add security.txt and pgp key

4 files changed, 16 insertions, 0 deletions

diff --git a/src/layout.rs b/src/layout.rs
index e0ce469..d7b06f2 100644
--- a/src/layout.rs
+++ b/src/layout.rs
@@ -28,6 +28,7 @@ markup::define! {
                     a[href=uri!(r_projects())] { "Projects" } " "
                     a[href=uri!(r_contact())] { "Contact" } " "
                     a[href="https://codeberg.org/metamuffin"] { "Codeberg" } " "
+                    a[href=uri!(r_pgp_key())] { "PGP-Key" } " "
                 }
                 hr;
                 section { @main }
diff --git a/src/main.rs b/src/main.rs
index 884b64b..24f2c61 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -27,6 +27,8 @@ async fn main() {
                 r_about,
                 r_contact,
                 r_projects,
+                r_pgp_key,
+                r_wellknown_security,
                 r_wellknown_matrix_server,
                 r_wellknown_matrix_client,
             ],
diff --git a/src/pages.rs b/src/pages.rs
index 82b56ca..720bfba 100644
--- a/src/pages.rs
+++ b/src/pages.rs
@@ -92,6 +92,11 @@ pub fn r_contact() -> DynLayoutPage<'static> {
     }
 }
 
+#[get("/key.asc")]
+pub fn r_pgp_key() -> &'static str {
+    include_str!("../assets/key.asc")
+}
+
 #[catch(default)]
 pub fn r_catch<'a>(status: Status, _request: &Request) -> DynLayoutPage<'a> {
     LayoutPage {
diff --git a/src/wellknown.rs b/src/wellknown.rs
index 2ec3255..9c9bc1c 100644
--- a/src/wellknown.rs
+++ b/src/wellknown.rs
@@ -28,3 +28,11 @@ pub fn r_wellknown_matrix_client() -> Cors<Value> {
 pub fn r_wellknown_matrix_server() -> Cors<Value> {
     Cors(json!({"m.server": "matrix.metamuffin.org:443"} ))
 }
+
+#[get("/.well-known/security.txt")]
+pub fn r_wellknown_security() -> &'static str {
+    r#"# In can case you found a security vulnerability in my services and want to disclose them privately, use the information below.
+Contact: https://metamuffin.org/contact
+Encryption: https://metamuffin.org/key.asc
+    "#
+}