diff options
| author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-06-01T15·14+0200 |
|---|---|---|
| committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-06-01T15·14+0200 |
| commit | 53dd97bb9d70d98f648d3888b806b4044ea45f4c (patch) | |
| tree | 1f4816943cf3226807441308c889fca9f7a4a1a4 /doc/manual/command-ref/nix-store.xml | |
| parent | b8b571cfc1c2d31f2dea7d2a0209ec400660bf13 (diff) | |
Document setting up signed binary caches
Diffstat (limited to 'doc/manual/command-ref/nix-store.xml')
| -rw-r--r-- | doc/manual/command-ref/nix-store.xml | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/doc/manual/command-ref/nix-store.xml b/doc/manual/command-ref/nix-store.xml index a2faeaeba422..e21d53d8b9f0 100644 --- a/doc/manual/command-ref/nix-store.xml +++ b/doc/manual/command-ref/nix-store.xml @@ -1340,6 +1340,56 @@ $ nix-store --clear-failed-paths * <!--######################################################################--> +<refsection xml:id='rsec-nix-store-generate-binary-cache-key'><title>Operation <option>--generate-binary-cache-key</option></title> + +<refsection> + <title>Synopsis</title> + <cmdsynopsis> + <command>nix-store</command> + <arg choice='plain'> + <option>--generate-binary-cache-key</option> + <option>key-name</option> + <option>secret-key-file</option> + <option>public-key-file</option> + </arg> + </cmdsynopsis> +</refsection> + +<refsection><title>Description</title> + +<para>This command generates an <link +xlink:href="http://ed25519.cr.yp.to/">Ed25519 key pair</link> that can +be used to create a signed binary cache. It takes three mandatory +parameters: + +<orderedlist> + + <listitem><para>A key name, such as + <literal>cache.example.org-1</literal>, that is used to look up keys + on the client when it verifies signatures. It can be anything, but + it’s suggested to use the host name of your cache + (e.g. <literal>cache.example.org</literal>) with a suffix denoting + the number of the key (to be incremented every time you need to + revoke a key).</para></listitem> + + <listitem><para>The file name where the secret key is to be + stored.</para></listitem> + + <listitem><para>The file name where the public key is to be + stored.</para></listitem> + +</orderedlist> + +For an example, see the manual page for <command +linkend="sec-nix-push">nix-push</command>.</para> + +</refsection> + +</refsection> + + +<!--######################################################################--> + <refsection condition="manpage"><title>Environment variables</title> <variablelist> |