On 03/03/2026 12:44, Carlo Zancanaro wrote:
I think this snippet has a slight mistake
Yes, whoops, for completeness the correct snippet is below.
(define (add-deploy-machine os)
(let ((%authorized-keys
(cons (local-file "/etc/guix/signing-key.pub")
(guix-configuration-authorized-keys (service-configuration
os guix)))))
(modify-service os guix
(authorized-keys %authorized-keys))))
Now the question is, what should the fix be? I can see two options:
Considering the description of the `authorize?` flag to
machine-ssh-configuration, I find option 1 far more intuitive.
|authorize?| (default: |#t|)
If true, the coordinator’s signing key will be added to the
remote’s ACL keyring.
Best wishes,
Dan
