federez/nix
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix/secrets/secrets.nix
Ryan Lahfa 0355dd4b80 admins: enroll Tom Hubrecht 
Tom Hubrecht est un sysadmin / membre d'honneur de la DGNum, membre du CA d'AliENS.

Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
2024-02-14 21:10:57 +01:00

26 lines
1.3 KiB
Nix
Raw Blame History

let
readKeyFile = keyFile: builtins.filter (x: x != [] && x != "") (builtins.split "\n" (builtins.readFile keyFile));
estragon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBS1xp/2n5q4u4kDerkXQClnD1xeS6qrj0regbJwjktB root@estragon";
wagon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJqBgXGbnPPmDHrn05Fr3X66cmgP6zvnMtPL21d4ebfh root@wagon";
lagon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN8fiqJw9RvVVQghG0OVKsXAkBcWox4JsozfxToLAiIK root@lagon";
klingon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC/P58bPqi8yTl12jpP8oFcYG7S8j1WpfgqwZz+EuQqy root@kligon";
# Add yourself.
raito = readKeyFile ../pubkeys/raito.keys;
bensmrs = readKeyFile ../pubkeys/bensmrs.keys;
tomate = readKeyFile ../pubkeys/tomate.keys;
active-admins = raito ++ bensmrs ++ tomate;
matrix-admins = active-admins;
vaultwarden-admins = active-admins;
keycloak-admins = active-admins;
ldap-bind-admins = active-admins;
servers = [ estragon wagon lagon klingon ];
in
{
"matrix-shared-secret.age".publicKeys = [ estragon ] ++ matrix-admins;
"mautrix-telegram.age".publicKeys = [ estragon ] ++ matrix-admins;
"vaultwarden-secrets.age".publicKeys = [ wagon ] ++ vaultwarden-admins;
"keycloak-password-file.age".publicKeys = [ lagon ] ++ keycloak-admins;
"ldap-bind-password.age".publicKeys = servers ++ ldap-bind-admins;
}
Reference in a new issue View git blame Copy permalink