RemoteBuilder : Add auto-sign.

This commit is contained in:
Dmitry Voronin 2024-03-10 08:00:13 +03:00
parent 37b315f536
commit 4bea28cc2a

View file

@ -9,10 +9,11 @@ in {
[[ -f "${keyPath}/private-key" ]] && exit [[ -f "${keyPath}/private-key" ]] && exit
mkdir ${keyPath} || true mkdir ${keyPath} || true
nix-store --generate-binary-cache-key "$HOSTNAME-1" "${keyPath}/private-key" "${keyPath}/public-key" nix-store --generate-binary-cache-key "$HOSTNAME-1" "${keyPath}/private-key" "${keyPath}/public-key"
nix store sign --all -k "${keyPath}/private-key"
''; '';
}; };
# To apply: nix store sign --all -k /path/to/secret-key-file # To apply: nix store sign --all -k /path/to/secret-key-file
nix.extraOptions = '' nix.extraOptions = ''
secret-key-files = /root/.nixcache/private-key secret-key-files = ${keyPath}/private-key
''; '';
} }