From 0c788fd30ce9ae927d23c72e4e3449b90b009e47 Mon Sep 17 00:00:00 2001
From: Julien Malka <julien.malka@me.com>
Date: Sat, 25 Dec 2021 19:21:55 +0100
Subject: [PATCH] Fixed bincache

---
 modules/bincache/default.nix | 12 ++++++++++--
 modules/nix/default.nix      |  4 ++--
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/modules/bincache/default.nix b/modules/bincache/default.nix
index a2f4cbb..bc290a7 100644
--- a/modules/bincache/default.nix
+++ b/modules/bincache/default.nix
@@ -14,8 +14,16 @@ with lib;
   };
 
   config = mkIf cfg.enable
-    {
-      sops.secrets.bin-cache-priv-key = {};
+  {
+    users.users.nix-serve = {
+      isSystemUser = true;
+    };
+      users.users.nix-serve.group = "nix-serve";
+      users.groups.nix-serve = {};
+
+      sops.secrets.bin-cache-priv-key = {
+        owner = "nix-serve";
+      };
 
       services.nix-serve = {
         enable = true;
diff --git a/modules/nix/default.nix b/modules/nix/default.nix
index d65f4df..ca1f3cc 100644
--- a/modules/nix/default.nix
+++ b/modules/nix/default.nix
@@ -13,7 +13,7 @@ with lib;
       nixpkgs.config.allowUnfree = true;
       nix = {
         autoOptimiseStore = true;
-        allowedUsers = [ "julien" "hydra" ];
+        allowedUsers = [ "julien" "hydra" "nix-serve" ];
         gc = {
           automatic = true;
           dates = "daily";
@@ -26,7 +26,7 @@ with lib;
           "nixpkgs=${inputs.nixpkgs}"
         ]; 
         binaryCaches = [
-          "https://bin.julienmalka.me"
+         # "https://bin.julienmalka.me"
           "https://cache.nixos.org/"
         ];
         binaryCachePublicKeys = [