diff options
author | Mathieu Othacehe <othacehe@gnu.org> | 2020-11-24 14:05:21 +0100 |
---|---|---|
committer | Mathieu Othacehe <othacehe@gnu.org> | 2020-11-29 15:08:26 +0100 |
commit | 79f9dee3c4c0e6d21066f142116a537207ae7ba4 (patch) | |
tree | 9e7cf7e45d07a529576eb4addabe578dc35cf7d5 /doc | |
parent | 276e494b2a1fd87874d80e2bdc3aa1fb833b76f2 (diff) | |
download | guix-79f9dee3c4c0e6d21066f142116a537207ae7ba4.tar.gz guix-79f9dee3c4c0e6d21066f142116a537207ae7ba4.zip |
Use substitute servers on the local network.
* guix/scripts/discover.scm: New file.
* Makefile.am (MODULES): Add it.
* nix/nix-daemon/guix-daemon.cc (options): Add "discover" option,
(parse-opt): parse it,
(main): start "guix discover" process when the option is set.
* guix/scripts/substitute.scm (%local-substitute-urls): New variable,
(substitute-urls): add it.
* gnu/services/base.scm (<guix-configuration>): Add "discover?"
field,
(guix-shepherd-service): honor it.
* doc/guix.texi (Invoking guix-daemon): Document "discover" option,
(Base Services): ditto.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/guix.texi | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index 8ca243004a..da6caaa4f1 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -1579,6 +1579,28 @@ Unless @option{--lose-logs} is used, all the build logs are kept in the @var{localstatedir}. To save space, the daemon automatically compresses them with Bzip2 by default. +@item --discover[=yes|no] +Whether to discover substitute servers on the local network using mDNS +and DNS-SD. + +This feature is still experimental. However, here are a few +considerations. + +@enumerate +@item +It might be faster/less expensive than fetching from remote servers; +@item +There are no security risks, only genuine substitutes will be used +(@pxref{Substitute Authentication}); +@item +An attacker advertising @command{guix publish} on your LAN cannot serve +you malicious binaries, but they can learn what software you’re +installing; +@item +Servers may serve substitute over HTTP, unencrypted, so anyone on the +LAN can see what software you’re installing. +@end enumerate + @item --disable-deduplication @cindex deduplication Disable automatic file ``deduplication'' in the store. @@ -15016,6 +15038,10 @@ disables the timeout. The type of compression used for build logs---one of @code{gzip}, @code{bzip2}, or @code{none}. +@item @code{discover} (default: @code{#f}) +Whether to discover substitute servers on the local network using mDNS +and DNS-SD. + @item @code{extra-options} (default: @code{'()}) List of extra command-line options for @command{guix-daemon}. |