doc: Add note about signing keys.

* doc/guix.texi (Invoking guix deploy): Add note explaining that deployment targets must authorize the coordinator machine's signing key.
2019-07-29 18:36:01 -04:00 · 2019-07-29 18:36:01 -04:00 · 5bc751925d
parent ec405a4b01
commit 5bc751925d
1 changed files with 16 additions and 0 deletions
--- a/doc/guix.texi
+++ b/doc/guix.texi
@ -25530,6 +25530,22 @@ complex deployment may involve, for example, starting virtual machines through
 a Virtual Private Server (VPS) provider.  In such a case, a different
@var{environment} type would be used.

+Do note that you first need to generate a key pair on the coordinator machine
+to allow the daemon to export signed archives of files from the store
+(@pxref{Invoking guix archive}).
+
+@example
+# guix archive --generate-key
+@end example
+
+@noindent
+Each target machine must authorize the key of the master machine so that it
+accepts store items it receives from the coordinator:
+
+@example
+# guix archive --authorize < coordinator-public-key.txt
+@end example
+
@deftp {Data Type} machine
 This is the data type representing a single machine in a heterogeneous Guix
 deployment.