Hey folks,
After setting secret-key-files
from a nix flake, then running nix gc && nix store optimise
, somehow the key has been deleted from the Nix store.
Now I can’t build because /etc/nix/nix.conf
refers to the now deleted key in the store. But because /etc/nix/nix.conf
is read-only, I can’t reset the secret-key-files
line to blank, so I can run nixos-rebuild
again.
I’ve tried running nix store verify --repair --all
, but it didn’t help or produce any error.
Any thoughts on how to go about fixing this issue?
nixos-rebuild build fails because of missing file in /nix/store
/etc/nix/nix.conf references this file
john@saturn:~/.config/nix/ > cat /etc/nix/nix.conf
# WARNING: this file is generated from the nix.* options in
# your NixOS configuration, typically
# /etc/nixos/configuration.nix. Do not edit it!
allowed-users = *
auto-optimise-store = false
cores = 0
experimental-features = nix-command flakes
max-jobs = auto
require-sigs = true
sandbox = true
sandbox-fallback = false
secret-key-files = /nix/store/zwibnvq1c72qaw6bx1hw7im9shdgb1ar-source/secrets/sun/nix-bin-cache-priv-key.pem
substituters = https://hyprland.cachix.org ssh-ng://sun https://cache.nixos.org/
system-features = nixos-test benchmark big-parallel kvm
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc= sun:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
trusted-substituters =
trusted-users = root root johnhamelink john @wheel
extra-sandbox-paths =
extra-substituters = https://cache.lix.systems https://nix-community.cachix.org
builders-use-substitutes = true
john@saturn:~/.config/nix/ >
Can't edit /etc/nix/nix.conf
john@saturn:~/.config/nix/ > readlink -f /etc/nix/nix.conf
/nix/store/jwsll18j0grpcnshyjxvlmaccgvhwxvd-nix.conf
root@saturn:/home/john/.config/nix/ > echo " " | tee -a /nix/store/jwsll18j0grpcnshyjxvlmaccgvhwxvd-nix.conf
tee: /nix/store/jwsll18j0grpcnshyjxvlmaccgvhwxvd-nix.conf: Read-only file system
Key doesn't exist
john@saturn:~/.config/nix/ > ls -al /nix/store/zwibnvq1c72qaw6bx1hw7im9shdgb1ar-source/secrets/sun/nix-bin-cache-priv-key.pem
ls: cannot access '/nix/store/zwibnvq1c72qaw6bx1hw7im9shdgb1ar-source/secrets/sun/nix-bin-cache-priv-key.pem': No such file or directory
Nix doctor passes
john@saturn:~/.config/nix/ > nix doctor
[PASS] PATH contains only one nix version.
[PASS] All profiles are gcroots.
[PASS] Client protocol matches store protocol.
[INFO] You are trusted by store uri: daemon
Thanks!
JH