Publishes the public OpenPGP key for morgan@mek.engineering via
Web Key Directory (WKD), so anyone can run:
gpg --locate-external-keys morgan@mek.engineeringThis repo contains public key material only. Never commit a private key here —
.gitignoreblocks*.asc,*secret*,*private*, etc.
Key: AF33 9889 F7ED D74D 33E0 EAA9 D186 9348 AE0F 3A39
WKD hash: kgph8h87ifttrpm6nor7hjhm97gi6s3f
advanced/ static tree for the advanced method (host: openpgpkey.mek.engineering)
direct/ static tree for the direct method (host: mek.engineering)
nginx-wkd.conf standalone nginx server blocks for static hosting
helm/wkd/ Helm chart: serves WKD from an unprivileged nginx pod on Kubernetes
The key file must be served over HTTPS with:
Content-Type: application/octet-streamAccess-Control-Allow-Origin: *
helm install wkd ./helm/wkdAdjust helm/wkd/values.yaml (hosts, ingress class, cert-manager issuer) to
match your cluster, point DNS at the ingress, then verify with the
gpg --locate-external-keys command above.
Replace helm/wkd/files/key (and the direct//advanced/ hu/... files) with
a fresh binary export and helm upgrade — the chart restarts pods on change.
gpg --no-armor --export-options export-minimal,no-export-attributes \
--export AF339889F7EDD74D33E0EAA9D1869348AE0F3A39 > helm/wkd/files/key