Add option binary-cache-secret-key-file for signing binary caches
This commit is contained in:
parent
af7cdb1096
commit
b4e0335d4d
3 changed files with 14 additions and 2 deletions
|
@ -421,6 +421,16 @@ flag, e.g. <literal>--option gc-keep-outputs false</literal>.</para>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
|
||||||
|
<varlistentry><term><literal>binary-cache-secret-key-file</literal></term>
|
||||||
|
|
||||||
|
<listitem><para>Path of the file containing the secret key to be
|
||||||
|
used for signing binary caches. This file can be generated using
|
||||||
|
<command>nix-store
|
||||||
|
--generate-binary-cache-key</command>.</para></listitem>
|
||||||
|
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
|
||||||
<varlistentry><term><literal>binary-caches-parallel-connections</literal></term>
|
<varlistentry><term><literal>binary-caches-parallel-connections</literal></term>
|
||||||
|
|
||||||
<listitem><para>The maximum number of parallel HTTP connections
|
<listitem><para>The maximum number of parallel HTTP connections
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
#include "binary-cache-store.hh"
|
#include "binary-cache-store.hh"
|
||||||
#include "download.hh"
|
#include "download.hh"
|
||||||
|
#include "globals.hh"
|
||||||
|
|
||||||
namespace nix {
|
namespace nix {
|
||||||
|
|
||||||
|
@ -65,7 +66,7 @@ static RegisterStoreImplementation regStore([](const std::string & uri) -> std::
|
||||||
if (std::string(uri, 0, 7) != "http://" &&
|
if (std::string(uri, 0, 7) != "http://" &&
|
||||||
std::string(uri, 0, 8) != "https://") return 0;
|
std::string(uri, 0, 8) != "https://") return 0;
|
||||||
auto store = std::make_shared<HttpBinaryCacheStore>(std::shared_ptr<Store>(0),
|
auto store = std::make_shared<HttpBinaryCacheStore>(std::shared_ptr<Store>(0),
|
||||||
"", // FIXME: allow the signing key to be set
|
settings.get("binary-cache-secret-key-file", string("")),
|
||||||
uri);
|
uri);
|
||||||
store->init();
|
store->init();
|
||||||
return store;
|
return store;
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
#include "binary-cache-store.hh"
|
#include "binary-cache-store.hh"
|
||||||
|
#include "globals.hh"
|
||||||
|
|
||||||
namespace nix {
|
namespace nix {
|
||||||
|
|
||||||
|
@ -75,7 +76,7 @@ ref<Store> openLocalBinaryCacheStore(std::shared_ptr<Store> localStore,
|
||||||
static RegisterStoreImplementation regStore([](const std::string & uri) -> std::shared_ptr<Store> {
|
static RegisterStoreImplementation regStore([](const std::string & uri) -> std::shared_ptr<Store> {
|
||||||
if (std::string(uri, 0, 7) != "file://") return 0;
|
if (std::string(uri, 0, 7) != "file://") return 0;
|
||||||
return openLocalBinaryCacheStore(std::shared_ptr<Store>(0),
|
return openLocalBinaryCacheStore(std::shared_ptr<Store>(0),
|
||||||
"", // FIXME: allow the signing key to be set
|
settings.get("binary-cache-secret-key-file", string("")),
|
||||||
std::string(uri, 7));
|
std::string(uri, 7));
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue