README: document missing files

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
This commit is contained in:
Denis 'GNUtoo' Carikli 2023-09-19 22:43:49 +02:00
parent 7bbeec490a
commit b4eb83df6e
Signed by: GNUtoo
GPG Key ID: 5F5DFCC14177E263
1 changed files with 26 additions and 0 deletions

26
README
View File

@ -6,6 +6,32 @@ $ ./autogen.sh && ./configure && make
You can also check the configure option for configuring it for testing
on another infrastructure (for instance by using another domain).
To build an image you will also need at least id_ed25519.pub and
signing-key.pub:
- id_ed25519.pub can be genreated with the ssh-keygen -t ed25519
command. See the ssh-keygen manual ('man 1 ssh-keygen') for more
details. If you're not confortable with that, backup your ~/.ssh
folder first.
- signing-key.pub can be generated with the 'guix archive
--generate-key' command. See the "Invoking guix archive" in the
Guix manual for more details[1].
https://guix.gnu.org/en/manual/en/guix.html#Invoking-guix-archive
Other files are optional:
- id_ed25519: It is used for guix deploy. It is also generated by
ssh-keygen. A good idea is to have a symlink to it in order not to
have scp copy it to the target machine by mistake as it is the SSH
private key. Using separate SSH keys for separate machines also help
limiting the damage when such accident happen.
- id_wireguard: This is the wireguard private key. It can be generated
with the 'wg genkey > id_wireguard' command. See the wg manual ('man
8 wg') for more detail.
Note that letsencrypt has a limit of about 5 certificates per week, so
it's a good idea to use test domains before deployments.