Set up DO Spaces S3 binary cache

Create private DO Spaces bucket for Nix binary cache.

Steps

1. Create DO Spaces bucket named 'omni-nix-cache' in nyc3 region 2. Set bucket to PRIVATE (not public) 3. Create Spaces access key in DO console 4. Generate Nix signing keys: bash nix-store --generate-binary-cache-key omni-cache ~/.config/nix/cache-priv-key.pem ~/.config/nix/cache-pub-key.pem 5. Configure AWS credentials on dev machine: # ~/.aws/credentials [digitalocean] aws_access_key_id = <SPACES_KEY> aws_secret_access_key = <SPACES_SECRET> 6. Test manual push: bash nix build nixpkgs#hello nix store sign --key-file ~/.config/nix/cache-priv-key.pem ./result nix copy --to 's3://omni-nix-cache?profile=digitalocean&scheme=https&endpoint=nyc3.digitaloceanspaces.com' ./result

Outputs

• Bucket URL: s3://omni-nix-cache
• Public key content (for t-266.2)
• Verified manual push works

Reference

• DO Spaces docs: https://docs.digitalocean.com/products/spaces/
• Nix S3 cache docs: https://nix.dev/manual/nix/2.23/store/types/s3-binary-cache-store