From 5bc751925d19c8b84ef12873bebba78ee61e605e Mon Sep 17 00:00:00 2001 From: "Jakob L. Kreuze" Date: Mon, 29 Jul 2019 18:36:01 -0400 Subject: [PATCH] doc: Add note about signing keys. * doc/guix.texi (Invoking guix deploy): Add note explaining that deployment targets must authorize the coordinator machine's signing key. --- doc/guix.texi | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/doc/guix.texi b/doc/guix.texi index cb60d5c7b7..5d274e02fe 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -25530,6 +25530,22 @@ complex deployment may involve, for example, starting virtual machines through a Virtual Private Server (VPS) provider. In such a case, a different @var{environment} type would be used. +Do note that you first need to generate a key pair on the coordinator machine +to allow the daemon to export signed archives of files from the store +(@pxref{Invoking guix archive}). + +@example +# guix archive --generate-key +@end example + +@noindent +Each target machine must authorize the key of the master machine so that it +accepts store items it receives from the coordinator: + +@example +# guix archive --authorize < coordinator-public-key.txt +@end example + @deftp {Data Type} machine This is the data type representing a single machine in a heterogeneous Guix deployment.