1、安装先决条件:
sudo apt install curl gnupg2 ca-certificates lsb-release ubuntu-keyring
2、导入官方的 nginx 签名密钥,以便 apt 可以验证软件包的真实性。获取密钥:
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
3、验证下载的文件是否包含正确的密钥:
gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
输出应包含完整的指纹, 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62 如下所示:
pub rsa2048 2011-08-19 [SC] [expires: 2027-05-24]
573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
uid nginx signing key <[email protected]>
请注意,输出可以包含用于对软件包进行签名的其他密钥。
4、要为稳定的 nginx 软件包设置 apt 存储库,请运行以下命令:
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" | sudo tee /etc/apt/sources.list.d/nginx.list
如果您想使用主线 nginx 包,请改为运行以下命令:
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/mainline/ubuntu `lsb_release -cs` nginx" | sudo tee /etc/apt/sources.list.d/nginx.list
5、设置仓库固定以优先选择Nginx官方的包而不是分发提供的包:
echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx
6、安装 nginx,请运行以下命令:
sudo apt update sudo apt install nginx
标签:gpg,nginx,--,sudo,keyring,apt,升级,Nginx,Ubuntu From: https://www.cnblogs.com/ubirdy/p/18460247