On Sat, Dec 12, 2015 at 12:46:24PM +0100, Landry Breuil wrote: > Hi, > > Thx to letsencrypt, i switched my server to full-https, and while here > setupped a signify key for the packages i build. That still means that > you need to trust me (and who am i to be trusted?), the root CA that > trusts letsencrypt, and upstream mozilla, but that was a nice > experiment, and somewhat requested. That doesnt mean i endorse all the > fluff and wanking around privacy/trust/whatnot... > > Note the difference, since the server now uses HSTS, if you still use a > PKG_PATH pointing to http:// pkg_add might spew warnings when scanning > the repo: > > Error from http://rhaalovely.net/stuff/i386/firefox-43.0rc1.tgz > Redirected to https://rhaalovely.net/stuff/i386/firefox-43.0rc1.tgz > Requesting https://rhaalovely.net/stuff/i386/firefox-43.0rc1.tgz > > The git/cgit repo is now accessible over https if you want to build > packages yourself: > > https://cgit.rhaalovely.net/mozilla-firefox/?h=release > git clone -b release https://git.rhaalovely.net/git/mozilla-firefox
And as found out by naddy here --^ this should read: git clone -b release https://rhaalovely.net/git/mozilla-firefox Landry
