maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs: Update GCS signing key documentation

Browse source 
This key is now taken straight from the configured service account
key.
This commit is contained in:
Vincent Ambo 2019-10-27 13:42:24 +01:00 committed by Vincent Ambo
parent 3a5db4f9f1
commit 7b7d21205f
2 changed files with 14 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

8
tools/nixery/docs/src/run-your-own.md
View file

@ -85,15 +85,15 @@ You may set *all* of these:
* `NIX_TIMEOUT`: Number of seconds that any Nix builder is allowed to run
(defaults to 60)
* `GCS_SIGNING_KEY`: A Google service account key (in PEM format) that can be
used to [sign Cloud Storage URLs][signed-urls]
* `GCS_SIGNING_ACCOUNT`: Google service account ID that the signing key belongs
to
To authenticate to the configured GCS bucket, Nixery uses Google's [Application
Default Credentials][ADC]. Depending on your environment this may require
additional configuration.
If the `GOOGLE_APPLICATION_CREDENTIALS` environment is configured, the service
account's private key will be used to create [signed URLs for
layers][signed-urls].
## 4. Deploy Nixery
With the above environment variables configured, you can run the image that was