.\" Generated by scdoc 1.11.3
.\" Complete documentation for this program is not available as a GNU info page
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.nh
.ad l
.\" Begin generated content:
.TH "rebuilderd" "1" "2025-02-27"
.PP
.SH NAME
.PP
rebuilderd - Independent verification of binary packages (daemon)
.PP
.SH SYNOPSIS
.PP
\fBrebuilderd\fR [-v] [-c /etc/rebuilderd.\&conf]
.PP
.SH DESCRIPTION
.PP
The rebuilderd binary keeps track of the state for all packages, the work queue
and assigns rebuilds to \fBrebuilderd-worker\fR instances.\&
.PP
.SH AUTHENTICATION
.PP
There are two public routes so anybody can run \fBrebuildctl pkgs ls\fR and
\fBrebuildctl queue ls\fR.\& Everything else requires authentication.\& rebuilderd is
going to check multiple locations in this order:
.PP
.PD 0
.IP \(bu 4
~/.\&config/rebuilderd.\&conf
.IP \(bu 4
/etc/rebuilderd.\&conf
.IP \(bu 4
/var/lib/rebuilderd/auth-cookie
.IP \(bu 4
~/.\&local/share/rebuilderd-auth-cookie
.PD
.PP
.PP
.PP
Paths ending with \fB.\&conf\fR are parsed as config files and we'\&re looking for a
section like this:
.PP
.nf
.RS 4
[auth]
cookie = "Put your secret here"
.fi
.RE
.PP
With paths ending in \fBauth-cookie\fR we'\&re taking the content as-is.\& If we can'\&t
find a pre-configured value we'\&re going to generate one and write it to
\fB/var/lib/rebuilderd/auth-cookie\fR.\&
.PP
.SH WORKER AUTHENTICATION
.PP
There are two ways to authenticate workers.\& If you work with a fixed number of
workers you can allow-list their keys:
.PP
.nf
.RS 4
[worker]
authorized_workers = ["key1", "key2"]
.fi
.RE
.PP
NOTE: the keys are currently not challenged and the worker doesn'\&t have to
prove ownership of the private key.\& This is going to change in future versions.\&
.PP
You can also use a shared secret that allows you to dynamically join new
workers.\& This is especially useful in cloud setups.\& A secret can be generated
with `pwgen -1s 32`:
.PP
.nf
.RS 4
[worker]
signup_secret = "Put your secret here"
.fi
.RE
.PP
If both are not configured the workers need to provide admin credentials
described in the previous section.\&
.PP
.SH SEE ALSO
.PP
\fBrebuilderd.\&conf\fR(5), \fBrebuildctl\fR(1), \fBrebuilderd-worker\fR(1).\&
.PP
.SH AUTHORS
.PP
rebuilderd was originally written by kpcyrd and is hosted at https://github.\&com/kpcyrd/rebuilderd