docs: switch to signed images (#130)

* docs: switch to signed images

* fix: update date ranges

README.md

@@ -30,34 +30,34 @@ Note: The image previously titled "nvidia" will not be updated anymore. If you w
 
 [Silverblue (GNOME):](https://github.com/ublue-os/nvidia/pkgs/container/silverblue-nvidia)
 
-    rpm-ostree rebase ostree-unverified-registry:ghcr.io/ublue-os/silverblue-nvidia:latest
+    rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/silverblue-nvidia:latest
 
 
 [Kinoite (KDE):](https://github.com/ublue-os/nvidia/pkgs/container/kinoite-nvidia)
 
-    rpm-ostree rebase ostree-unverified-registry:ghcr.io/ublue-os/kinoite-nvidia:latest
+    rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/kinoite-nvidia:latest
 
 [LXQt (unofficial):](https://github.com/ublue-os/nvidia/pkgs/container/lxqt-nvidia)
 
-    rpm-ostree rebase ostree-unverified-registry:ghcr.io/ublue-os/lxqt-nvidia:latest
+    rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/lxqt-nvidia:latest
 
 [MATE (unofficial):](https://github.com/ublue-os/nvidia/pkgs/container/mate-nvidia)
 
-    rpm-ostree rebase ostree-unverified-registry:ghcr.io/ublue-os/mate-nvidia:latest
+    rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/mate-nvidia:latest
 
 [Vauxite (XFCE, unofficial):](https://github.com/ublue-os/nvidia/pkgs/container/vauxite-nvidia)
 
-    rpm-ostree rebase ostree-unverified-registry:ghcr.io/ublue-os/vauxite-nvidia:latest
+    rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/vauxite-nvidia:latest
 
 [Sericea (Sway, unofficial as of Fedora 38):](https://github.com/ublue-os/nvidia/pkgs/container/sericea-nvidia)
 
 Note: [The Sway session has some custom configuration options set to improve stability on Nvidia GPUs](https://github.com/ublue-os/nvidia/blob/main/files/etc/sway/environment)
 
-    rpm-ostree rebase ostree-unverified-registry:ghcr.io/ublue-os/sericea-nvidia:38
+    rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/sericea-nvidia:38
 
 [Base (no DE preinstalled):](https://github.com/ublue-os/nvidia/pkgs/container/base-nvidia)
 
-    rpm-ostree rebase ostree-unverified-registry:ghcr.io/ublue-os/base-nvidia:latest
+    rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/base-nvidia:latest
 
 And then reboot.
 
@@ -96,12 +96,12 @@ Generally you can [perform a rollback](https://docs.fedoraproject.org/en-US/fedo
 
 To rebase onto a specific date, use a date tag:
 
-    rpm-ostree rebase ostree-unverified-registry:ghcr.io/ublue-os/silverblue-nvidia:20230128
+    rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/silverblue-nvidia:20230720
 
 Or to rebase onto a specific release, driver, and date:
 
-    rpm-ostree rebase ostree-unverified-registry:ghcr.io/ublue-os/silverblue-nvidia:37-525-20230128
-
+    rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/silverblue-nvidia:38-535-20230720
+    
 [More options for image tags can be found on the container catalog.](https://github.com/ublue-os/nvidia/pkgs/container/silverblue-nvidia/versions)
 
 ## Support
@@ -123,7 +123,7 @@ It is *strongly encouraged* for you to subscribe to [the Nvidia driver announcem
 
 These images are signed with sisgstore's [cosign](https://docs.sigstore.dev/cosign/overview/). You can verify the signature by downloading the `cosign.pub` key from this repo and running the following command:
 
-    cosign verify --key cosign.pub ghcr.io/ublue-os/base
+    cosign verify --key cosign.pub ghcr.io/ublue-os/silverblue-nvidia
 
 If you're forking this repo you should [read the docs](https://docs.github.com/en/actions/security-guides/encrypted-secrets) on keeping secrets in github. You need to [generate a new keypair](https://docs.sigstore.dev/cosign/overview/) with cosign. The public key can be in your public repo (your users need it to check the signatures), and you can paste the private key in Settings -> Secrets -> Actions with the name SIGNING_SECRET.