Message ID | 87y30gii3y.fsf@sdf.lonestar.org |
---|---|
State | Accepted |
Headers | show |
Series | [bug#36844] doc: Add note about signing keys. | expand |
Looks good. Merged & pushed. Jakob L. Kreuze writes: > * doc/guix.texi (Invoking guix deploy): Add note explaining that > deployment targets must authorize the coordinator machine's signing key. > --- > doc/guix.texi | 16 ++++++++++++++++ > 1 file changed, 16 insertions(+) > > diff --git a/doc/guix.texi b/doc/guix.texi > index ccc36a8a97..efed08d8fa 100644 > --- a/doc/guix.texi > +++ b/doc/guix.texi > @@ -25527,6 +25527,22 @@ complex deployment may involve, for example, starting virtual machines through > a Virtual Private Server (VPS) provider. In such a case, a different > @var{environment} type would be used. > > +Do note that you first need to generate a key pair on the coordinator machine > +to allow the daemon to export signed archives of files from the store > +(@pxref{Invoking guix archive}). > + > +@example > +# guix archive --generate-key > +@end example > + > +@noindent > +Each target machine must authorize the key of the master machine so that it > +accepts store items it receives from the coordinator: > + > +@example > +# guix archive --authorize < coordinator-public-key.txt > +@end example > + > @deftp {Data Type} machine > This is the data type representing a single machine in a heterogeneous Guix > deployment.
diff --git a/doc/guix.texi b/doc/guix.texi index ccc36a8a97..efed08d8fa 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -25527,6 +25527,22 @@ complex deployment may involve, for example, starting virtual machines through a Virtual Private Server (VPS) provider. In such a case, a different @var{environment} type would be used. +Do note that you first need to generate a key pair on the coordinator machine +to allow the daemon to export signed archives of files from the store +(@pxref{Invoking guix archive}). + +@example +# guix archive --generate-key +@end example + +@noindent +Each target machine must authorize the key of the master machine so that it +accepts store items it receives from the coordinator: + +@example +# guix archive --authorize < coordinator-public-key.txt +@end example + @deftp {Data Type} machine This is the data type representing a single machine in a heterogeneous Guix deployment.