Merge pull request #6298 from influxdata/copilot/fix-6297

jstirnaman · web-flow · commit 64082e9a6fb4 · 2025-08-19T11:16:06.000-05:00
Update Debian/Ubuntu package signing key location to /etc/apt/keyrings for improved security
diff --git a/.ci/link-checker/default.lycherc.toml b/.ci/link-checker/default.lycherc.toml
@@ -50,6 +50,14 @@ exclude = [
   # detection)
   "^https?://github\\.com",
 
+  # StackExchange network URLs (often block automated requests)
+  "^https?://.*\\.stackexchange\\.com",
+  "^https?://stackoverflow\\.com",
+  "^https?://.*\\.stackoverflow\\.com",
+
+  # Docker Hub URLs (rate limiting and bot detection)
+  "^https?://hub\\.docker\\.com",
+
   # Common documentation placeholders
   "YOUR_.*",
   "REPLACE_.*",
diff --git a/.ci/link-checker/production.lycherc.toml b/.ci/link-checker/production.lycherc.toml
@@ -58,6 +58,14 @@ exclude = [
   "^https?://reddit\\.com",
   "^https?://.*\\.reddit\\.com",
 
+  # StackExchange network URLs (often block automated requests)
+  "^https?://.*\\.stackexchange\\.com",
+  "^https?://stackoverflow\\.com",
+  "^https?://.*\\.stackoverflow\\.com",
+
+  # Docker Hub URLs (rate limiting and bot detection)
+  "^https?://hub\\.docker\\.com",
+
   # InfluxData support URLs (certificate/SSL issues in CI)
   "^https?://support\\.influxdata\\.com",
 
diff --git a/content/influxdb/v1/introduction/install.md b/content/influxdb/v1/introduction/install.md
@@ -75,8 +75,8 @@ For Ubuntu/Debian users, add the InfluxData repository with the following comman
 #   Primary key fingerprint: 24C9 75CB A61A 024E E1B6  3178 7C3D 5715 9FC2 F927
 #   Subkey fingerprint:      9D53 9D90 D332 8DC7 D6C8  D3B9 D8FF 8E1F 7DF8 B07E
 wget -q https://repos.influxdata.com/influxdata-archive.key
-gpg --show-keys --with-fingerprint --with-colons ./influxdata-archive.key 2>&1 | grep -q '^fpr:\+24C975CBA61A024EE1B631787C3D57159FC2F927:$' && cat influxdata-archive.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive.gpg > /dev/null
-echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
+gpg --show-keys --with-fingerprint --with-colons ./influxdata-archive.key 2>&1 | grep -q '^fpr:\+24C975CBA61A024EE1B631787C3D57159FC2F927:$' && cat influxdata-archive.key | gpg --dearmor | sudo tee /etc/apt/keyrings/influxdata-archive.gpg > /dev/null
+echo 'deb [signed-by=/etc/apt/keyrings/influxdata-archive.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
 ```
 {{% /code-tab-content %}}
 
@@ -86,8 +86,8 @@ echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.gpg] https://repo
 #   Primary key fingerprint: 24C9 75CB A61A 024E E1B6  3178 7C3D 5715 9FC2 F927
 #   Subkey fingerprint:      9D53 9D90 D332 8DC7 D6C8  D3B9 D8FF 8E1F 7DF8 B07E
 curl --silent --location -O https://repos.influxdata.com/influxdata-archive.key
-gpg --show-keys --with-fingerprint --with-colons ./influxdata-archive.key 2>&1 | grep -q '^fpr:\+24C975CBA61A024EE1B631787C3D57159FC2F927:$' && cat influxdata-archive.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive.gpg > /dev/null
-echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
+gpg --show-keys --with-fingerprint --with-colons ./influxdata-archive.key 2>&1 | grep -q '^fpr:\+24C975CBA61A024EE1B631787C3D57159FC2F927:$' && cat influxdata-archive.key | gpg --dearmor | sudo tee /etc/apt/keyrings/influxdata-archive.gpg > /dev/null
+echo 'deb [signed-by=/etc/apt/keyrings/influxdata-archive.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
 ```
 {{% /code-tab-content %}}
 {{< /code-tabs-wrapper >}}
diff --git a/content/influxdb/v2/install/_index.md b/content/influxdb/v2/install/_index.md
@@ -112,7 +112,7 @@ _If `gpg` isn't available on your system, see
 The following steps guide you through using GPG to verify InfluxDB
 binary releases:
 
-1. [Choose the InfluxData key-pair for your OS version](#choose-the-influxdata-key-pair-for-your-system).
+1. [Choose the InfluxData key-pair for your OS version](#choose-the-influxdata-key-pair-for-your-os-version).
 2. Download and import the InfluxData public key.
 
    `gpg --import` outputs to stderr.
@@ -354,8 +354,8 @@ To install {{% product-name %}} on Linux, do one of the following:
    | grep -q '^fpr:\+24C975CBA61A024EE1B631787C3D57159FC2F927:$' \
    && cat influxdata-archive.key \
    | gpg --dearmor \
-   | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive.gpg > /dev/null \
-   && echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.gpg] https://repos.influxdata.com/debian stable main' \
+   | sudo tee /etc/apt/keyrings/influxdata-archive.gpg > /dev/null \
+   && echo 'deb [signed-by=/etc/apt/keyrings/influxdata-archive.gpg] https://repos.influxdata.com/debian stable main' \
    | sudo tee /etc/apt/sources.list.d/influxdata.list
    # Install influxdb
    sudo apt-get update && sudo apt-get install influxdb2
@@ -473,7 +473,7 @@ _If necessary, adjust the example file paths and utilities for your system._
    https://download.influxdata.com/influxdb/releases/v{{< latest-patch >}}/influxdb2-{{< latest-patch >}}_linux_arm64.tar.gz
    ```
 
-2. [Choose the InfluxData key-pair for your OS version](#choose-the-influxdata-key-pair-for-your-system).
+2. [Choose the InfluxData key-pair for your OS version](#choose-the-influxdata-key-pair-for-your-os-version).
 
 3. {{< req text="Recommended:" color="magenta" >}}: Verify the authenticity of the downloaded binary--for example,
    enter the following command in your terminal.
@@ -675,7 +675,7 @@ data isn't deleted if you delete the container._
    flags for initial setup options and file system mounts.
 
 _If you don't specify InfluxDB initial setup options, you can
-[set up manually](#set-up-influxdb) later using the UI or CLI in a running
+[set up manually](/influxdb/v2/get-started/setup/) later using the UI or CLI in a running
 container._
 
 {{% code-placeholders "ADMIN_(USERNAME|PASSWORD)|ORG_NAME|BUCKET_NAME" %}}
@@ -731,7 +731,8 @@ and _[Operator token](/influxdb/v2/admin/tokens/#operator-token)_, and logs to s
 
 You can view the Operator token in the `/etc/influxdb2/influx-configs` file and
 use it to authorize
-[creating an All Access token](#optional-create-all-access-tokens).
+[creating an All Access token](#examples).
+For more information, see [API token types](/influxdb/v2/admin/tokens/#api-token-types).
 
 _To run the InfluxDB container in
 [detached mode](https://docs.docker.com/engine/reference/run/#detached-vs-foreground),
@@ -761,6 +762,13 @@ docker exec -it <CONTAINER_NAME> <CLI_NAME> <COMMAND>`
 
 <!--pytest.mark.skip-->
 
+```bash
+# Create an All Access token
+docker exec -it influxdb2 influx auth create \
+  --all-access \
+  --token OPERATOR_TOKEN
+```
+
 ```bash
 # List CLI configurations
 docker exec -it influxdb2 influx config ls
diff --git a/content/influxdb3/cloud-dedicated/reference/cli/influxctl/_index.md b/content/influxdb3/cloud-dedicated/reference/cli/influxctl/_index.md
@@ -176,8 +176,8 @@ To download the Linux `influxctl` package, do one of the following:
 #   Primary key fingerprint: 24C9 75CB A61A 024E E1B6  3178 7C3D 5715 9FC2 F927
 #   Subkey fingerprint:      9D53 9D90 D332 8DC7 D6C8  D3B9 D8FF 8E1F 7DF8 B07E
 wget -q https://repos.influxdata.com/influxdata-archive.key
-gpg --show-keys --with-fingerprint --with-colons ./influxdata-archive.key 2>&1 | grep -q '^fpr:\+24C975CBA61A024EE1B631787C3D57159FC2F927:$' && cat influxdata-archive.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive.gpg > /dev/null
-echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
+gpg --show-keys --with-fingerprint --with-colons ./influxdata-archive.key 2>&1 | grep -q '^fpr:\+24C975CBA61A024EE1B631787C3D57159FC2F927:$' && cat influxdata-archive.key | gpg --dearmor | sudo tee /etc/apt/keyrings/influxdata-archive.gpg > /dev/null
+echo 'deb [signed-by=/etc/apt/keyrings/influxdata-archive.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
 
 sudo apt-get update && sudo apt-get install influxctl
 ```
diff --git a/content/influxdb3/clustered/reference/cli/influxctl/_index.md b/content/influxdb3/clustered/reference/cli/influxctl/_index.md
@@ -166,8 +166,8 @@ To download the Linux `influxctl` package, do one of the following:
 #   Primary key fingerprint: 24C9 75CB A61A 024E E1B6  3178 7C3D 5715 9FC2 F927
 #   Subkey fingerprint:      9D53 9D90 D332 8DC7 D6C8  D3B9 D8FF 8E1F 7DF8 B07E
 wget -q https://repos.influxdata.com/influxdata-archive.key
-gpg --show-keys --with-fingerprint --with-colons ./influxdata-archive.key 2>&1 | grep -q '^fpr:\+24C975CBA61A024EE1B631787C3D57159FC2F927:$' && cat influxdata-archive.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive.gpg > /dev/null
-echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
+gpg --show-keys --with-fingerprint --with-colons ./influxdata-archive.key 2>&1 | grep -q '^fpr:\+24C975CBA61A024EE1B631787C3D57159FC2F927:$' && cat influxdata-archive.key | gpg --dearmor | sudo tee /etc/apt/keyrings/influxdata-archive.gpg > /dev/null
+echo 'deb [signed-by=/etc/apt/keyrings/influxdata-archive.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
 ```
 
 {{% /code-tab-content %}}
diff --git a/content/telegraf/v1/install.md b/content/telegraf/v1/install.md
@@ -15,7 +15,7 @@ To install Telegraf, do the following:
 
 - [Review requirements](#requirements)
 - [Download and install Telegraf](#download-and-install-telegraf)
-- [Custom compile Telegraf](#custom-compile)
+- [Custom compile Telegraf](#custom-compile-telegraf)
 
 ## Requirements
 
@@ -121,7 +121,7 @@ InfluxData uses [GPG (GnuPG)](https://www.gnupg.org/software/) to sign released
 public key and encrypted private key (`.key` file) pairs that you can use to
 verify the integrity of packages and binaries from the InfluxData repository.
 
-Before running the [install](#install) sample code, substitute the key-pair compatible with your OS version:
+Before running the [install](#download-and-install-instructions) sample code, substitute the key-pair compatible with your OS version:
 
 For newer OS releases (for example, Ubuntu 20.04 LTS and newer, Debian Buster
 and newer) that support subkey verification:
@@ -180,8 +180,8 @@ gpg --show-keys --with-fingerprint --with-colons ./influxdata-archive.key 2>&1 \
 | grep -q '^fpr:\+24C975CBA61A024EE1B631787C3D57159FC2F927:$' \
 && cat influxdata-archive.key \
 | gpg --dearmor \
-| sudo tee /etc/apt/trusted.gpg.d/influxdata-archive.gpg > /dev/null \
-&& echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.gpg] https://repos.influxdata.com/debian stable main' \
+| sudo tee /etc/apt/keyrings/influxdata-archive.gpg > /dev/null \
+&& echo 'deb [signed-by=/etc/apt/keyrings/influxdata-archive.gpg] https://repos.influxdata.com/debian stable main' \
 | sudo tee /etc/apt/sources.list.d/influxdata.list
 sudo apt-get update && sudo apt-get install telegraf
 ```
@@ -198,8 +198,8 @@ gpg --show-keys --with-fingerprint --with-colons ./influxdata-archive_compat.key
 | grep -q '^fpr:\+9D539D90D3328DC7D6C8D3B9D8FF8E1F7DF8B07E:$' \
 && cat influxdata-archive_compat.key \
 | gpg --dearmor \
-| sudo tee /etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg > /dev/null
-echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' \
+| sudo tee /etc/apt/keyrings/influxdata-archive_compat.gpg > /dev/null
+echo 'deb [signed-by=/etc/apt/keyrings/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' \
 | sudo tee /etc/apt/sources.list.d/influxdata.list
 sudo apt-get update && sudo apt-get install telegraf
 ```
@@ -329,7 +329,7 @@ Replace the following:
 Choose from the following options to install Telegraf binary files for Linux ARM:
 
 - To install on Linux ARMv7(32-bit), see the [downloads page](https://www.influxdata.com/downloads/#telegraf).
-- [Download and install on Linux ARMv8 (64-bit)](#download-and-install-on-linux-arm-64)
+- [Download and install on Linux ARMv8 (64-bit)](#download-and-install-on-linux-armv8)
 
 ### Download and install on Linux ARMv8
 
@@ -388,7 +388,7 @@ To install using Homebrew, do the following:
 3. Choose one of the following methods to start Telegraf and begin collecting and processing metrics:
 
    - [Run Telegraf in your terminal](#run-telegraf-in-your-terminal)
-   - [Run Telegraf as a service](#run-telegraf-as-a-service)
+   - [Run Telegraf as a service](#run-telegraf-as-a-background-service)
 
 ### Run Telegraf in your terminal
 
@@ -627,7 +627,7 @@ Use the Telegraf custom builder tool to compile Telegraf with only the plugins y
 ### Prerequisites
 
 -  Follow the instructions to install [Go](https://go.dev/) for your system.
--  [Create your Telegraf configuration file](#generate-a-custom-configuration-file) with the plugins you want to use.
+-  [Create your Telegraf configuration file](#generate-a-configuration-file) with the plugins you want to use.
 
 ### Build the custom builder tool
 
