From 8fbc27af46e49265691ca664e5705b043639c7ca Mon Sep 17 00:00:00 2001
From: h0nIg <h0nIg@users.noreply.github.com>
Date: Thu, 26 Jun 2025 23:33:27 +0200
Subject: [PATCH] enhancements

---
 docker.nix | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/docker.nix b/docker.nix
index 825ffff4f..fff9672b2 100644
--- a/docker.nix
+++ b/docker.nix
@@ -176,11 +176,17 @@ let
     "${k}:x:${toString gid}:${lib.concatStringsSep "," members}";
   groupContents = (lib.concatStringsSep "\n" (lib.attrValues (lib.mapAttrs groupToGroup groups)));
 
-  nixConfContents =
-    pkgs.dockerTools.nixConf
-    {
-      build-users-group = "nixbld";
-    };
+  toConf = with pkgs.lib.generators; toKeyValue {
+    mkKeyValue = mkKeyValueDefault {
+      mkValueString = v: if lib.isList v then lib.concatStringsSep " " v else mkValueStringDefault { } v;
+    } " = ";
+  };
+
+  nixConfContents = toConf {
+    sandbox = false;
+    build-users-group = "nixbld";
+    trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ];
+  };
 
   userHome = if uid == 0 then "/root" else "/home/${uname}";