server trust you may want Gitea to
sign these commits.
+## Installing and generating a GPG key for Gitea
+
+It is up to a server administrator to determine how best to install
+a signing key. Gitea generates all its commits using the server `git`
+command at present - and therefore the server `gpg` will be used for
+signing (if configured.) Administrators should review best-practices
+for gpg - in particular it is probably advisable to only install a
+signing secret subkey without the master signing and certifying secret
+key.
+
## General Configuration
Gitea's configuration for signing can be found with the
@@ -81,7 +91,7 @@ of the `user.signingkey`, `user.name` and `user.email` as appropriate.
Please note: by adjusting git's `config` file within Gitea's
repositories, `SIGNING_KEY=default` could be used to provide different
-signing keys on a per-repository basis. However, this is cleary not an
+signing keys on a per-repository basis. However, this is clearly not an
ideal UI and therefore subject to change.
### `INITIAL_COMMIT`
@@ -142,22 +152,16 @@ The possible options are:
Options other than `never` and `always` can be combined as a comma
separated list.
-## Installing and generating a GPG key for Gitea
-
-It is up to a server administrator to determine how best to install
-a signing key. Gitea generates all its commits using the server `git`
-command at present - and therefore the server `gpg` will be used for
-signing (if configured.) Administrators should review best-practices
-for gpg - in particular it is probably advisable to only install a
-signing secret subkey without the master signing and certifying secret
-key.
-
## Obtaining the Public Key of the Signing Key
The public key used to sign Gitea's commits can be obtained from the API at:
-```/api/v1/signing-key.gpg```
+```
+/api/v1/signing-key.gpg
+```
In cases where there is a repository specific key this can be obtained from:
-```/api/v1/repos/:username/:reponame/signing-key.gpg```
+```
+/api/v1/repos/:username/:reponame/signing-key.gpg
+```