nix/module/RemoteBuilder.nix

{ pkgs, ... }: let
	keyPath = "/root/.nixcache";
in {
	systemd.services.generate-nix-cache-key = {
		wantedBy = [ "multi-user.target" ];
		serviceConfig.Type = "oneshot";
		path = [ pkgs.nix ];
		script = ''
			[[ -f "${keyPath}/private-key" ]] && exit
			mkdir ${keyPath} || true
			nix-store --generate-binary-cache-key "$HOSTNAME-1" "${keyPath}/private-key" "${keyPath}/public-key"
			nix store sign --all -k "${keyPath}/private-key"
		'';
	};
	# To apply: nix store sign --all -k /path/to/secret-key-file
	nix.extraOptions = ''
		secret-key-files = ${keyPath}/private-key
	'';
}
RemoteBuilder : Add auto key gen. 2024-03-10 07:54:10 +03:00			`{ pkgs, ... }: let`
			`keyPath = "/root/.nixcache";`
			`in {`
			`systemd.services.generate-nix-cache-key = {`
			`wantedBy = [ "multi-user.target" ];`
			`serviceConfig.Type = "oneshot";`
			`path = [ pkgs.nix ];`
			`script = ''`
			`[[ -f "${keyPath}/private-key" ]] && exit`
			`mkdir ${keyPath} \|\| true`
			`nix-store --generate-binary-cache-key "$HOSTNAME-1" "${keyPath}/private-key" "${keyPath}/public-key"`
RemoteBuilder : Add auto-sign. 2024-03-10 08:00:13 +03:00			`nix store sign --all -k "${keyPath}/private-key"`
RemoteBuilder : Add auto key gen. 2024-03-10 07:54:10 +03:00			`'';`
			`};`
RemoteBuilder : Remove unneded config. 2024-03-10 06:46:02 +03:00			`# To apply: nix store sign --all -k /path/to/secret-key-file`
NixServe : Replace with RemoteBuilder. 2024-03-09 18:38:41 +03:00			`nix.extraOptions = ''`
RemoteBuilder : Add auto-sign. 2024-03-10 08:00:13 +03:00			`secret-key-files = ${keyPath}/private-key`
NixServe : Replace with RemoteBuilder. 2024-03-09 18:38:41 +03:00			`'';`
			`}`