Fix pure eval and harden nix script bootstrap

hosts/nix-cache/configuration.nix

@@ -8,26 +8,16 @@
   imports =
     [ # Include the results of the hardware scan.
       ../../common/configuration.nix
+      ../../modules/nix/cache-server.nix
     ];
 
   networking.hostName = "nix-cache"; # Define your hostname.
 
-  services.nix-serve.enable = true;
-  services.nix-serve.secretKeyFile = "/etc/nix/cache-priv.pem";
-
-  services.nginx = {
-    enable = true;
-    recommendedProxySettings = true;
-    virtualHosts."cache.local" = {
-      locations."/".proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
-    };
-  };
 services.prometheus.exporters.node = {
   enable = true;
   openFirewall = true;
 };
 
-  networking.firewall.allowedTCPPorts = [ config.services.nginx.defaultHTTPListenPort ];
   # Open ports in the firewall.
 #  networking.firewall.allowedTCPPorts = [ 80 8080 443 ];
   # networking.firewall.allowedUDPPorts = [ ... ];