diff options
author | Eelco Dolstra <edolstra@gmail.com> | 2017-11-20T17·51+0100 |
---|---|---|
committer | Eelco Dolstra <edolstra@gmail.com> | 2017-11-20T17·51+0100 |
commit | 8df60b4ea8fab5fd3571e55de95a4b956f0f6105 (patch) | |
tree | 198953a29f0d0ac7e4cdc2e2cd74a918e4faa6be | |
parent | 4cde04f476fa0f61680f8e53fe81cc70923689fc (diff) |
Document secret-key-files
-rw-r--r-- | doc/manual/command-ref/conf-file.xml | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/doc/manual/command-ref/conf-file.xml b/doc/manual/command-ref/conf-file.xml index c3a9cc56063a..868cca1da409 100644 --- a/doc/manual/command-ref/conf-file.xml +++ b/doc/manual/command-ref/conf-file.xml @@ -408,9 +408,9 @@ false</literal>.</para> any non-content-addressed path added or copied to the Nix store (e.g. when substituting from a binary cache) must have a valid signature, that is, be signed using one of the keys listed in - <option>trusted-public-keys</option>. Set to - <literal>false</literal> to disable signature - checking.</para></listitem> + <option>trusted-public-keys</option> or + <option>secret-key-files</option>. Set to <literal>false</literal> + to disable signature checking.</para></listitem> </varlistentry> @@ -426,6 +426,19 @@ false</literal>.</para> </varlistentry> + <varlistentry><term><literal>secret-key-files</literal></term> + + <listitem><para>A whitespace-separated list of files containing + secret (private) keys. These are used to sign locally-built + paths. They can be generated using <command>nix-store + --generate-binary-cache-key</command>. The corresponding public + key can be distributed to other users, who can add it to + <option>trusted-public-keys</option> in their + <filename>nix.conf</filename>.</para></listitem> + + </varlistentry> + + <varlistentry><term><literal>http-connections</literal></term> <listitem><para>The maximum number of parallel TCP connections |