Merge remote-tracking branch 'ge/master' into lash/404

ci: update docker registry

ci: update creds

ci: update repo

ci: (fix) repo

.well-known/acls/322498A7F9145A8CCF60B349503CF8CB0F221ADE

@@ -1,3 +0,0 @@
-- "^/user(/.*)?$":
-    read:
-      - user

.well-known/acls/CCE2E1D2D0E36ADE0405E2D0995BB21816313BD5

@@ -1,3 +0,0 @@
-- "^/user(/.*)?$":
-    read:
-      - user

.well-known/allowed.asc

@@ -1,193 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-
-mQGNBGHxE94BDAC6VRjo9Q2Cq8xdD9nHHhyywgCbh35PnEyZKulpqBC9UBuluxUp
-uWxUfB99qczcLU76Y7dXFvezeuIjZr7ntuAQyFgaNTMAbv4MR2oIx95QS5HcdOpq
-VVelfEVNSiHVDRZcWyzLQ0+u+jkbN5DSMfF07SWPpamJpW7EU/FQpFYVOdNU94qj
-O5fL85H7tlxFsjqIljeV3X+zUu1YwyyT/iWlcnP85yIgoGdnrMlMSd1hC0dW8wuD
-hJ0GfhhMtvk7OE5zJLV71qNejOtD3Dubn0gekhi0npC2YwptndIYdMYWjpKd87Hx
-3b+BEpi4k10F6nBfpejATUfpNb9pfq4dNnCkXZFJc4DcEA0QUU502cym8LNyZ1L7
-ND4x0XJt/z2y/hJDwy/xh6aLBjpUkdugQTcAWTqsfGGCMfPHrz6OLMMQhgE2ocdi
-P2jo4plNEd/jcB22SunfAJqE+m2szF5B858M+xJiL696nBcpBPCFpjve9zFdFURn
-f5p0uqLZfzT8yV8AEQEAAbQaU3kgU25vb3RsZXMgPHN5QGphYmJhLmNvbT6JAdQE
-EwEIAD4WIQQyJJin+RRajM9gs0lQPPjLDyIa3gUCYfET3gIbAwUJA8JnAAULCQgH
-AgYVCgkICwIEFgIDAQIeAQIXgAAKCRBQPPjLDyIa3j/qDACEPTHTl+rKTtRC7qG3
-olFPN8YaNmlFBv6VsHMVnVoXKsd/wWshJCx9iv7AygFgWtVQ9O/ZACp5r9ADPlOL
-rrgIW64hCECOtbCtY4gLgNpx50ZY0lHzLxlpn2D85XSdnay/woG/nCOqmcMnkKl2
-hsfHNOOgGYPZe86hhCiCnqix+b7olg6F1my77kfl+KOskWaKTkcMmM3u0tDy+wy8
-gT8SIqEtttTyI3eR4e7m4c58uN0h6I+sqAgaoDKlPaJ+48+5Ctr567TgP7s2435p
-nqYo//+9ytB6BZD4UPnIpdElg9CD5/KTuRAbnKwZ8DSz0rMuQz4JhCE6xeGSz7zr
-XMND3Usz9dwMGJJVdTwJvruquk8YVci5AA32x5MIsNHXsNZQuC6inCYZ5V4oZZoL
-EXv5cIZQ7yPFykpoXwzhs/bNXD+D8BlZig5aVmqgbRKEWyCt05r4fJQcbYp9rRiq
-L3nWIxTkcIdGxnCfxD2GJpBy3zj10VHFYuv0RHe979O93Y+5AY0EYfET3gEMAKZ8
-IVJLbKnKxuJ8ze/2nRv8QBZrxBsPcV1JdhT8choXvvDuYRDhm5F31LVZ5bWEkRKb
-NGoQwfCV2xndPqkWVterEcwv/Vra3SUCa1gn5scSu/KRC2OszYDF20lrm+jynRae
-SnqQsfxw95xAWYetJD1/pSsD29q4jM7RhMmPkbWQ3bSbnBbGCq8EJGSYieEOsgv1
-1ez36ZiwpRl4t93IlukAfpeUvpFD+qSbcrqh+B9g2OFjml7jSwMPIKd9dDxnU/22
-tMQ3MvqEHLkr+3QFStcgpi881ADHl03d7T800+LYiuyApigJyFlCkWfUEMVCm490
-hxMLVqSFnaixnXvgBCrDDRPE0m6zXNqlEEJaIVAMVhmDuUC8cQlODz4rPqzWUATp
-u1zC+4+9wmIMSWQBu1ewBqiOU8yoWhznlv4mRlF7ljzw6POyxtSVa4CnWDvvi8mj
-2Nznu+fXHqV4kHty40LH4TwVOKOoaTv2msPR1NEh27FbAfz8Hul7zzRi/9nJnwAR
-AQABiQG8BBgBCAAmFiEEMiSYp/kUWozPYLNJUDz4yw8iGt4FAmHxE94CGwwFCQPC
-ZwAACgkQUDz4yw8iGt5OeQwAiGLTDC8fzjaTXv2RY3ghVJBihjQ1HbbS1Qzj47wm
-QVfci+7nK/hW63zxjTvis+f84qDo4rLEi/pEX3VzcUDMFVXJ//uw2on9FSC4be0j
-JtSCGEMm8KPna5tuzqI8Pxy+B5t6x/P//aF/Il7c9ln4CG3suobKTawPu6lQz53d
-DG4L9xCR1ZkEoNW+GsCNXAcjFW0P6LHCUVejR6+W/Mett2aldYjyX3oZswHILdKR
-gRRRIWz65hElw1oXWI4028GNhT1Y9+E+6Y3P1zmWEW2OTcm8P5QJuvefFnjKDoMf
-PaoqWu/IZGPmGTd6wK9mi0Aj+kic66DEHw8nR5TcxubFaifcGrrhKTLYGltQhl0A
-XMVZIa5/mviSoDc9PpSMTjaPlt62dQzVMRPZ/O/cq8MKZmFW+SKDCJij5gY7CRmB
-6VRzlrI+P8setUJbWyHqkGbdNdEIGRFKARzxMrbiEN8CFDbbDCv8SwgJe0clpt7v
-6/jGQ3zHn0aYivqEF4leUM1YmQGNBF+hSOgBDACpkPQEjADjnQtjmAsdPYpx5N+O
-MJBYj1DAoIYsDtV6vbcBJQt94Om3xl7RBhv9m2oLgzPsiRwjCEFRWyNSu0BUp5CF
-jcXfm0S4K2egx4erFnTnSSC9S6tmVNrVNEXvScE6sKAnmJ7JNX1ExJuEiWPbUDRW
-J1hoI9+AR+8EONeJRLo/j0Np+S4IFDn0PsxdT+SB0GY0z2cEgjvjoPr4lW9IAb8F
-t9TDYp+mOzejn1Fg7CuIrlBRSAv+sj7bVQw15dh1SpbwtS5xxubCa8ExEGI4ByXm
-eXdR0KZJ+EA5ksO0iSsQ/6ipSOdSg+i0niOClFNm1P/OhbUsYAxCUfiX654FMn2z
-oxVBEjJ3e7l0pH7ktodaxEctPofQLBA9LSDUIejqJsU0npw/DHDD2uvxG+/A6lgV
-9L8ETlvgp8RzeOCf2bHuiKYYz87txvkFwsXgU1+TZxbk+mtCBbngsVPLNarY/KGk
-VJL+yhcHRD0Pl4wXUd6auQuY6vQ9AuKiCT1We2sAEQEAAbQeTWVyIE1hbiA8bWVy
-bWFuQGdyZXlza3VsbC5jb20+iQHUBBMBCAA+FiEE8/r2aOgu9RJNUYe67yb0aCND
-9pIFAl+hSOgCGwMFCQPCZwAFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ7yb0
-aCND9pLwiwwAhFJbAyUK05TJKfDz81757N472STtB8sfr0auwmRr8Zs1utHRVM0b
-/jkjTuo4uJNr7YVVKTKgE7+rJ+pwhm3wlTQ44LVLjByWAi/7NWg3E9b2elm+qkfg
-m/RfFt3vkuOxGSyZyIFFh+/twv6iABPvr6w7MZwrFaS0UP3g1VGa5TFqg6KNxod9
-H/gPLxv45lutXf3VvBZTJpr1pxn7aLHlFzEyIgNZbP/N1QF44GSrN/k0DfL631sZ
-jauUXaZXbi5xGsKKCYwJ1g3q587pi6mTdTV3n0hKgVuipO8hGy5++YeOv+hXsCxD
-wyZ+Shv+qavd/SapxYgCdEueuwONIFfsIsWCd3SCcjKXicTTEFMu8nvBmf7xuo2h
-v6vEOxoijlXV+4LkGrskdB8ZMg8PywEx6DLmDokgnAhTLrTc1ShbkOtQ3yNjjyFK
-7BDpqobsJal6d8SpbhccUJLepaSmsk0CgJsTjhAl6EwX0EYgTo3kP5fScqrbD8Vw
-QaT8CcE4rCV4uQGNBF+hSOgBDADHtpTT1k4x+6FN5OeURpKAaIsoPHghkJ2lb6yW
-mESCa+DaR6GXAKlbd0L9UMcXLqnaCn4SpZvbf8hP4fJRgWdRl5uVN/rmyVbZLUVj
-M8NcVdFRIrTsNyu4mLBmydc3iA/90sCTEOj9e7DSvxLmmLFjpwM5xXLd6z0l6+9G
-+woNmARXVS3V/RryFntyKC3ATCqVlJoQBG45Tj2gMIunpadTJXWmdioooeGW3sLe
-Uv5MM98mSB4SjKRlJqGPNjx5lO6MmJbZeXZ/L/aO6EsXUQD2h82Wphll4rpGYWPi
-HTCYqZYiqNYr6E3xUpzcvWVp3uCYVJWP6Ds117p7BoyKVz00yxC9ledF3eppktZW
-qFVowCMihQE3676L3DDTZsnJf1/8xKUh5U2Mj3lBvjlvCECKi00qo8b1mn/OklQj
-J5T4WzTrH6X+/zpez8ZkmtcOayHdUKD/64roZ9dXbXG/hp5A+UWj8oSVYKg2QNAw
-AnZ+aiZ2KVRE/Y61DCgFg6Ccx/cAEQEAAYkBvAQYAQgAJhYhBPP69mjoLvUSTVGH
-uu8m9GgjQ/aSBQJfoUjoAhsMBQkDwmcAAAoJEO8m9GgjQ/aSIPcL/3jqL2A2SmC+
-s0BO4vMPEfCpa2gZ/vo1azzjUieZu5WhIxb5ik0V6T75EW5F0OeZj9qXI06gW+IM
-8+C6ImUgaR3l47UjBiBPq+uKO9QuT/nOtbSs2dXoTNCLMQN7MlrdUBix+lnqZZGS
-Dgh6n/uVyAYw8Sh4c3/3thHUiR7xzVKGxAKDT8LoVjhHshTzYuQq8MqlfvwVI4eE
-SLaryQ+Y+j5+VLDzSLgPAnnIqF/ui2JQjefJxm/VLoYNaPAGdqoz/u/R0Tmz94bZ
-UfLjgQaDoUpnxYywK2JGlf3mPZ3PNWjxJzuQTF5Ge5bz/TylnRYIyBT7KD7oaKHO
-62fhDbYPJ4f94iZN4B6nnTAeP34zFDlkUbX4AHudXU7bvxT5OUk9x9c2tj7xwxQH
-aEhq2+JsYW0EVw27RLhbymnBfLjVVUktNF0nQGvU2TEocw4pr2ZkDHQkSnlbNa4k
-ujlL7VzbpnEgyOmi5er9GaIuVSVADovBu+pz/Ov1y/3jUe8hZ/KleZkBjQRgrn8w
-AQwA2/mnkRIblVnqqFsnhqLEHg8qQ5xRT5brV1LXxATI6dOYLfs4aqNEwpkulOVy
-EU7CophEHqb7mejJls57/ZoUhGBTR3yZK86EErLcO2DW8zEfIYY6lU/cWrpkmzoc
-SlyHYqGYvMZP8+DxccQnfFdeqEt/rOv5+NH9WjWs+KJwfAEzaEZd4EJ/m5+BTTqU
-FhhCPM16sxUHbrl8A3wSe2bkGJYdKPLyKMJpd8XCYy5Uc9OvJ2EUecl9TEwiZsUw
-tNvBKfxHCIuYYLJ16gDAsHmApzAgH7fu2uJVUs4jUHPuJYRuIUGiDszVHK94j7Mh
-hHd/z2YvgHRkrV+55x69+G/zOfSxgL7aDBF4uM+lIzBKGAynZvRifNM+QhcBJY9v
-EYFYpWsA7n5bsnJn5kU2OQftTquroDd9MRI4DxKBim2R8JvfvVkXpPNWFexoYMDj
-u1GG0iuK7IA/wfgrHuwA1w9KPQxr1C2I7w+QaTBtI3UZBQUxRWd1DZG+FGbSCzMj
-0AO3ABEBAAG0TFF1ZWVuIE1hcmxlbmEgKFNoZSBpcyB0aGUgcXVlZW4gYW5kIGlz
-IHRydXN0ZWQpIDxxdWVlbm1hcmxlbmFAZ3JleXNjdWxsLmNvbT6JAc4EEwEIADgW
-IQTM4uHS0ONq3gQF4tCZW7IYFjE71QUCYK5/MAIbAwULCQgHAgYVCgkICwIEFgID
-AQIeAQIXgAAKCRCZW7IYFjE71S6kC/45xtmN7mu3fQgvN1RXjpDDlZGbNVZeP9qP
-X7HaNiYuGMWqMymrW6Cbm8KTtzYy2hWEMevgv+m7ZiGeZBVQR8QweLMPKyn5Jeeg
-6kDCl4wMlmC3Av1DXGXX1eMNPlqI/ioC9bodW8aYlDMuzTZ8bz86NmBjKzoNMW44
-cLj7lx79G8sKyUvJBZxxM9qO+Wnx5sCGZps2XIuBcKRQ2MTlrMxURe13ELtLZSY/
-3kc6/0/XjpYbUzrOfxY7dNO0zTowQR7BfVN85H9QF8Z95MRXHYG3WFxDKdrkq/rD
-EhakrJ5vSgKsAvkVPIhtkr/RX+WJzr4Own6sphhhYni76ZTMaanZTqcsDK4aV6k/
-2ueL6s8Xid2sUypIP3N0+BnpND9CALDOp01muN81ZgSoZBTXT907k76kBcuGaixQ
-zRwpOEnzUmFtQ3ovoq73MrHRW+vmQ1wGDXZNDfgI5a8MXEEkGgOpmrn4HDv7APm+
-3tCTjIDNg6+S6zQ+FM9eszBmIHkEKf65AY0EYK5/MAEMALcGSoCA3spShaMd3ncz
-wU0uWReUbOOlqenvjhdXnL320Jj1fLxz2ZC6zWE7eVDgyiSSyTuYaKTYCYoDB5gG
-616hUmQf165JMH7mesmNxcsWu6mknshHQ19Eh9+d9xD+7wxa8mRLeWzvYNWlGz3g
-WGpkjH65IBnY+zPk6BEbr6VVdi4YAQCXgG55PtmtEvyXMfO95lmsf05hS89sjtk2
-RU++IjAtgskDCz246v6+YGjLDM0Y9tIyePpmrU/PFy+Ja9yZMrZFseR/Rvp9JLjV
-5quhk5JcDF8le1yLsfYlL6oa+/nEqiRZ4lW4hm1k6M3wZP6yawgnAjfs1IfokFLV
-W8OFrKwb6Oz6Prq5cNG23/wabTpoUPmyAgAKcVUfxdLXjXvNi2hR60V3EDpvxeHC
-ajD7Wbwc/4jiTvp6hg4EbIFEfIAOPEWXUYGMUuXj0W1hClIZZrco7vdetgj9nNuB
-agblG/p2M9Bd750YUQvZ+TDu2Y7TRZEMJejvsCdFAMJ6nQARAQABiQG2BBgBCAAg
-FiEEzOLh0tDjat4EBeLQmVuyGBYxO9UFAmCufzACGwwACgkQmVuyGBYxO9X5jgv/
-c5ct9z0udIEepHBbTfCgYHzXMHf2M2cyPANqOZwBYXB8Fh/39uYRl8W4d4RqM/DW
-ohhRZLYnn2kPvTNlLG9eTko03ik+hyqAcUpJ+uNX5Fe+xHfmtKxrToa3pSr4qkCb
-Uv+edPS2yKYmD6X0hMNDsJR32O2XgJdzwjmR5IsjsEf4Zo9oGx6W0qsUiXVn7Uyz
-FA2gk86n0pCI5AeqU4CZCzzOHlJ0y8RT+FXJA4W549WvdgIyNAaFFUZUFCg8Iarg
-5T+F4zpkUkWYeGIvHEIdDAzd0ke9scD9/ed8WDmGpwATHADaldMD0ZtbS1zkU/5E
-AwVbA7GAE0vWuSreEMhehZ0deq3CuZQKl3rdfzta71b2iQ81586EDmtDkYHRXLYv
-tqXQm8Dcty2Ni7yQ5fiODwxk6pN9h/x1Lgqa1pHGbtnSwj9E3hFUYPecMghXOAtB
-tXi+sniCnB/5eg6eU6C36qWiLei1yx6XyQ9KNHjquOk/iEJThbKi5nqmUzO8EZcD
-mQINBFidw/8BEADCvm2pu3s4xHCI4ierG4KhXtZybYRV3A30KLJAtj9DRBM0SxuT
-Er5pKFes/idvAKstXPJBpFgkT3k3a+CZUi7SG4SJCHdeukzfgj/dH9pdZ21W8tkz
-7H3gXnQRrEQG+ZVeTQroiUPkfuV4axr82vrJ4UpF+Mjr+S34sSt/Gy/jugsyH+0i
-lnKuesWRFPC0PGj7v6c1uTL9V1swtXbGv0r4XRl/z53hTy6y3THCECnMNBOqKeNa
-xYKrIn6h6QPBwp2HbMlapFMbGoD6cWBG7XExKYPJaBralYZHiKe6ZBGKWmpYel79
-NEdUCmYExAHDfsrp6GWqyLueBjEq3uSkF+WG3gYe5XvIoipDJzEGdeyUWK38OkYf
-5E0bWaAUTaTDNoAQfuQHbLikIn7tGknOe61JZ1p3QqvZAY9/32fsX/Hm4E/WXnS2
-G8yK5XBoT1G3hYv4Q0xO8ZcoQylN89b6hL/GyparF42hxYt8OqsAfk1SxRRQezMw
-YNSZVWenOxPwKv56mqN8tJwXyfZ04yZJNGkyVqP5GfsA/pv1/YzLidBfqHLanyDq
-ScNVNrkvSr/U2RcAAMOmepSKxxz0rqCsj9OKdHs+6Zcy42iXjKRd7GaAnYgPIPfx
-4CbV8i2EYPHCNriKBrQUiduGjW7RWAjofXri7vn6dn8XHxAUpSpuNuFDvQARAQAB
-tEJNb2hhbWVkIFNvaGFpbCBBemltIChrYW1pa2F6ZWNoYXNlcikgPG1vaGFtZWRz
-b2hhaWxhemltQGdtYWlsLmNvbT6JAlEEEwEKADsCGwMFCwkIBwIGFQoJCAsCBBYC
-AwECHgECF4AWIQRDynf2Qa2gMcEmZctHRhwxsAa8DgUCYe/GPwIZAQAKCRBHRhwx
-sAa8DuLeEADCpKYRn0lfN4LSI7FO0vG1E06nH9ax37MgTne7LwflKEg2lNhckWf8
-as/sm1K0+ASdqHaNEcGM8rcbqNk9zy0peL0ReytvC+TX+wS1L1LpHl8LPsSjM1oG
-k9WzOUtWOl77n6PKSoCbCM/1SXc4RdZnnjsiuVnuJy8ABkExqqg/jSrwaZsKT/yY
-dGNH0/HjnvOgza89Rp6n0dllXR7l7LhO9LTh2Nhl3CMLGQuYYTjWYAndRJnsqmD3
-geKi3TkFOmPqiLm2ThHE0vxT0/XVJMs26lQfw8xc6j/YoWN6AMCXd5xOu7GH3NJE
-2zh8ohPtIc0D/Tc9b0cYnzvB17pVytLcVc6Ip9dlDFMwI/U1oqzSzw9UiWKBvzv3
-xeDqiUYx6a6/2Ue8faydAyKKL5EgtjadO38s9WiKRZNY9rcDQi+Bn12XfGY2GVn5
-42472N1Hcc6Ja6wK1RTPqlu43v4u/TPeHWEpTj62KX+mWqKL8bIGMWMFxBDGi0KE
-dqY7st++Ljk5OMjmjkpqJUvvGStuOjT7jHyNotKqprKHRET21kyg6CfFIxryJPxf
-z5QOPGfh1mSiWC4jxMg/a8lpYhd5aKzbd4S0RtDMYHrvOs0rv9YFyU7qWJoHEmlK
-EWKzbAzX4D3MZn/K26PdVr+YbjI9freXyxrlzngXHwifZZQCeJG2wokBOQQQAQoA
-IxYhBJDQZnJzOtfYONzsQX3UVSDAHNhdBQJh78gwBYNrVxsrAAoJEH3UVSDAHNhd
-KQUH/jVOnYldtmwun64yaI7wlP15JDq7u3LiTgYL6SlhYbrbvEFV1eTZt+oMCn/w
-DURJ2Ri8CNM6WfP+mREQeKZ36T4RtoNaa9Ziv2JeSfE4Nwy4SRYlTjAl5w7cnOdU
-2BLiU+w5ZtI84Hoj5/AmA91Kdib/bcjUJYcgXbuh0s0K5ilLc6Pc6mDcMOipQJ9q
-wgfaNqV5nmU/BHbvzFv+AbfYudLlFU8o5FTt5iGjAcu5ejgUmhzjLy0e3B6i7gaO
-+C+5gzlvHebf6JRQzlU4T7t8q2J9eiCVa6LN5dVg4Cw3jcmpCjGWE/WQ1lWj+DeV
-dVYSejpkUOXMnD5J0MXP7CWJQCG0Ok1vaGFtbWVkIFNvaGFpbCAoQGthbWlrYXpl
-Y2hhc2VyKSA8c29oYWlsc2FtZWphQGdtYWlsLmNvbT6JAjYEMAEKACAWIQRDynf2
-Qa2gMcEmZctHRhwxsAa8DgUCYe/GzwIdIAAKCRBHRhwxsAa8DvU2D/0Ryq07Qb/g
-wUPVqEuHKbMmA6K12NPR8P4FIKvWpaKjgfrRPK+lInj1fngcOnnH357ZsA5bG73j
-6jRid48oSaFsGMSVjXx9r6Un8EoK3npZV2Y2z/wL8nT07PLhSXba2dA/vFVGD6qA
-PVrwqZ4fGXTwNyJQece2BF+sMZKxC90Fq/gEK30sWKYSY9iQZ7Lar7Pn4dnPlG+s
-+xvUsG9+QaopV/oaz9gn7yHzqYWjh/Ksud/7nhutFzKCv9FbF9kL+cL93605DU8M
-6uy66IQbqBRChAhljZM4eLSf0sLJl7E0T2qVmtFW3nJfUJccvckzhG+DS+E0WLHb
-NQRJyi6mW4DMfPPYYykz5nueQZGt1LVnScUqcjNNVZTaglVmFlCai+FgpKcBPxlv
-uCGrxJFZ0/5TVkKpn6rnC458DDs9f3f+ivfUHHRwLmvKcqaFGngjX3cS7t3rtAo2
-nMlS+uzO0PF+Na01LIOUmda4970ogroF8nNnqIdC1oUn1HdQoKs/aliO1IbIzu6Q
-anuR/kbqfIZO9TME2EIVquNuyYrQyq8Wq/SRnBTzHWIPVlSB5Epi8hHZXH4Eqmw0
-TGXlxKKnd7+lC8gcc4anqNAZUdjxQ5mgdQOX6UvAhTMKVyIT5v5w3BCBh8mLqTug
-AgyxMXaI+akVgIvYDnAZd+6+IrNnMxOcyIkCOQQTAQgAIwUCWJ3D/wIbAwcLCQgH
-AwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEEdGHDGwBrwOwBUP/RUvfAL2aJtFp4y/
-vf+N5Pg5I/VY2Znrkke8SYoR92azFr5PJw63WkuIt+iWy1FwDrUfp8A1CFrx++aB
-83KsSkEznvayppF9Py8lAB8SHiVxKCeKPMmRYwgyZ2HFhac0/t3iPhN6Ce+l+rGV
-Rdy6ACuK2lBCExqPLKvSkLSrPWwm6Oy0SFacJQ6LTepEjaMbJIokkT2BwswBpX+a
-XP97n6VU6JiJ4Pv0jwRMK2Ty5aGb8i1i89jm8++SxAMJMMLuhlx4pbdJ4ev8RlNK
-p1ukwyO/EbZLUJRExNPH/hyjfCOMpU7VPmkTWFFFOK3n6GZ9Z+pcd8aosi+5uIB/
-Gj2Bj5Nq9PV6vAgCzV7aoYOrZoQPuh96v5eXmuVssJss7FwDk6ISQhyMmBr98l8G
-Xy/jSTugUPzHHz1AS8JqlowcsmbR88DGw5ZJM213aD+Xj8lvBoRYe8Lihz0CgVrE
-A0m3a225KgOq66/CfiC3kWwarUbPM4GJdq5a77EMlm+CVWwPRcDS2aiU3WsZE/u2
-W0FkWntFeVZFDqQXMRZrPK13VHY/G7vfOlni0+waZ+wdJ9RZJMFGKQ7xUF2He3rx
-Qk+MyqZHNey6J1Yhv9UJ89asGtqnIK8I3SDgmkF9ndu/8RQKOAQIF2/Y+UKTobvV
-xD9X1t6dpo+UTCSBnUxeT7cL6pnruQINBFidw/8BEADb8OscLHFNJxOwP6llp2kn
-L8m0UNwb9xs+sh6jpLfKb3zjrc6ifpzkgWxhsFSfAN1qX4/Ul7PlxOlnpg2KAr3O
-tBaAwSCoKaIWB2/vAp38YxZ8T/uyjbIX10CWIUQE+fAzZ5tgId9FFTgBjq8SKTZP
-G4DmDwcprUuEGMidDlaqJ0d7j4dkw4/OhcTzbtWCSM0Q63oRXLjpHGINigegHvaI
-xZ+50H3n/oyz5keWdHF1mQqJL6GkykV4PxFzCwP7yCsUJ2QMehdlP2UBNSDAbEnn
-zkdbVv7g/SkOSs3TEtv444WN93Qo/BF0wZ+r4Lz0D0NAGIzvK04FErr902Cso7el
-drH5wcdZERF1DEt2uB9LM5HqBdkVl4ybmyB0WM313ZDvuC5LGkwSNhSW2vOly+Uy
-hFmBv/oCUIy8SEYoDqwukcigUdZk5yx51gTvnhxcHOkYAGyf+ugTlaPiG6XSD0sy
-bR0YpMDInanTllE+S49gSO0dojKTy1WCurM06QxPOYwu2THxVWHVBTJH3x3A9vfm
-kAGi9xVQWgdJophggOnb5Y3BXahGqiZ9Eg60la3zrs/XlUouz7SrC5K8S92UNFJ/
-LeJ+YCofVANNCXMk6XOZhcFYu32hVoFc8stBci+OKEMW9ceencLGAL4c4o3mrHia
-3qHRylLN+HZybTSrcVdBtwARAQABiQIfBBgBCAAJBQJYncP/AhsMAAoJEEdGHDGw
-BrwOIz4QALcHDIDq4gxH/acnxOkEx+xdDr/3K+nVifCReM4GRN6NhSl6c9AGA35H
-KHi7FGyw8qF06JKg+xOGsSBKPtmY7XbFU71opM0WvEz+DtW/iObE8lV57QtuGmjF
-btrG0cmHe0KGvxRNKmgJVzXk43l0TOBoFnWq3QRovfJ4q0koFPgQQZ3nmIRRpX6i
-3uZVW7M3ZfRVw+JtoHbuitKnpamZXGuBjX33AQSHVzbTFc8gmELjXB1Q+XJVt6sW
-H29Xu2PIjZvC1NbGL5nOiq4bvAvuCfCo8evHPnFd2LXPHkZ0NMyVgEv/quIsBluh
-CGYOkKC50WTBbvIrmo+qUVAP1Z1wykhGbGfrYGIZ5Q9Ct3xZ9ksUcUDAVX6zegTt
-jBZzeUOIAOzHWgzLe9gNSCNcpE5BJDeZuIiF037EB9vlNWBaqQjcIdJqxMtgzEex
-HI102Dtcmx7uGZ1ZDO0UC3AHUFmKu5pFhcECsbyoas+nzFq8b7YFl/sRcho7FQRW
-CmgEC8VXX6R3pkxMlKTNwEJwCxikh32LIPeAd6qar3LU2vbz+ustjXp2oKOe/gaK
-dq/D+1NRO1zVJx5Y7TCjZPYsqUrzi9DiDWxG+hbHiO/q3Xg8efb3qYFCODpyP10s
-ImFivj6piZnFT5BVj3A2pZI7yzL6iW25zl6pAHycA/pgZx4U8L3c
-=b8b1
------END PGP PUBLIC KEY BLOCK-----

.well-known/allowed.asc.sig

@@ -1,14 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQGzBAABCAAdFiEEzOLh0tDjat4EBeLQmVuyGBYxO9UFAmHxG1wACgkQmVuyGBYx
-O9U1MwwAmQtv/FNlEYCjkvJhCgOKRfAuIR1Sro5qguImlaoalHK2lA6LzORnay5L
-hRzYpG6hE7bIn18iRujHsEoxD6tK7QXhIsqpWpZ+nuZnsMTffsGUIqxDWmiYz/Tm
-rusw1wCI6xyGWgxjQCpLsQGcCT0oGe6aumGMXNYwjhVnjhQj3Whegx6WXhXtOh1L
-vh68PLpWxT59RkKy9WBbFmrujs3I0Xcayj6bfFahnFOacQfqJ5FjgbtGuVVr8M8O
-q4kb83O1cDI5gso5Q7/dg3kRjGxr76CQy53C7LXt5URRGHAocC7GMM7AvHcXuTwa
-wYenYFkOGhYAJPD/cuCKIoinyDAnGuxh1Lv2cOChoARQ461b7Eg624fqlIZxiowd
-lR0Kcm4CcSyHz1A2XSl4vsrscif8RRhKRguE6RlovOz3nHM6MBYZeCWaKJ/rkOsF
-u7GWW4VBSJHEeQ9HC29bG7gLd8taOIG+EawGmHPBMq1kxivhq3i/huW9TmI+XAjN
-Rls2ZgGi
-=/0Oi
------END PGP SIGNATURE-----

Dockerfile

@@ -20,10 +20,9 @@ WORKDIR /home/root/app
 RUN apk add --no-cache gnupg
 
 COPY . .
-COPY ./.well-known /var/lib/cic-auth-helper/pgp
 
 COPY --from=builder /opt/venv /opt/venv
 ENV PATH="/opt/venv/bin:$PATH"
 
 EXPOSE 80
-CMD uwsgi --wsgi-file cic_auth_helper/runnable/server.py --http :80 --pyargv "-vv --forward-to http://cic-meta-server:80"
+CMD uwsgi --wsgi-file cic_auth_helper/runnable/server.py --http :80 --pyargv "-vv"

cic_auth_helper/data/config/http.ini

@@ -1,5 +1,5 @@
 [http]
 auth_origin = 
 cors_origin =
-auth_realm = ge
+auth_realm = "ge"
-hoba_cipher_id = 969
+hoba_cipher_id = 00

cic_auth_helper/data/config/pgp.ini

@@ -1,6 +1,6 @@
 [pgp]
-trusted_publickey_fingerprint = CCE2E1D2D0E36ADE0405E2D0995BB21816313BD5
+trusted_publickey_fingerprint = 
 import_dir = /var/lib/cic-auth-helper/pgp
-publickey_filename = allowed.asc
+publickey_filename = publickeys.asc
-signature_filename = allowed.asc.sig
+signature_filename = signature.asc
 run_dir = 

cic_auth_helper/error.py

@@ -1,14 +1,7 @@
-class ReverseProxyError(Exception):
+class NotFoundError(FileNotFoundError):
+
     def __init__(self, code, msg, headers):
-        super(ReverseProxyError, self).__init__(msg)
+        super(NotFoundError, self).__init__(msg)
         self.code = code
         self.msg = msg
         self.headers = headers
-
-
-class NotFoundError(ReverseProxyError):
-    pass
-
-
-class BadRequestError(ReverseProxyError):
-    pass

cic_auth_helper/proxy.py

@@ -5,17 +5,12 @@ import os
 import logging
 
 # local imports
-from cic_auth_helper.error import (
+from cic_auth_helper.error import NotFoundError
-    NotFoundError,
-    BadRequestError,
-)
 
 logg = logging.getLogger(__name__)
 
 
 re_x = r'^HTTP_(X_.+)$'
-
-
 def add_x_headers(env, header_f):
     for x in env:
         m = re.match(re_x, x)
@@ -25,33 +20,29 @@ def add_x_headers(env, header_f):
 
 
 class ReverseProxyHandler(urllib.request.BaseHandler):
-
+    
     def http_error_404(self, request, response, code, msg, hdrs):
         raise NotFoundError(code, msg, response.getheaders())
 
-    def http_error_400(self, request, response, code, msg, hdrs):
+    
-        raise BadRequestError(code, msg, response.getheaders())
-
-
 class ReverseProxy:
 
     def __init__(self, base_url, ignore_proxy_headers=[]):
         self.base_url = base_url
         if not isinstance(ignore_proxy_headers, list):
-            raise ValueError(
+            raise ValueError('ignore_proxy_headers parameter must be a list of header keys')
-                'ignore_proxy_headers parameter must be a list of header keys')
         self.ignore_proxy_headers = []
         for h in ignore_proxy_headers:
             self.ignore_proxy_headers.append(h.lower())
         self.opener = urllib.request.build_opener(ReverseProxyHandler())
 
+
     def proxy_pass(self, env, headers=[]):
         url = os.path.join(self.base_url, env['REQUEST_URI'][1:])
         logg.debug('access ok -> {}'.format(url))
         req = urllib.request.Request(url, method=env['REQUEST_METHOD'])
         add_x_headers(env, req.add_header)
-        req.add_header('Content-Type', env.get('CONTENT_TYPE',
+        req.add_header('Content-Type', env.get('CONTENT_TYPE', 'application/octet-stream'))
-                       'application/octet-stream'))
         req.data = env.get('wsgi.input')
         res = self.opener.open(req)
 
@@ -73,6 +64,8 @@ class ReverseProxy:
 
         logg.debug('headers after reverse proxy {}'.format(headers))
 
-        status = '{} {}'.format(res.status, res.reason)
+        status = '{} {}'.format(res.status, res.reason)
         content = res.read()
         return (status, headers, content)
+
+

cic_auth_helper/runnable/server.py

@@ -24,10 +24,7 @@ from usumbufu.adapters.uwsgi import UWSGIHTTPAuthorization
 from usumbufu.adapters.uwsgi import UWSGIAdapter
 
 # local imports
-from cic_auth_helper.error import (
+from cic_auth_helper.error import NotFoundError
-        NotFoundError,
-        ReverseProxyError,
-        )
 
 logging.basicConfig(level=logging.WARNING)
 logg = logging.getLogger()
@@ -104,14 +101,12 @@ def do_auth(env):
     http_authenticator.component_id = 'http-hoba'
     bearer_authenticator.component_id = 'http-bearer'
     try:
-        logg.debug('registering bearer authenticator with bearer retriever')
         authenticator.register(bearer_authenticator)
         authenticator.activate(bearer_authenticator.component_id)
     except TypeError as e:
         logg.debug('not a http bearer request: {}'.format(e))
 
     try:
-        logg.debug('registering http authenticator with hoba retriever')
         authenticator.register(http_authenticator)
         authenticator.activate(http_authenticator.component_id)
     except TypeError as e:
@@ -167,15 +162,10 @@ def application(env, start_response):
     if reverse_proxy != None:
         try:
             (response_status, headers, content) = reverse_proxy.proxy_pass(env, headers)
-        except ReverseProxyError as e:
+        except NotFoundError as e:
-            response_status = str(e.code) + ' ' + e.msg
+            response_status = '404 ' + e.msg
-            headers = headers + e.headers
+            headers = e.headers
-            logg.debug('headers more {}'.format(headers))
             content = b''
-#        except BadRequestError as e:
-#            response_status = '400 ' + e.msg
-#            headers = e.headers
-#            content = b''
     else:
         content = str(auth_resource).encode('utf-8')