corrupt binary cache key

Hi there,

i tried to use nix-serve to provide a binary cache for a host which has no direct internet access. Unfortunately i was not successful and i cannot figure out what is missing.

I generally followed Gabriel's answers here: https://unix.stackexchange.com/questions/295947/local-nix-cache-is-ignored-because-nar-info-file-lacks-a-signature

The binary cache host is some ubuntu machine with nix installed installed via the usual installer from the nix homepage, the target machine is some cent OS, also with nix installed using the usual installer. (The installation happened on thursday March 15th.)

On the binary cache i did the following:

$ nix-store --generate-binary-cache-key 1.2.3.4 nix-serve.sec nix-serve.pub
$ sudo NIX_SECRET_KEY_FILE=/path/to/nix-serve.sec nix-serve -p 80
# must use port 80 due to firewall restrictions, therefore sudo.

I then copied the public key to the target machine where i configured the following:

target $ cat ~/.config/nix/nix.conf 
binary-caches = http://1.2.3.4
binary-cache-public-keys = 1.2.3.4:key123
trusted-public-keys = 1.2.3.4:key123
trusted-substituters = 1.2.3.4

# Please imagine some real IP and key instead of dummy values here.

Now i installed some package on the binary cache host first in order to also install it on the target. But on the target, the following happens:

$ nix-env -iA nixpkgs.git
GC Warning: pthread_getattr_np or pthread_attr_getstack failed for main thread
installing 'git-minimal-2.16.2'
warning: unable to download 'http://1.2.3.4/aakgkcvw6j54zg38zrn1w00sgxx0zj8b.narinfo': HTTP error 500 (curl error: No error); retrying in 257 ms
warning: unable to download 'http://1.2.3.4/qqv6r9vkpb44rw5d8wyfpx64rgqzlvdm.narinfo': HTTP error 500 (curl error: No error); retrying in 333 ms
warning: unable to download 'http://1.2.3.4/2p00w952ljb1172nsf3jm7nsjgsw5qpw.narinfo': HTTP error 500 (curl error: No error); retrying in 278 ms
warning: unable to download 'http://1.2.3.4/aakgkcvw6j54zg38zrn1w00sgxx0zj8b.narinfo': HTTP error 500 (curl error: No error); retrying in 318 ms
warning: unable to download 'http://1.2.3.4/aakgkcvw6j54zg38zrn1w00sgxx0zj8b.narinfo': HTTP error 500 (curl error: No error); retrying in 661 ms

on the binary cache side i get the following messages:

$ sudo NIX_SECRET_KEY_FILE=/home/nix_user/nix_keys/nix-serve.sec /home/nix_user/.nix-profile/bin/nix-serve -p 80
2018/03/17-14:04:28 Starman::Server (type Net::Server::PreFork) starting! pid(8897)
Resolved [*]:80 to [0.0.0.0]:80, IPv4
Binding to TCP port 80 on host 0.0.0.0 with IPv4
Setting gid to "0 0 0"
warning: the group 'nixbld' specified in 'build-users-group' does not exist
secret key is corrupt at /nix/store/siy2lk75jaw3vmg3jzz3n1whv9cnjhyn-nix-serve-0.2-7e09caa/libexec/nix-serve/nix-serve.psgi line 42.
secret key is corrupt at /nix/store/siy2lk75jaw3vmg3jzz3n1whv9cnjhyn-nix-serve-0.2-7e09caa/libexec/nix-serve/nix-serve.psgi line 42.
warning: the group 'nixbld' specified in 'build-users-group' does not exist
warning: the group 'nixbld' specified in 'build-users-group' does not exist
secret key is corrupt at /nix/store/siy2lk75jaw3vmg3jzz3n1whv9cnjhyn-nix-serve-0.2-7e09caa/libexec/nix-serve/nix-serve.psgi line 42.
secret key is corrupt at /nix/store/siy2lk75jaw3vmg3jzz3n1whv9cnjhyn-nix-serve-0.2-7e09caa/libexec/nix-serve/nix-serve.psgi line 42.
secret key is corrupt at /nix/store/siy2lk75jaw3vmg3jzz3n1whv9cnjhyn-nix-serve-0.2-7e09caa/libexec/nix-serve/nix-serve.psgi line 42.
secret key is corrupt at /nix/store/siy2lk75jaw3vmg3jzz3n1whv9cnjhyn-nix-serve-0.2-7e09caa/libexec/nix-serve/nix-serve.psgi line 42.
secret key is corrupt at /nix/store/siy2lk75jaw3vmg3jzz3n1whv9cnjhyn-nix-serve-0.2-7e09caa/libexec/nix-serve/nix-serve.psgi line 42.
secret key is corrupt at /nix/store/siy2lk75jaw3vmg3jzz3n1whv9cnjhyn-nix-serve-0.2-7e09caa/libexec/nix-serve/nix-serve.psgi line 42.

The secrect key file exists, seems to have the right access permissions (public R for all, secret RW only for me). I tried to generate new ones, but to no avail.

What can i do?

edolstra / nix-serve

corrupt binary cache key #9