From 192ba49f7cd0fe4fee797d24041ca261877c7cf0 Mon Sep 17 00:00:00 2001
From: Raito Bezarius <masterancpp@gmail.com>
Date: Sun, 6 Oct 2024 11:21:43 +0200
Subject: [PATCH] fix(secrets): lists of lists are wrong, prepend the globals

Otherwise, I won't be in the list.

This adds the active infra core members of Lix as well.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
---
 secrets.nix | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/secrets.nix b/secrets.nix
index 417e9ba..ab40910 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -2,9 +2,11 @@ let
   keys = import common/ssh-keys.nix;
 
   commonKeys = {
-    global = [ keys.users.raito ];
-    lix = [ keys.users.jade ];
-    floral = [ keys.users.delroth ];
+    # WARNING: `keys.users.*` are *lists*, so you need concatenate them, don't put them into lists!
+    # Otherwise, agenix will be confused!
+    global = keys.users.raito;
+    lix = keys.users.hexchen ++ keys.users.jade;
+    floral = keys.users.delroth;
   };
 
   secrets = with keys; {
@@ -58,7 +60,7 @@ let
   mkSecretListFor = tenant:
     map (secretName: {
       name = "secrets/${tenant}/${secretName}.age";
-      value.publicKeys = secrets.${tenant}."${secretName}" ++ commonKeys.${tenant};
+      value.publicKeys = secrets.${tenant}."${secretName}" ++ commonKeys.global ++ commonKeys.${tenant};
     }) (builtins.attrNames secrets.${tenant});
 in
   builtins.listToAttrs (