From patchwork Mon Jul 29 22:36:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Jakob L. Kreuze" X-Patchwork-Id: 14786 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 16EA41728C; Mon, 29 Jul 2019 23:40:12 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTP id D50DF1728A for ; Mon, 29 Jul 2019 23:40:11 +0100 (BST) Received: from localhost ([::1]:56824 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hsEJP-0004eq-EK for patchwork@mira.cbaines.net; Mon, 29 Jul 2019 18:40:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:42405) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hsEJK-0004dv-2C for guix-patches@gnu.org; Mon, 29 Jul 2019 18:40:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hsEJJ-00060F-5j for guix-patches@gnu.org; Mon, 29 Jul 2019 18:40:06 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:40447) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hsEJJ-00060B-3F for guix-patches@gnu.org; Mon, 29 Jul 2019 18:40:05 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hsEJG-0000Fp-FM for guix-patches@gnu.org; Mon, 29 Jul 2019 18:40:04 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#36844] [PATCH] doc: Add note about signing keys. Resent-From: zerodaysfordays@sdf.lonestar.org (Jakob L. Kreuze) Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 29 Jul 2019 22:40:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 36844 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 36844@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.1564439949885 (code B ref -1); Mon, 29 Jul 2019 22:40:02 +0000 Received: (at submit) by debbugs.gnu.org; 29 Jul 2019 22:39:09 +0000 Received: from localhost ([127.0.0.1]:49262 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsEIP-0000ED-6M for submit@debbugs.gnu.org; Mon, 29 Jul 2019 18:39:09 -0400 Received: from lists.gnu.org ([209.51.188.17]:34911) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsEIL-0000E4-EJ for submit@debbugs.gnu.org; Mon, 29 Jul 2019 18:39:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:42177) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hsEIK-0004WS-FN for guix-patches@gnu.org; Mon, 29 Jul 2019 18:39:05 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hsEIJ-0005Np-HT for guix-patches@gnu.org; Mon, 29 Jul 2019 18:39:04 -0400 Received: from mx.sdf.org ([205.166.94.20]:51716) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hsEIJ-0005Lp-9K for guix-patches@gnu.org; Mon, 29 Jul 2019 18:39:03 -0400 Received: from Epsilon (pool-173-76-53-40.bstnma.fios.verizon.net [173.76.53.40]) (authenticated (0 bits)) by mx.sdf.org (8.15.2/8.14.5) with ESMTPSA id x6TMcoUc016679 (using TLSv1.2 with cipher AES256-GCM-SHA384 (256 bits) verified NO) for ; Mon, 29 Jul 2019 22:38:56 GMT From: zerodaysfordays@sdf.lonestar.org (Jakob L. Kreuze) Date: Mon, 29 Jul 2019 18:36:01 -0400 Message-ID: <87y30gii3y.fsf@sdf.lonestar.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches * doc/guix.texi (Invoking guix deploy): Add note explaining that deployment targets must authorize the coordinator machine's signing key. --- doc/guix.texi | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/doc/guix.texi b/doc/guix.texi index ccc36a8a97..efed08d8fa 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -25527,6 +25527,22 @@ complex deployment may involve, for example, starting virtual machines through a Virtual Private Server (VPS) provider. In such a case, a different @var{environment} type would be used. +Do note that you first need to generate a key pair on the coordinator machine +to allow the daemon to export signed archives of files from the store +(@pxref{Invoking guix archive}). + +@example +# guix archive --generate-key +@end example + +@noindent +Each target machine must authorize the key of the master machine so that it +accepts store items it receives from the coordinator: + +@example +# guix archive --authorize < coordinator-public-key.txt +@end example + @deftp {Data Type} machine This is the data type representing a single machine in a heterogeneous Guix deployment.