the-distro/infra
9
0
Fork 5
Code Issues 39 Pull requests 8 Packages Projects 1 Releases Wiki Activity

fix(secrets): lists of lists are wrong, prepend the globals

Browse source 
Otherwise, I won't be in the list.

This adds the active infra core members of Lix as well.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
This commit is contained in:
raito 2024-10-06 11:21:43 +02:00
parent 9ad7e7b139
commit 192ba49f7c
1 changed files with 6 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
secrets.nix
View file

@ -2,9 +2,11 @@ let
keys = import common/ssh-keys.nix; keys = import common/ssh-keys.nix;
commonKeys = { commonKeys = {
global = [ keys.users.raito ]; # WARNING: `keys.users.*` are *lists*, so you need concatenate them, don't put them into lists!
lix = [ keys.users.jade ]; # Otherwise, agenix will be confused!
floral = [ keys.users.delroth ]; global = keys.users.raito;
lix = keys.users.hexchen ++ keys.users.jade;
floral = keys.users.delroth;
}; };
secrets = with keys; { secrets = with keys; {
@ -58,7 +60,7 @@ let
mkSecretListFor = tenant: mkSecretListFor = tenant:
map (secretName: { map (secretName: {
name = "secrets/${tenant}/${secretName}.age"; name = "secrets/${tenant}/${secretName}.age";
value.publicKeys = secrets.${tenant}."${secretName}" ++ commonKeys.${tenant}; value.publicKeys = secrets.${tenant}."${secretName}" ++ commonKeys.global ++ commonKeys.${tenant};
}) (builtins.attrNames secrets.${tenant}); }) (builtins.attrNames secrets.${tenant});
in in
builtins.listToAttrs ( builtins.listToAttrs (