rekahsoft/rekahsoft-guix
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Introduce channel authentication

Browse Source 
Signed-off-by: Collin J. Doering <collin@rekahsoft.ca>
This commit is contained in:
Collin J. Doering 2020-08-09 19:50:21 -04:00
parent d9894bbe5d
commit d910ac4ca1
Signed by: rekahsoft
GPG Key ID: 7B4DEB93212B3022
4 changed files with 157 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

117
.dir-locals.el Normal file
View File

@ -0,0 +1,117 @@
;; Per-directory local variables for GNU Emacs 23 and later.
((nil
. ((fill-column . 78)
(tab-width . 8)
(sentence-end-double-space . t)
;; For use with 'bug-reference-prog-mode'.
(bug-reference-url-format . "http://git.rekahsoft.ca/rekahsoft/rekahsoft-guix/issues/%s")
(bug-reference-bug-regexp
. "<https?://git.rekahsoft.ca/rekahsoft/rekahsoft-guix/issues\\([0-9]+\\)>")))
(c-mode . ((c-file-style . "gnu")))
(scheme-mode
.
((indent-tabs-mode . nil)
(eval . (put 'eval-when 'scheme-indent-function 1))
(eval . (put 'call-with-prompt 'scheme-indent-function 1))
(eval . (put 'test-assert 'scheme-indent-function 1))
(eval . (put 'test-assertm 'scheme-indent-function 1))
(eval . (put 'test-equalm 'scheme-indent-function 1))
(eval . (put 'test-equal 'scheme-indent-function 1))
(eval . (put 'test-eq 'scheme-indent-function 1))
(eval . (put 'call-with-input-string 'scheme-indent-function 1))
(eval . (put 'guard 'scheme-indent-function 1))
(eval . (put 'lambda* 'scheme-indent-function 1))
(eval . (put 'substitute* 'scheme-indent-function 1))
(eval . (put 'match-record 'scheme-indent-function 2))
;; 'modify-phases' and its keywords.
(eval . (put 'modify-phases 'scheme-indent-function 1))
(eval . (put 'replace 'scheme-indent-function 1))
(eval . (put 'add-before 'scheme-indent-function 2))
(eval . (put 'add-after 'scheme-indent-function 2))
(eval . (put 'modify-services 'scheme-indent-function 1))
(eval . (put 'with-directory-excursion 'scheme-indent-function 1))
(eval . (put 'with-file-lock 'scheme-indent-function 1))
(eval . (put 'with-file-lock/no-wait 'scheme-indent-function 1))
(eval . (put 'with-profile-lock 'scheme-indent-function 1))
(eval . (put 'with-writable-file 'scheme-indent-function 1))
(eval . (put 'package 'scheme-indent-function 0))
(eval . (put 'origin 'scheme-indent-function 0))
(eval . (put 'build-system 'scheme-indent-function 0))
(eval . (put 'bag 'scheme-indent-function 0))
(eval . (put 'graft 'scheme-indent-function 0))
(eval . (put 'operating-system 'scheme-indent-function 0))
(eval . (put 'file-system 'scheme-indent-function 0))
(eval . (put 'manifest-entry 'scheme-indent-function 0))
(eval . (put 'manifest-pattern 'scheme-indent-function 0))
(eval . (put 'substitute-keyword-arguments 'scheme-indent-function 1))
(eval . (put 'with-store 'scheme-indent-function 1))
(eval . (put 'with-external-store 'scheme-indent-function 1))
(eval . (put 'with-error-handling 'scheme-indent-function 0))
(eval . (put 'with-mutex 'scheme-indent-function 1))
(eval . (put 'with-atomic-file-output 'scheme-indent-function 1))
(eval . (put 'call-with-compressed-output-port 'scheme-indent-function 2))
(eval . (put 'call-with-decompressed-port 'scheme-indent-function 2))
(eval . (put 'call-with-gzip-input-port 'scheme-indent-function 1))
(eval . (put 'call-with-gzip-output-port 'scheme-indent-function 1))
(eval . (put 'call-with-lzip-input-port 'scheme-indent-function 1))
(eval . (put 'call-with-lzip-output-port 'scheme-indent-function 1))
(eval . (put 'signature-case 'scheme-indent-function 1))
(eval . (put 'emacs-batch-eval 'scheme-indent-function 0))
(eval . (put 'emacs-batch-edit-file 'scheme-indent-function 1))
(eval . (put 'emacs-substitute-sexps 'scheme-indent-function 1))
(eval . (put 'emacs-substitute-variables 'scheme-indent-function 1))
(eval . (put 'with-derivation-narinfo 'scheme-indent-function 1))
(eval . (put 'with-derivation-substitute 'scheme-indent-function 2))
(eval . (put 'with-status-report 'scheme-indent-function 1))
(eval . (put 'with-status-verbosity 'scheme-indent-function 1))
(eval . (put 'with-build-handler 'scheme-indent-function 1))
(eval . (put 'mlambda 'scheme-indent-function 1))
(eval . (put 'mlambdaq 'scheme-indent-function 1))
(eval . (put 'syntax-parameterize 'scheme-indent-function 1))
(eval . (put 'with-monad 'scheme-indent-function 1))
(eval . (put 'mbegin 'scheme-indent-function 1))
(eval . (put 'mwhen 'scheme-indent-function 1))
(eval . (put 'munless 'scheme-indent-function 1))
(eval . (put 'mlet* 'scheme-indent-function 2))
(eval . (put 'mlet 'scheme-indent-function 2))
(eval . (put 'run-with-store 'scheme-indent-function 1))
(eval . (put 'run-with-state 'scheme-indent-function 1))
(eval . (put 'wrap-program 'scheme-indent-function 1))
(eval . (put 'with-imported-modules 'scheme-indent-function 1))
(eval . (put 'with-extensions 'scheme-indent-function 1))
(eval . (put 'with-parameters 'scheme-indent-function 1))
(eval . (put 'let-system 'scheme-indent-function 1))
(eval . (put 'with-database 'scheme-indent-function 2))
(eval . (put 'call-with-transaction 'scheme-indent-function 2))
(eval . (put 'with-statement 'scheme-indent-function 3))
(eval . (put 'call-with-retrying-transaction 'scheme-indent-function 2))
(eval . (put 'call-with-savepoint 'scheme-indent-function 1))
(eval . (put 'call-with-retrying-savepoint 'scheme-indent-function 1))
(eval . (put 'call-with-container 'scheme-indent-function 1))
(eval . (put 'container-excursion 'scheme-indent-function 1))
(eval . (put 'eventually 'scheme-indent-function 1))
(eval . (put 'call-with-progress-reporter 'scheme-indent-function 1))
(eval . (put 'with-repository 'scheme-indent-function 2))
(eval . (put 'with-temporary-git-repository 'scheme-indent-function 2))
(eval . (put 'with-environment-variables 'scheme-indent-function 1))
(eval . (put 'with-fresh-gnupg-setup 'scheme-indent-function 1))
(eval . (put 'with-paginated-output-port 'scheme-indent-function 1))
;; This notably allows '(' in Paredit to not insert a space when the
;; preceding symbol is one of these.
(eval . (modify-syntax-entry ?~ "'"))
(eval . (modify-syntax-entry ?$ "'"))
(eval . (modify-syntax-entry ?+ "'"))))
(emacs-lisp-mode . ((indent-tabs-mode . nil)))
(texinfo-mode . ((indent-tabs-mode . nil)
(fill-column . 72))))

9
.guix-authorizations Normal file
View File

@ -0,0 +1,9 @@
;; This is the list of OpenPGP keys currently authorized to sign commits in
;; this repository.
(authorizations
(version 0)
((;; primary: "F7BD DC6D BBE6 B16B 2C71 1A02 5FAB 9938 E05B FEC8"
"F8D5 46F3 AF37 EF53 D1B6 48BE 7B4D EB93 212B 3022"
(name "rekahsoft"))))

6
.guix-channel Normal file
View File

@ -0,0 +1,6 @@
;; -*- mode: scheme; -*-
(channel
(version 0)
(news-file "news.txt")
(url "https://git.rekahsoft.ca/rekahsoft/rekahsoft-guix.git"))

25
news.txt Normal file
View File

@ -0,0 +1,25 @@
(channel-news
(version 0)
(entry (commit "1ac29b33f3ca19134fcbedd6dc22deb45c15229f")
(title (en "Nonguix authenticated updates"))
(body
(en "This is a personal channel that is meant as a staging ground
for changes I plan on making upstream to guix, however there may be packages
that may never be contributed due to technical or ideological reasons.
This channel can now take advantage of the new support for
authenticated updates in @command{guix pull}, which protects you from attempts
to tamper with this repository and ship malicious code instead.
To ensure you only receive genuine updates from rekahsoft-guix, you should update your
@file{~/.config/guix/channels.scm} to include the channel introduction:
@lisp
(channel
(name 'rekahsoft-guix)
(url \"https://git.rekahsoft.ca/rekahsoft/rekahsoft-guix\")
(introduction
(make-channel-introduction
\"<TODO:commit-sha>\"
(openpgp-fingerprint
\"F7BD DC6D BBE6 B16B 2C71 1A02 5FAB 9938 E05B FEC8\"))))
@end lisp "))))