nix-store --generate-binary-cache-key example.org /path/to/secret /path/to/public
-
For usage through the nix cli
nix copy --to s3://example?secret-key=/path/to/secret <path>
-
in hydra config
store_uri = s3://example?secret-key=/path/to/secret
-
make sure the binary cache is added to the trusted substituters through
nix.trustedBinaryCaches
(trusted-substituters
in nix.conf)nix.trustedBinaryCaches = [ s3://example ];
-
make sure to add the content of
/path/to/public
tonix.binaryCachePublicKeys
ortrusted-public-keys
in nix.conf