[PATCH] doc: Add note about signing keys.

DoneSubmitted by Jakob L. Kreuze.
Details
2 participants
  • Christopher Lemmer Webber
  • Jakob L. Kreuze
Owner
unassigned
Severity
normal
J
J
Jakob L. Kreuze wrote on 30 Jul 2019 00:36
(address . guix-patches@gnu.org)
87y30gii3y.fsf@sdf.lonestar.org
* doc/guix.texi (Invoking guix deploy): Add note explaining thatdeployment targets must authorize the coordinator machine's signing key.--- doc/guix.texi | 16 ++++++++++++++++ 1 file changed, 16 insertions(+)
Toggle diff (29 lines)diff --git a/doc/guix.texi b/doc/guix.texiindex ccc36a8a97..efed08d8fa 100644--- a/doc/guix.texi+++ b/doc/guix.texi@@ -25527,6 +25527,22 @@ complex deployment may involve, for example, starting virtual machines through a Virtual Private Server (VPS) provider. In such a case, a different @var{environment} type would be used. +Do note that you first need to generate a key pair on the coordinator machine+to allow the daemon to export signed archives of files from the store+(@pxref{Invoking guix archive}).++@example+# guix archive --generate-key+@end example++@noindent+Each target machine must authorize the key of the master machine so that it+accepts store items it receives from the coordinator:++@example+# guix archive --authorize < coordinator-public-key.txt+@end example+ @deftp {Data Type} machine This is the data type representing a single machine in a heterogeneous Guix deployment.-- 2.22.0
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEa1VJLOiXAjQ2BGSm9Qb9Fp2P2VoFAl0/dNEACgkQ9Qb9Fp2P2Vq9qw//bNOl2d/IUgh9+YjsJ7OFjrPFlrFN/6qYxuke34mIhg6gM/vN1FLweDbsh3Op762VU6Qr/u6obxuRXn6dlB12sBs0eawn9OlEmgje6k6CotjSzk9eIM27wsMbNC7gGhwaWegRufIozJozqYwwn0OPv0qmXPqgPYrvbgYLdA/mbvfC34ihwQL/ZICoHrvGdUvb5Ji5GwsP4rd4ZN6o03cwwH9VTK2GumbNIIVEK31RiqYb7q0Yk/GJHgaNnlGZAM7/YbPV8tpBF33GOZ/o6HTkcXbhvK3mIaA1wBzvxgYCEs5+Kq4xvTcuPGiEqH63SvIFI04aS3poXFa3AXM9Oc5GKNLS2IekIJy1/IeB9fHJ1xQql+zK0Y5OlAaKe+LTbv2nnKhf414XBigtMQGIMWmhmATZCP3pjO9H0Fe2883z7OhnT/qOgGN+SQ4dF48qBgG068aJcZapQwxlnISf+qlKgUWn2/Hkc6/mMthfxETv2SZXZATB4sIMczXwhb6PdjsgMF74dfHwoeP99I8WNQqyulMFjMl3i9Oq9SQZfdeHK6J5j+LkI96j9afH/NSHT2qfc4KYQ6J+VqZXDdnqAjK9y8RDvZXq/tXpT2y6Wh0iAPl9+ZXYDv88SuUfCyTydNwaIvkFq71Z/0SF+IjlXa7aGP6SH7lmj918AY3/YYE7z4A==0xpQ-----END PGP SIGNATURE-----
C
C
Christopher Lemmer Webber wrote on 6 Aug 2019 21:32
(address . guix-patches@gnu.org)(address . 36844-done@debbugs.gnu.org)
87imraozt8.fsf@dustycloud.org
Looks good. Merged & pushed.
Jakob L. Kreuze writes:
Toggle quote (33 lines)> * doc/guix.texi (Invoking guix deploy): Add note explaining that> deployment targets must authorize the coordinator machine's signing key.> ---> doc/guix.texi | 16 ++++++++++++++++> 1 file changed, 16 insertions(+)>> diff --git a/doc/guix.texi b/doc/guix.texi> index ccc36a8a97..efed08d8fa 100644> --- a/doc/guix.texi> +++ b/doc/guix.texi> @@ -25527,6 +25527,22 @@ complex deployment may involve, for example, starting virtual machines through> a Virtual Private Server (VPS) provider. In such a case, a different> @var{environment} type would be used.> > +Do note that you first need to generate a key pair on the coordinator machine> +to allow the daemon to export signed archives of files from the store> +(@pxref{Invoking guix archive}).> +> +@example> +# guix archive --generate-key> +@end example> +> +@noindent> +Each target machine must authorize the key of the master machine so that it> +accepts store items it receives from the coordinator:> +> +@example> +# guix archive --authorize < coordinator-public-key.txt> +@end example> +> @deftp {Data Type} machine> This is the data type representing a single machine in a heterogeneous Guix> deployment.
?
Your comment

This issue is archived.

To comment on this conversation send email to 36844@debbugs.gnu.org