From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-devel-bounces+larch=yhetil.org@gnu.org>
Received: from mp1 ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms11 with LMTPS
	id mA/gCfFckF+kLwAA0tVLHw
	(envelope-from <guix-devel-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 21 Oct 2020 16:08:17 +0000
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp1 with LMTPS
	id eI+sBfFckF/mewAAbx9fmQ
	(envelope-from <guix-devel-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 21 Oct 2020 16:08:17 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 75196940650
	for <larch@yhetil.org>; Wed, 21 Oct 2020 16:08:16 +0000 (UTC)
Received: from localhost ([::1]:36160 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-devel-bounces+larch=yhetil.org@gnu.org>)
	id 1kVGet-0007B5-4p
	for larch@yhetil.org; Wed, 21 Oct 2020 12:08:15 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:53068)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <vagrant@debian.org>)
 id 1kVGe0-00079I-Cl
 for guix-devel@gnu.org; Wed, 21 Oct 2020 12:07:20 -0400
Received: from cascadia.aikidev.net ([173.255.214.101]:38492)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <vagrant@debian.org>)
 id 1kVGdx-0001tI-VZ; Wed, 21 Oct 2020 12:07:20 -0400
Received: from localhost (unknown [IPv6:2600:3c01:e000:21:21:21:0:100e])
 (Authenticated sender: vagrant@cascadia.debian.net)
 by cascadia.aikidev.net (Postfix) with ESMTPSA id DAC821AA41;
 Wed, 21 Oct 2020 09:07:15 -0700 (PDT)
From: Vagrant Cascadian <vagrant@debian.org>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@gnu.org>, 39819@debbugs.gnu.org
Subject: Re: [PATCH 1/2] services: guix: Make /etc/guix/acl really declarative
 by default.
In-Reply-To: <20201021150823.20508-1-ludo@gnu.org>
References: <87v9fhf3my.fsf@inria.fr> <20201021150823.20508-1-ludo@gnu.org>
Date: Wed, 21 Oct 2020 09:06:56 -0700
Message-ID: <87mu0f8swv.fsf@ponder>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
Received-SPF: none client-ip=173.255.214.101; envelope-from=vagrant@debian.org;
 helo=cascadia.aikidev.net
X-detected-operating-system: by eggs.gnu.org: First seen = 2020/10/21 12:07:16
X-ACL-Warn: Detected OS   = Linux 3.11 and newer [fuzzy]
X-Spam_score_int: -18
X-Spam_score: -1.9
X-Spam_bar: -
X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_NONE=0.001,
 SPF_NONE=0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: guix-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Development of GNU Guix and the GNU System distribution."
 <guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=subscribe>
Cc: guix-devel@gnu.org
Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+larch=yhetil.org@gnu.org>
X-Scanner: scn0
Authentication-Results: aspmx1.migadu.com;
	dkim=none;
	dmarc=none;
	spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org
X-Spam-Score: -2.61
X-TUID: +34e2WiQWWbA

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On 2020-10-21, Ludovic Court=C3=A8s wrote:
> diff --git a/doc/guix.texi b/doc/guix.texi
> index c161012da5..50d2d9a730 100644
> --- a/doc/guix.texi
> +++ b/doc/guix.texi
...
> @@ -14583,6 +14598,27 @@ Whether to use substitutes.
>  @item @code{substitute-urls} (default: @code{%default-substitute-urls})
>  The list of URLs where to look for substitutes by default.
>=20=20
> +Support you would like to fetch substitutes from @code{guix.example.org}

(substitute* "Support" "Suppose")

?

> +in addition to @code{@value{SUBSTITUTE-SERVER}}.  You will need to do
> +two things: (1) add @code{guix.example.org} to @code{substitute-urls},
> +and (2) authorize its signing key, having done appropriate checks
> +(@pxref{Substitute Server Authorization}).  The configuration below does
> +exactly that:
> +
> +@lisp
> +(guix-configuration
> +  (substitute-urls
> +   (append (list "https://guix.example.org")
> +           %default-substitute-urls))
> +  (authorized-keys
> +   (append (list (local-file "./guix.example.org-key.pub"))
> +           %default-authorized-guix-keys)))
> +@end lisp
> +
> +This example assumes that the file @file{./guix.example.org-key.pub}
> +contains the public key that @code{guix.example.org} uses to sign
> +substitutes.
> +
>  @item @code{max-silent-time} (default: @code{0})
>  @itemx @code{timeout} (default: @code{0})
>  The number of seconds of silence and the number of seconds of activity,

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCX5BcowAKCRDcUY/If5cW
qoj5AQCA4IdGTa+Dmq6D+JttRMnYWBkeStK45PtXlzew8mupPgEAzmSLIgFBfxYi
2bFp0eHoa40X07zIppxRYiZq/2frRAE=
=Iaod
-----END PGP SIGNATURE-----
--=-=-=--