diff options
Diffstat (limited to 'doc/manual/command-ref/conf-file.xml')
-rw-r--r-- | doc/manual/command-ref/conf-file.xml | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/doc/manual/command-ref/conf-file.xml b/doc/manual/command-ref/conf-file.xml index c3a9cc560..868cca1da 100644 --- a/doc/manual/command-ref/conf-file.xml +++ b/doc/manual/command-ref/conf-file.xml @@ -408,9 +408,9 @@ false</literal>.</para> any non-content-addressed path added or copied to the Nix store (e.g. when substituting from a binary cache) must have a valid signature, that is, be signed using one of the keys listed in - <option>trusted-public-keys</option>. Set to - <literal>false</literal> to disable signature - checking.</para></listitem> + <option>trusted-public-keys</option> or + <option>secret-key-files</option>. Set to <literal>false</literal> + to disable signature checking.</para></listitem> </varlistentry> @@ -426,6 +426,19 @@ false</literal>.</para> </varlistentry> + <varlistentry><term><literal>secret-key-files</literal></term> + + <listitem><para>A whitespace-separated list of files containing + secret (private) keys. These are used to sign locally-built + paths. They can be generated using <command>nix-store + --generate-binary-cache-key</command>. The corresponding public + key can be distributed to other users, who can add it to + <option>trusted-public-keys</option> in their + <filename>nix.conf</filename>.</para></listitem> + + </varlistentry> + + <varlistentry><term><literal>http-connections</literal></term> <listitem><para>The maximum number of parallel TCP connections |