BinaryCacheStore: Make the signing key a parameter
This commit is contained in:
parent
f6aee2f477
commit
8e065c6b3e
8 changed files with 21 additions and 46 deletions
|
@ -406,16 +406,6 @@ flag, e.g. <literal>--option gc-keep-outputs false</literal>.</para>
|
|||
</varlistentry>
|
||||
|
||||
|
||||
<varlistentry><term><literal>binary-cache-secret-key-file</literal></term>
|
||||
|
||||
<listitem><para>Path of the file containing the secret key to be
|
||||
used for signing binary caches. This file can be generated using
|
||||
<command>nix-store
|
||||
--generate-binary-cache-key</command>.</para></listitem>
|
||||
|
||||
</varlistentry>
|
||||
|
||||
|
||||
<varlistentry><term><literal>binary-caches-parallel-connections</literal></term>
|
||||
|
||||
<listitem><para>The maximum number of parallel HTTP connections
|
||||
|
|
|
@ -15,9 +15,10 @@
|
|||
namespace nix {
|
||||
|
||||
BinaryCacheStore::BinaryCacheStore(std::shared_ptr<Store> localStore,
|
||||
const Path & secretKeyFile)
|
||||
const StoreParams & params)
|
||||
: localStore(localStore)
|
||||
{
|
||||
auto secretKeyFile = get(params, "secret-key", "");
|
||||
if (secretKeyFile != "")
|
||||
secretKey = std::unique_ptr<SecretKey>(new SecretKey(readFile(secretKeyFile)));
|
||||
|
||||
|
|
|
@ -21,7 +21,8 @@ private:
|
|||
|
||||
protected:
|
||||
|
||||
BinaryCacheStore(std::shared_ptr<Store> localStore, const Path & secretKeyFile);
|
||||
BinaryCacheStore(std::shared_ptr<Store> localStore,
|
||||
const StoreParams & params);
|
||||
|
||||
[[noreturn]] void notImpl();
|
||||
|
||||
|
|
|
@ -16,8 +16,8 @@ private:
|
|||
public:
|
||||
|
||||
HttpBinaryCacheStore(std::shared_ptr<Store> localStore,
|
||||
const Path & secretKeyFile, const Path & _cacheUri)
|
||||
: BinaryCacheStore(localStore, secretKeyFile)
|
||||
const StoreParams & params, const Path & _cacheUri)
|
||||
: BinaryCacheStore(localStore, params)
|
||||
, cacheUri(_cacheUri)
|
||||
, downloaders(
|
||||
std::numeric_limits<size_t>::max(),
|
||||
|
@ -92,8 +92,7 @@ static RegisterStoreImplementation regStore([](
|
|||
if (std::string(uri, 0, 7) != "http://" &&
|
||||
std::string(uri, 0, 8) != "https://") return 0;
|
||||
auto store = std::make_shared<HttpBinaryCacheStore>(std::shared_ptr<Store>(0),
|
||||
settings.get("binary-cache-secret-key-file", string("")),
|
||||
uri);
|
||||
params, uri);
|
||||
store->init();
|
||||
return store;
|
||||
});
|
||||
|
|
|
@ -12,7 +12,11 @@ private:
|
|||
public:
|
||||
|
||||
LocalBinaryCacheStore(std::shared_ptr<Store> localStore,
|
||||
const Path & secretKeyFile, const Path & binaryCacheDir);
|
||||
const StoreParams & params, const Path & binaryCacheDir)
|
||||
: BinaryCacheStore(localStore, params)
|
||||
, binaryCacheDir(binaryCacheDir)
|
||||
{
|
||||
}
|
||||
|
||||
void init() override;
|
||||
|
||||
|
@ -31,13 +35,6 @@ protected:
|
|||
|
||||
};
|
||||
|
||||
LocalBinaryCacheStore::LocalBinaryCacheStore(std::shared_ptr<Store> localStore,
|
||||
const Path & secretKeyFile, const Path & binaryCacheDir)
|
||||
: BinaryCacheStore(localStore, secretKeyFile)
|
||||
, binaryCacheDir(binaryCacheDir)
|
||||
{
|
||||
}
|
||||
|
||||
void LocalBinaryCacheStore::init()
|
||||
{
|
||||
createDirs(binaryCacheDir + "/nar");
|
||||
|
@ -74,23 +71,15 @@ std::shared_ptr<std::string> LocalBinaryCacheStore::getFile(const std::string &
|
|||
}
|
||||
}
|
||||
|
||||
ref<Store> openLocalBinaryCacheStore(std::shared_ptr<Store> localStore,
|
||||
const Path & secretKeyFile, const Path & binaryCacheDir)
|
||||
{
|
||||
auto store = make_ref<LocalBinaryCacheStore>(
|
||||
localStore, secretKeyFile, binaryCacheDir);
|
||||
store->init();
|
||||
return store;
|
||||
}
|
||||
|
||||
static RegisterStoreImplementation regStore([](
|
||||
const std::string & uri, const StoreParams & params)
|
||||
-> std::shared_ptr<Store>
|
||||
{
|
||||
if (std::string(uri, 0, 7) != "file://") return 0;
|
||||
return openLocalBinaryCacheStore(std::shared_ptr<Store>(0),
|
||||
settings.get("binary-cache-secret-key-file", string("")),
|
||||
std::string(uri, 7));
|
||||
auto store = std::make_shared<LocalBinaryCacheStore>(
|
||||
std::shared_ptr<Store>(0), params, std::string(uri, 7));
|
||||
store->init();
|
||||
return store;
|
||||
});
|
||||
|
||||
}
|
||||
|
|
|
@ -43,8 +43,8 @@ struct S3BinaryCacheStoreImpl : public S3BinaryCacheStore
|
|||
Stats stats;
|
||||
|
||||
S3BinaryCacheStoreImpl(std::shared_ptr<Store> localStore,
|
||||
const Path & secretKeyFile, const std::string & bucketName)
|
||||
: S3BinaryCacheStore(localStore, secretKeyFile)
|
||||
const StoreParams & params, const std::string & bucketName)
|
||||
: S3BinaryCacheStore(localStore, params)
|
||||
, bucketName(bucketName)
|
||||
, config(makeConfig())
|
||||
, client(make_ref<Aws::S3::S3Client>(*config))
|
||||
|
@ -245,8 +245,7 @@ static RegisterStoreImplementation regStore([](
|
|||
{
|
||||
if (std::string(uri, 0, 5) != "s3://") return 0;
|
||||
auto store = std::make_shared<S3BinaryCacheStoreImpl>(std::shared_ptr<Store>(0),
|
||||
settings.get("binary-cache-secret-key-file", string("")),
|
||||
std::string(uri, 5));
|
||||
params, std::string(uri, 5));
|
||||
store->init();
|
||||
return store;
|
||||
});
|
||||
|
|
|
@ -11,8 +11,8 @@ class S3BinaryCacheStore : public BinaryCacheStore
|
|||
protected:
|
||||
|
||||
S3BinaryCacheStore(std::shared_ptr<Store> localStore,
|
||||
const Path & secretKeyFile)
|
||||
: BinaryCacheStore(localStore, secretKeyFile)
|
||||
const StoreParams & params)
|
||||
: BinaryCacheStore(localStore, params)
|
||||
{ }
|
||||
|
||||
public:
|
||||
|
|
|
@ -529,10 +529,6 @@ ref<Store> openStoreAt(const std::string & uri);
|
|||
ref<Store> openStore();
|
||||
|
||||
|
||||
ref<Store> openLocalBinaryCacheStore(std::shared_ptr<Store> localStore,
|
||||
const Path & secretKeyFile, const Path & binaryCacheDir);
|
||||
|
||||
|
||||
/* Return the default substituter stores, defined by the
|
||||
‘substituters’ option and various legacy options like
|
||||
‘binary-caches’. */
|
||||
|
|
Loading…
Reference in a new issue