From f4eb5f27d320b016811e7d4874047eff97f67480 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aleix=20Bon=C3=A9?= <aleix.boneribo@bsc.es>
Date: Tue, 8 Apr 2025 18:25:04 +0200
Subject: [PATCH] make hut cache a trusted substituter

---
 m/module/hut-substituter.nix |  2 +-
 web/content/hut/_index.md    | 13 ++++++++-----
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/m/module/hut-substituter.nix b/m/module/hut-substituter.nix
index 5a864bd..19e628e 100644
--- a/m/module/hut-substituter.nix
+++ b/m/module/hut-substituter.nix
@@ -4,7 +4,7 @@
     # Don't add hut as a cache to itself
     assert config.networking.hostName != "hut";
     {
-      substituters = [ "https://jungle.bsc.es/cache" ];
+      trusted-substituters = [ "https://jungle.bsc.es/cache" ];
       trusted-public-keys = [ "jungle.bsc.es:pEc7MlAT0HEwLQYPtpkPLwRsGf80ZI26aj29zMw/HH0=" ];
     };
 }
diff --git a/web/content/hut/_index.md b/web/content/hut/_index.md
index a588834..7707302 100644
--- a/web/content/hut/_index.md
+++ b/web/content/hut/_index.md
@@ -23,7 +23,7 @@ a good candidate for low noise executions.
 We provide a binary cache in `hut`, with the aim of avoiding unnecessary
 recompilation of packages.
 
-The cache should contain common packages from bsckpkgs, but we don't provide
+The cache should contain common packages from bscpkgs, but we don't provide
 any guarantee that of what will be available in the cache, or for how long.
 We recommend following the latest version of the `jungle` flake to avoid cache
 misses.
@@ -38,7 +38,8 @@ enable it for all builds in the system.
 ```nix
 { ... }: {
   nix.settings = {
-    substituters = [ "https://jungle.bsc.es" ];
+    substituters = [ "https://jungle.bsc.es/cache" ];
+    trusted-substituters = [ "https://jungle.bsc.es/cache" ];
     trusted-public-keys = [ "jungle.bsc.es:pEc7MlAT0HEwLQYPtpkPLwRsGf80ZI26aj29zMw/HH0=" ];
   };
 }
@@ -53,13 +54,15 @@ The cache can also be specified in a per-command basis through the flags
 nix build --substituters "https://jungle.bsc.es/cache" --trusted-public-keys "jungle.bsc.es:pEc7MlAT0HEwLQYPtpkPLwRsGf80ZI26aj29zMw/HH0=" <...>
 ```
 
+Note: you'll have to be a trusted user.
+
 ### Nix configuration file (non-nixos)
 
 If using nix outside of NixOS, you'll have to update `nix.conf`
 
-```bash
-echo "substituters = https://jungle.bsc.es" >> /etc/nix/nix.conf
-echo "trusted-public-keys = jungle.bsc.es:pEc7MlAT0HEwLQYPtpkPLwRsGf80ZI26aj29zMw/HH0=" >> /etc/nix/nix.conf
+```
+# echo "trusted-substituters = https://jungle.bsc.es/cache" >> /etc/nix/nix.conf
+# echo "trusted-public-keys = jungle.bsc.es:pEc7MlAT0HEwLQYPtpkPLwRsGf80ZI26aj29zMw/HH0=" >> /etc/nix/nix.conf
 ```
 
 ### Hint in flakes