diff options
author | Vincent Ambo <tazjin@google.com> | 2019-10-27T12·42+0100 |
---|---|---|
committer | Vincent Ambo <github@tazj.in> | 2019-10-27T12·58+0100 |
commit | 7b7d21205fb5288f1772d6ea4baff080565ebd9e (patch) | |
tree | ce86c496b5202d7380ec3cedd566eda0eb6cafa1 /tools/nixery/README.md | |
parent | 3a5db4f9f184d38799cda1ca83039d11ff457c04 (diff) |
docs: Update GCS signing key documentation
This key is now taken straight from the configured service account key.
Diffstat (limited to 'tools/nixery/README.md')
-rw-r--r-- | tools/nixery/README.md | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/tools/nixery/README.md b/tools/nixery/README.md index 3026451c74e0..1574d5950a22 100644 --- a/tools/nixery/README.md +++ b/tools/nixery/README.md @@ -79,15 +79,17 @@ variables: * `NIXERY_CHANNEL`: The name of a Nix/NixOS channel to use for building * `NIXERY_PKGS_REPO`: URL of a git repository containing a package set (uses locally configured SSH/git credentials) -* `NIXERY_PKGS_PATH`: A local filesystem path containing a Nix package set to use - for building +* `NIXERY_PKGS_PATH`: A local filesystem path containing a Nix package set to + use for building * `NIX_TIMEOUT`: Number of seconds that any Nix builder is allowed to run - (defaults to 60 -* `NIX_POPULARITY_URL`: URL to a file containing popularity data for the package set (see `popcount/`) -* `GCS_SIGNING_KEY`: A Google service account key (in PEM format) that can be - used to sign Cloud Storage URLs -* `GCS_SIGNING_ACCOUNT`: Google service account ID that the signing key belongs - to + (defaults to 60) +* `NIX_POPULARITY_URL`: URL to a file containing popularity data for + the package set (see `popcount/`) + +If the `GOOGLE_APPLICATION_CREDENTIALS` environment variable is set to a service +account key, Nixery will also use this key to create [signed URLs][] for layers +in the storage bucket. This makes it possible to serve layers from a bucket +without having to make them publicly available. ## Roadmap |