pidgin/nest

Add pgp public key and refer to it in our security disclosure method

The idea behind this is to make sure people that choose to use email to let us
known about a potential security issue in Pidgin encrypt the content of the
emails using a set of pgp keys of trusted Pidgin developers. For now we only
have the pgp key of grim but more keys can easily be added later on.

At the same time, since Hugo does not currently have a built-in shortcode for
linking directly to static resources, I had to add a new shortcode for doing so

Testing Done:
Ran `dev-server.sh` and made sure content looked as intended and links worked.

Bugs closed: NEST-46

Reviewed at https://reviews.imfreedom.org/r/860/
#####################################################################
# setup up our node environment
#####################################################################
FROM node:14-buster-slim as node-update-date
WORKDIR /nest/
COPY package-lock.json package.json ./
RUN apt-get update && \
apt-get install -y mercurial && \
apt-get clean && \
npm ci --production && \
npm cache clean --force
COPY .hg /nest/.hg
COPY hugo /nest/hugo
COPY tools /nest/tools
RUN node tools/update-lastmod.js
#####################################################################
# run the hugo build
#####################################################################
FROM debian:bullseye as hugo-build
RUN set -ex && \
apt-get update && \
apt-get install -y hugo && \
apt-get clean && \
rm -rf /var/lib/apt/lists
ARG BUILD_NAME
ARG BUILD_DATE
ARG COMMIT
COPY --from=node-update-date /nest/hugo /nest/hugo
RUN hugo -s /nest/hugo -d /nest/public && \
cp /nest/public/post/index.xml /nest/public/rss.xml
#####################################################################
# setup up our node environment
#####################################################################
FROM node:14-buster-slim as node-build
WORKDIR /nest/
COPY package-lock.json package.json ./
RUN npm ci --production && \
npm cache clean --force
COPY tools ./tools
COPY --from=hugo-build /nest/public public
RUN node tools/pre-prod.js
#####################################################################
# finally package everything up with rwgrim/goserve
#####################################################################
FROM rwgrim/goserve
ENV GOSERVE_404_PAGE="/html/404.html"
COPY --from=node-build /nest/public /html/
EXPOSE 3000/tcp