I can't get hydra to ever sign any of the packages that it puts up on the s3 cache. I manually tried building a package on the hydra machine and it signed it with the key used in secret-key-files and then I was able to nix copy that to my personal machine that has the hydra public key as a trusted public key. I also made sure to make hydra-queue-runner the owner of the key. Here are the permissions:
I can't get hydra to ever sign any of the packages that it puts up on the s3 cache. I manually tried building a package on the hydra machine and it signed it with the key used in
secret-key-files
and then I was able to nix copy that to my personal machine that has the hydra public key as a trusted public key. I also made sure to makehydra-queue-runner
the owner of the key. Here are the permissions:Here is my hydra nixos config:
Hydra Server:
Please fill out this data as well as you can, but don't worry if you can't -- just do your best.