Added comments about seccureKeys for configuration files encryption

svn path=/nixos/trunk/; revision=12342
2008-07-11 08:01:09 +00:00 · 2008-07-11 08:01:09 +00:00 · 0ac32cbb99
commit 0ac32cbb99
parent 48ec05d257
1 changed files with 7 additions and 1 deletions
--- a/system/options.nix
+++ b/system/options.nix
@ -2468,6 +2468,12 @@
 	description = "
 	  Public key. Make it path argument, so it is copied into store and
 	  hashed. 
+
+	  The key is used to encrypt Gateway 6 configuration in store, as it
+	  contains a password for external service. Unfortunately, 
+	  derivation file should be protected by other means. For example, 
+	  nix-http-export.cgi will happily export any non-derivation path,
+	  but not a derivation.
 	";
      };
      private = mkOption {