nix3-store-sign(1)
sign store paths Cnix store sign [option] installables C--key-file / C-k file File containing the secret signing key
Description
nix3-store-sign
Warning: This program is experimental and its interface is subject to change.
Name
nix store sign - sign store paths
Synopsis
nix store sign [option…] installables…
Options
|
• |
--key-file / -k file |
File containing the secret signing key.
Common evaluation options:
|
• |
--arg name expr |
Pass the value expr as the argument name to Nix functions.
|
• |
--argstr name string |
Pass the string string as the argument name to Nix functions.
|
• |
--eval-store store-url |
The Nix store to use for evaluations.
|
• |
--impure |
Allow access to mutable paths and repositories.
|
• |
--include / -I path |
Add path to the list of locations used to look up <...> file names.
|
• |
--override-flake original-ref resolved-ref |
Override the flake registries, redirecting original-ref to resolved-ref.
Common flake-related options:
|
• |
--commit-lock-file |
Commit changes to the flake’s lock file.
|
• |
--inputs-from flake-url |
Use the inputs of the specified flake as registry entries.
|
• |
--no-registries |
Don’t allow lookups in the flake registries. This option is deprecated; use --no-use-registries.
|
• |
--no-update-lock-file |
Do not allow any updates to the flake’s lock file.
|
• |
--no-write-lock-file |
Do not write the flake’s newly generated lock file.
|
• |
--override-input input-path flake-url |
Override a specific flake input (e.g. dwarffs/nixpkgs). This implies --no-write-lock-file.
|
• |
--recreate-lock-file |
Recreate the flake’s lock file from scratch.
|
• |
--update-input input-path |
Update a specific flake input (ignoring its previous entry in the lock file).
Options that change the interpretation of installables:
|
• |
--all |
Apply the operation to every store path.
|
• |
--derivation |
Operate on the store derivation rather than its outputs.
|
• |
--expr expr |
Interpret installables as attribute paths relative to the Nix expression expr.
|
• |
--file / -f file |
Interpret installables as attribute paths relative to the Nix expression stored in file. If file is the character -, then a Nix expression will be read from standard input.
|
• |
--recursive / -r |
Apply operation to closure of the specified paths.