Configure S3 substituter on target host

Configure target host (biz) to pull from S3 binary cache.

Files to Modify

• Omni/Os/Base.nix - Add S3 substituter config

Changes to Omni/Os/Base.nix

Add to nix.settings:

nix.settings.substituters = [
  "https://cache.nixos.org"
  "https://nix-community.cachix.org"
  "s3://omni-nix-cache?profile=digitalocean&scheme=https&endpoint=nyc3.digitaloceanspaces.com"
];
nix.settings.trusted-public-keys = [
  "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
  "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
  "omni-cache:<PUBLIC_KEY_FROM_t-266.1>"
];

Also Required on Target

Create AWS credentials file for root (deployer runs as root):

# /root/.aws/credentials
[digitalocean]
aws_access_key_id = <SPACES_KEY>
aws_secret_access_key = <SPACES_SECRET>

Verification

1. Deploy via existing push.sh: push.sh Biz.nix 2. SSH to target and verify cache works: bash nix copy --from 's3://omni-nix-cache?profile=digitalocean&scheme=https&endpoint=nyc3.digitaloceanspaces.com' /nix/store/<path-from-t-266.1>