From b329cd0cccccf699b0b099ea519eb31be0fcfbb7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Joachim=20Schl=C3=B6ffel?= <me@joachim-schloeffel.com>
Date: Tue, 9 Jun 2026 14:25:09 +0200
Subject: [PATCH] Document preserving Gitea Alpine key filename

---
 README.md | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 81eaa78..0ac7dc5 100644
--- a/README.md
+++ b/README.md
@@ -21,10 +21,14 @@ https://code.factoring.digital/api/packages/public/alpine/v3.23/alpine-packages
 Install the registry signing key on each Alpine node:
 
 ```sh
-curl -fsSLo /etc/apk/keys/public-alpine.rsa.pub \
-  https://code.factoring.digital/api/packages/public/alpine/key
+cd /etc/apk/keys
+curl -fsSLOJ https://code.factoring.digital/api/packages/public/alpine/key
 ```
 
+Keep the filename returned by Gitea. Alpine matches repository signatures by key
+filename, so saving the key under another name makes `apk update` report
+`UNTRUSTED signature`.
+
 Add the stable package repository:
 
 ```sh