* bug#44104: [patch] guix/scripts/publish: share signing key
2020-10-20 20:04 bug#44104: guix publish should publish public key Amar M. Singh
@ 2020-10-20 21:31 ` Amar M. Singh
2020-10-21 13:11 ` Ludovic Courtès
2020-10-22 7:48 ` bug#44104: [patch] guix publish: provide server's " Amar M. Singh
1 sibling, 1 reply; 5+ messages in thread
From: Amar M. Singh @ 2020-10-20 21:31 UTC (permalink / raw)
To: 44104
[-- Attachment #1: Type: text/plain, Size: 82 bytes --]
Add procedure (render-signing-key) and use it to serve the signing key.
Cheers
[-- Attachment #2: A cure for the virus --]
[-- Type: text/x-patch, Size: 2579 bytes --]
From 554416649b7400d0bbe440016c6a6a7fed0d870a Mon Sep 17 00:00:00 2001
From: Amar Singh <nly@disroot.org>
Date: Wed, 21 Oct 2020 02:02:02 +0530
Subject: [PATCH] guix publish: We provide signing key. Knock yourselves out!
Best in industry.
Signed-off-by: Amar Singh <nly@disroot.org>
---
guix/scripts/publish.scm | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/guix/scripts/publish.scm b/guix/scripts/publish.scm
index 4eaf961ab2..19df6d50ff 100644
--- a/guix/scripts/publish.scm
+++ b/guix/scripts/publish.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 David Thompson <davet@gnu.org>
+;;; Copyright (C) 2020 by Amar M. Singh <nly@disroot.org>
;;; Copyright © 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
@@ -686,6 +687,13 @@ to compress or decompress the log file; just return it as-is."
(values (response-headers log) log)
(not-found request))))
+(define (render-signing-key)
+ "Render signing key."
+ (let ((file "/etc/guix/signing-key.pub"))
+ (values `((content-type . (text/plain (charset . "UTF-8")))
+ (x-raw-file . ,file))
+ file)))
+
(define (render-home-page request)
"Render the home page."
(values `((content-type . (text/html (charset . "UTF-8"))))
@@ -699,7 +707,12 @@ to compress or decompress the log file; just return it as-is."
(a (@ (href
"https://guix.gnu.org/manual/en/html_node/Invoking-guix-publish.html"))
(tt "guix publish"))
- " speaking. Welcome!")))
+ " speaking. Welcome!")
+ (p "Here is the "
+ (a (@ (href
+ "signing-key.pub"))
+ (tt "signing key"))
+ " for this server. Knock yourselves out!")))
port)))))
(define (extract-narinfo-hash str)
@@ -918,6 +931,9 @@ methods, return the applicable compression."
;; /
((or () ("index.html"))
(render-home-page request))
+ ;; guix signing-key
+ (("signing-key.pub")
+ (render-signing-key))
;; /<hash>.narinfo
(((= extract-narinfo-hash (? string? hash)))
(if cache
--
2.28.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* bug#44104: [patch] guix publish: provide server's signing key.
2020-10-20 20:04 bug#44104: guix publish should publish public key Amar M. Singh
2020-10-20 21:31 ` bug#44104: [patch] guix/scripts/publish: share signing key Amar M. Singh
@ 2020-10-22 7:48 ` Amar M. Singh
2020-10-26 22:57 ` Ludovic Courtès
1 sibling, 1 reply; 5+ messages in thread
From: Amar M. Singh @ 2020-10-22 7:48 UTC (permalink / raw)
To: 44104
[-- Attachment #1: Type: text/plain, Size: 19 bytes --]
Thanks, Updated.
[-- Attachment #2: чего --]
[-- Type: text/x-patch, Size: 3465 bytes --]
From fe0098082289a2350002da4e2438c41f6385b3e2 Mon Sep 17 00:00:00 2001
From: Amar Singh <nly@disroot.org>
Date: Wed, 21 Oct 2020 02:02:02 +0530
Subject: [PATCH] guix publish: Provide server's signing key.
Published at $(guix-publish-uri)/signing-key.pub
Knock yourselves out! Best in industry.
Signed-off-by: Amar Singh <nly@disroot.org>
---
guix/scripts/publish.scm | 18 +++++++++++++++++-
tests/publish.scm | 5 +++++
2 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/guix/scripts/publish.scm b/guix/scripts/publish.scm
index 4eaf961ab2..1741b93309 100644
--- a/guix/scripts/publish.scm
+++ b/guix/scripts/publish.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 David Thompson <davet@gnu.org>
+;;; Copyright © 2020 by Amar M. Singh <nly@disroot.org>
;;; Copyright © 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
@@ -686,6 +687,13 @@ to compress or decompress the log file; just return it as-is."
(values (response-headers log) log)
(not-found request))))
+(define (render-signing-key)
+ "Render signing key."
+ (let ((file %public-key-file))
+ (values `((content-type . (text/plain (charset . "UTF-8")))
+ (x-raw-file . ,file))
+ file)))
+
(define (render-home-page request)
"Render the home page."
(values `((content-type . (text/html (charset . "UTF-8"))))
@@ -699,7 +707,12 @@ to compress or decompress the log file; just return it as-is."
(a (@ (href
"https://guix.gnu.org/manual/en/html_node/Invoking-guix-publish.html"))
(tt "guix publish"))
- " speaking. Welcome!")))
+ " speaking. Welcome!")
+ (p "Here is the "
+ (a (@ (href
+ "signing-key.pub"))
+ (tt "signing key"))
+ " for this server. Knock yourselves out!")))
port)))))
(define (extract-narinfo-hash str)
@@ -918,6 +931,9 @@ methods, return the applicable compression."
;; /
((or () ("index.html"))
(render-home-page request))
+ ;; guix signing-key
+ (("signing-key.pub")
+ (render-signing-key))
;; /<hash>.narinfo
(((= extract-narinfo-hash (? string? hash)))
(if cache
diff --git a/tests/publish.scm b/tests/publish.scm
index 1c3b2785fb..13f667aa7e 100644
--- a/tests/publish.scm
+++ b/tests/publish.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 David Thompson <davet@gnu.org>
+;;; Copyright © 2020 by Amar M. Singh <nly@disroot.org>
;;; Copyright © 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
@@ -613,6 +614,10 @@ References: ~%"
(let ((uri (publish-uri "/log/does-not-exist")))
(response-code (http-get uri))))
+(test-equal "/signing-key.pub"
+ 200
+ (response-code (http-get (publish-uri "/signing-key.pub"))))
+
(test-equal "non-GET query"
'(200 404)
(let ((path (string-append "/" (store-path-hash-part %item)
--
2.28.0
^ permalink raw reply related [flat|nested] 5+ messages in thread