[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Guix support in cachix
|
From: |
Marius Bakke |
|
Subject: |
Re: Guix support in cachix |
|
Date: |
Wed, 04 Jul 2018 16:17:35 +0200 |
|
User-agent: |
Notmuch/0.27 (https://notmuchmail.org) Emacs/26.1 (x86_64-pc-linux-gnu) |
address@hidden (Ludovic Courtès) writes:
> Hello!
>
> Oleg Pykhalov <address@hidden> skribis:
>
>> Domen Kožar <address@hidden> recently was in #guix (IRC) 2 days ago asking
>> about support of Guix in cachix. Also he opened an issue on GitHub:
>>
>>> I'm opening this issue for interest around supporting Guix.
>>
>> [1] https://github.com/cachix/cachix/issues/85
>
> Cachix looks interesting! It’s good to collaboratively provide
> binaries. It’s easier than having everyone set up ‘guix publish’, at
> the cost of being more centralized.
>
> The “cachix use <name>” example on https://cachix.org/ glosses over
> security “details” though. I wonder how one gets to authenticate a
> particular user of Cachix and to authorize binaries coming from them.
> There’s also the issue that said user could be publishing binaries they
> themselves obtained from a source that you do not trust yourself. Tough
> issues!
I asked about discovering signing keys and apparently you'll find it at
https://<user>.cachix.net, and that's the substitute URL too.
It looks useful for those who don't want to or can't publish their own
substitutes. And `guix challenge` makes it easy to verify the builds
coming from a particular "channel".
I would not want to publish all my builds there, though. Not sure how
it would be integrated on the client side.
signature.asc
Description: PGP signature