summary refs log tree commit diff
path: root/doc
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2022-03-10 22:27:04 +0100
committerLudovic Courtès <ludo@gnu.org>2022-03-10 23:46:50 +0100
commit5e34e873af088ef9aa417290bcddf5b095501614 (patch)
treefba88624a3809142c6e93308ab4f06071d88392e /doc
parent199da75a8adf37381c32ee1e3028b08b94703584 (diff)
downloadguix-5e34e873af088ef9aa417290bcddf5b095501614.tar.gz
services: guix: Add 'generate-substitute-key?' field.
* gnu/services/base.scm (<guix-configuration>)[generate-substitute-key?]:
New field.
(guix-activation): Honor it.
* doc/guix.texi (Base Services): Document it.
Diffstat (limited to 'doc')
-rw-r--r--doc/guix.texi12
1 files changed, 12 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index f479fe05ff..01c16ba85d 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -17030,6 +17030,18 @@ This example assumes that the file @file{./guix.example.org-key.pub}
 contains the public key that @code{guix.example.org} uses to sign
 substitutes.
 
+@item @code{generate-substitute-key?} (default: @code{#t})
+Whether to generate a @dfn{substitute key pair} under
+@file{/etc/guix/signing-key.pub} and @file{/etc/guix/signing-key.sec} if
+there is not already one.
+
+This key pair is used when exporting store items, for instance with
+@command{guix publish} (@pxref{Invoking guix publish}) or @command{guix
+archive} (@pxref{Invoking guix archive}).  Generating a key pair takes a
+few seconds when enough entropy is available and is only done once; you
+might want to turn it off for instance in a virtual machine that does
+not need it and where the extra boot time is a problem.
+
 @item @code{max-silent-time} (default: @code{0})
 @itemx @code{timeout} (default: @code{0})
 The number of seconds of silence and the number of seconds of activity,