let readKeyFile = keyFile: builtins.filter (x: x != [] && x != "") (builtins.split "\n" (builtins.readFile keyFile)); estragon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBS1xp/2n5q4u4kDerkXQClnD1xeS6qrj0regbJwjktB root@estragon"; wagon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJqBgXGbnPPmDHrn05Fr3X66cmgP6zvnMtPL21d4ebfh root@wagon"; lagon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN8fiqJw9RvVVQghG0OVKsXAkBcWox4JsozfxToLAiIK root@lagon"; klingon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC/P58bPqi8yTl12jpP8oFcYG7S8j1WpfgqwZz+EuQqy root@kligon"; aragon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBUDEhYDtCLI4ypIXhimPjleiGUI3lOTv5LntzNEPM1p root@aragon"; pendragon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILrJwgqLnGuUpUFacXLphiu8vUthVD4mA4a3Uytl5eSD root@pendragon"; perdrigon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIChtLzQ2YhAzJWFhuq4rdenxMFCNGD00PTwmmyjE8PM0 root@perdrigon"; martagon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINX93idUkaicbyQMOS6EurPdzHpxeza1z7vP6n3+W+mK root@martagon"; vogon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN4ScFlg1WgXiSOwP0DZRuJ4/BwTsHapDTR1U7/+xQT7 root@vogon"; jargon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUv3EWs6ojOzl3JPviqB//o5rdfPQzeTYjx4TzxuNSi root@jargon"; niangon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIQCIOv4Eb7ofeQgaABZXxDYXOWXRjSJPA9I+XlcqPrF root@niangon"; # Add yourself. raito = readKeyFile ../pubkeys/raito.keys; bensmrs = readKeyFile ../pubkeys/bensmrs.keys; tomate = readKeyFile ../pubkeys/tomate.keys; jeltz = readKeyFile ../pubkeys/jeltz.keys; asyncnomi = readKeyFile ../pubkeys/asyncnomi.keys; active-admins = raito ++ bensmrs ++ tomate ++ jeltz ++ asyncnomi; matrix-admins = active-admins; vaultwarden-admins = active-admins; keycloak-admins = active-admins; ldap-bind-admins = active-admins; discourse-admins = active-admins; wg-admins = active-admins; indico-admins = active-admins; grafana-admins = active-admins; alertbot-admins = active-admins; gitlab-admins = active-admins; backups-admins = active-admins; mail-admins = active-admins; servers = [ estragon wagon lagon klingon aragon pendragon vogon perdrigon martagon jargon niangon ]; in { "matrix-shared-secret.age".publicKeys = [ estragon ] ++ matrix-admins; "mautrix-telegram.age".publicKeys = [ estragon ] ++ matrix-admins; "vaultwarden-secrets.age".publicKeys = [ wagon ] ++ vaultwarden-admins; "keycloak-password-file.age".publicKeys = [ lagon ] ++ keycloak-admins; "ldap-bind-password.age".publicKeys = servers ++ ldap-bind-admins; "discourse-key-base.age".publicKeys = [ pendragon ] ++ discourse-admins; "discourse-mail-password.age".publicKeys = [ pendragon ] ++ discourse-admins; "indico-ldap-bind-password.age".publicKeys = [ perdrigon ] ++ indico-admins; "indico-secret-key.age".publicKeys = [ perdrigon ] ++ indico-admins; "indico-mail-password.age".publicKeys = [ perdrigon ] ++ indico-admins; "grafana-admin-password.age".publicKeys = [ martagon ] ++ grafana-admins; "grafana-secret-key.age".publicKeys = [ martagon ] ++ grafana-admins; "vogon-wg-infra-key.age".publicKeys = [ vogon ] ++ wg-admins; "grafana-ldap-bind-password.age".publicKeys = [ martagon ] ++ grafana-admins; "alertbot-matrix-password.age".publicKeys = [ martagon ] ++ alertbot-admins; "gitlab-secret.age".publicKeys = [ aragon ] ++ gitlab-admins; "gitlab-otp-secret.age".publicKeys = [ aragon ] ++ gitlab-admins; "gitlab-db-secret.age".publicKeys = [ aragon ] ++ gitlab-admins; "gitlab-jws-secret.age".publicKeys = [ aragon ] ++ gitlab-admins; "gitlab-db-password.age".publicKeys = [ aragon ] ++ gitlab-admins; "gitlab-initial-root-password.age".publicKeys = [ aragon ] ++ gitlab-admins; "gitlab-ldap-password.age".publicKeys = [ aragon ] ++ gitlab-admins; "borgmatic-passphrase.age".publicKeys = servers ++ backups-admins; "acme-jargon.age".publicKeys = [ jargon ] ++ mail-admins; }