RemoteBuilder : Add auto key gen.

module/NixServe.nix

@@ -1,9 +0,0 @@
-{ pkgs, ... }: {
-	services.nix-serve = {
-		enable        = true;
-		bindAddress   = "0.0.0.0";
-		package       = pkgs.nix-serve-ng;
-		port          = 5000;
-		secretKeyFile = "/root/.nixcache/secret-key-file"; # Generate with: nix-store --generate-binary-cache-key nixcache.voronind.com secret-key-file public-key-file
-	};
-}

module/RemoteBuild.nix

@@ -17,6 +17,6 @@
 		builders-use-substitutes = true
 		extra-substituters = ssh-ng://home
 		extra-trusted-substituters = ssh-ng://home
-		extra-trusted-public-keys = nixcache.voronind.com:i9dE2VZI40/LCM/mmUGs8kwal1bQo3xbSjrzxhInmOw=
+		extra-trusted-public-keys = home-1:Skghjixd8lPzNe2ZEgYLM9Pu/wF9wiZtZGsdm3bo9h0=
 	'';
 }

module/RemoteBuilder.nix

@@ -1,6 +1,18 @@
-{ ... }: {
+{ pkgs, ... }: let
+	keyPath = "/root/.nixcache";
+in {
+	systemd.services.generate-nix-cache-key = {
+		wantedBy = [ "multi-user.target" ];
+		serviceConfig.Type = "oneshot";
+		path = [ pkgs.nix ];
+		script = ''
+			[[ -f "${keyPath}/private-key" ]] && exit
+			mkdir ${keyPath} || true
+			nix-store --generate-binary-cache-key "$HOSTNAME-1" "${keyPath}/private-key" "${keyPath}/public-key"
+		'';
+	};
 	# To apply: nix store sign --all -k /path/to/secret-key-file
 	nix.extraOptions = ''
-		secret-key-files = /root/.nixcache/secret-key-file
+		secret-key-files = /root/.nixcache/private-key
 	'';
 }