This is a small package repository maintained by Blobfolio, LLC, containing various odds and ends that we find useful. No more, no less. Haha.
First things first, add the repository's public key to apt
:
# Fingerprint: B9694BA12C957986670A10CC2C5A9865CB8D3868
wget -qO- https://apt.blobfolio.com/assets/public.asc | gpg --dearmor | sudo tee /usr/share/keyrings/apt.blobfolio.com-archive-keyring.gpg >/dev/null
Next, add the apt
source corresponding to your distribution (choose one):
# Architecture: amd64
wget -qO- https://apt.blobfolio.com/assets/bullseye_amd64.sources | sudo tee /etc/apt/sources.list.d/apt.blobfolio.com.sources >/dev/null
# Architecture: amd64
wget -qO- https://apt.blobfolio.com/assets/jammy_amd64.sources | sudo tee /etc/apt/sources.list.d/apt.blobfolio.com.sources >/dev/null
With the key and source in place, just run an update and install whatever makes you happy…
sudo apt-get update
sudo apt-get install […]
The integrity of packages in this repository can be verified at either the repository level — as apt
does automatically — or package-by-package, using dpkg-sig
.
The package-by-package route comes with two prerequisites:
# Add the public key to *your* personal GPG keyring.
wget -qO- https://apt.blobfolio.com/assets/public.asc | gpg --import
# Install dpkg-sig, if you don't already have it:
sudo apt-get update
sudo apt-get install dpkg-sig
After that, you can manually verify a downloaded package by running:
dpkg-sig -c /path/to/some-file.deb