GNU bug report logs - #36844
[PATCH] doc: Add note about signing keys.

Previous Next

Full log

View this message in rfc822 format

From: zerodaysfordays <at> sdf.lonestar.org (Jakob L. Kreuze)
To: 36844 <at> debbugs.gnu.org
Subject: [bug#36844] [PATCH] doc: Add note about signing keys.
Date: Mon, 29 Jul 2019 18:36:01 -0400

[Message part 1 (text/plain, inline)]

* doc/guix.texi (Invoking guix deploy): Add note explaining that
deployment targets must authorize the coordinator machine's signing key.
---
 doc/guix.texi | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/doc/guix.texi b/doc/guix.texi
index ccc36a8a97..efed08d8fa 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -25527,6 +25527,22 @@ complex deployment may involve, for example, starting virtual machines through
 a Virtual Private Server (VPS) provider.  In such a case, a different
 @var{environment} type would be used.
 
+Do note that you first need to generate a key pair on the coordinator machine
+to allow the daemon to export signed archives of files from the store
+(@pxref{Invoking guix archive}).
+
+@example
+# guix archive --generate-key
+@end example
+
+@noindent
+Each target machine must authorize the key of the master machine so that it
+accepts store items it receives from the coordinator:
+
+@example
+# guix archive --authorize < coordinator-public-key.txt
+@end example
+
 @deftp {Data Type} machine
 This is the data type representing a single machine in a heterogeneous Guix
 deployment.
-- 
2.22.0

[signature.asc (application/pgp-signature, inline)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.