[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
03/05: publish: Add '--public-key' and '--private-key'.
From: |
Ludovic Courtès |
Subject: |
03/05: publish: Add '--public-key' and '--private-key'. |
Date: |
Wed, 22 Mar 2017 09:06:38 -0400 (EDT) |
civodul pushed a commit to branch master
in repository guix.
commit 46f58390cb5a01d6cb59070e8e76e9a78e9b933e
Author: Ludovic Courtès <address@hidden>
Date: Wed Mar 22 11:26:05 2017 +0100
publish: Add '--public-key' and '--private-key'.
* guix/scripts/publish.scm (show-help, %options): Add --public-key and
--private-key.
* doc/guix.texi (Invoking guix publish): Document it.
---
doc/guix.texi | 12 ++++++++++++
guix/scripts/publish.scm | 10 ++++++++++
2 files changed, 22 insertions(+)
diff --git a/doc/guix.texi b/doc/guix.texi
index 8d27dd2..6c4e180 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -6523,6 +6523,18 @@ This allows the user's Guix to keep substitute
information in cache for
guarantee that the store items it provides will indeed remain available
for as long as @var{ttl}.
address@hidden address@hidden
address@hidden address@hidden
+Use the specific @var{file}s as the public/private key pair used to sign
+the store items being published.
+
+The files must correspond to the same key pair (the private key is used
+for signing and the public key is merely advertised in the signature
+metadata). They must contain keys in the canonical s-expression format
+as produced by @command{guix archive --generate-key} (@pxref{Invoking
+guix archive}). By default, @file{/etc/guix/signing-key.pub} and
address@hidden/etc/guix/signing-key.sec} are used.
+
@item address@hidden
@itemx -r address@hidden
Spawn a Guile REPL server (@pxref{REPL Servers,,, guile, GNU Guile
diff --git a/guix/scripts/publish.scm b/guix/scripts/publish.scm
index 57eea79..5a5ef68 100644
--- a/guix/scripts/publish.scm
+++ b/guix/scripts/publish.scm
@@ -72,6 +72,10 @@ Publish ~a over HTTP.\n") %store-directory)
(display (_ "
--ttl=TTL announce narinfos can be cached for TTL seconds"))
(display (_ "
+ --public-key=FILE use FILE as the public key for signatures"))
+ (display (_ "
+ --private-key=FILE use FILE as the private key for signatures"))
+ (display (_ "
-r, --repl[=PORT] spawn REPL server on PORT"))
(newline)
(display (_ "
@@ -148,6 +152,12 @@ compression disabled~%"))
(leave (_ "~a: invalid duration~%") arg))
(alist-cons 'narinfo-ttl (time-second duration)
result))))
+ (option '("public-key") #t #f
+ (lambda (opt name arg result)
+ (alist-cons 'public-key-file arg result)))
+ (option '("private-key" "secret-key") #t #f
+ (lambda (opt name arg result)
+ (alist-cons 'private-key-file arg result)))
(option '(#\r "repl") #f #t
(lambda (opt name arg result)
;; If port unspecified, use default Guile REPL port.