From e7c5a1ab45213b516069e6d9c958b21c18fb22e1 Mon Sep 17 00:00:00 2001
From: Colin Mahns <goatman93@gmail.com>
Date: Sat, 17 Jan 2015 23:15:20 -0500
Subject: [PATCH 1/2] Update deb.torproject.org over HTTPS, instructions about
 doing the same for other apt sources

---
 bootstrap.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/bootstrap.sh b/bootstrap.sh
index e0297d9..6626c81 100755
--- a/bootstrap.sh
+++ b/bootstrap.sh
@@ -13,10 +13,10 @@ echo "== Updating software"
 apt-get update
 apt-get dist-upgrade -y
 
-apt-get install -y lsb-release
+apt-get install -y lsb-release apt-transport-https
 
 # add official Tor repository
-if ! grep -q "http://deb.torproject.org/torproject.org" /etc/apt/sources.list; then
+if ! grep -q "https://deb.torproject.org/torproject.org" /etc/apt/sources.list; then
     echo "== Adding the official Tor repository"
     echo "deb http://deb.torproject.org/torproject.org `lsb_release -cs` main" >> /etc/apt/sources.list
     gpg --keyserver keys.gnupg.net --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89
@@ -110,4 +110,8 @@ echo ""
 echo "== Register your new Tor relay at Tor Weather (https://weather.torproject.org/)"
 echo "   to get automatic emails about its status"
 echo ""
+echo "== Consider having /etc/apt/sources.list update over HTTPS and/or HTTPS+Tor"
+echo "   see https://guardianproject.info/2014/10/16/reducing-metadata-leakage-from-software-updates/"
+echo "   for more details"
+echo ""
 echo "== REBOOT THIS SERVER"

From 3e7fbcca58eafeb27f5123d1468828c7c4571582 Mon Sep 17 00:00:00 2001
From: Colin Mahns <goatman93@gmail.com>
Date: Sat, 17 Jan 2015 23:25:57 -0500
Subject: [PATCH 2/2] Adding https:// on the line that matters...

---
 bootstrap.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bootstrap.sh b/bootstrap.sh
index 6626c81..1ca6e66 100755
--- a/bootstrap.sh
+++ b/bootstrap.sh
@@ -18,7 +18,7 @@ apt-get install -y lsb-release apt-transport-https
 # add official Tor repository
 if ! grep -q "https://deb.torproject.org/torproject.org" /etc/apt/sources.list; then
     echo "== Adding the official Tor repository"
-    echo "deb http://deb.torproject.org/torproject.org `lsb_release -cs` main" >> /etc/apt/sources.list
+    echo "deb https://deb.torproject.org/torproject.org `lsb_release -cs` main" >> /etc/apt/sources.list
     gpg --keyserver keys.gnupg.net --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89
     gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -
     apt-get update