DGNum/infrastructure
11
6
Fork 2
Code Issues 20 Pull requests 17 Projects 1 Releases Packages Wiki Activity Actions

feat(lib/keys): Add a function for nodeless secrets

Browse source
This commit is contained in:
Tom Hubrecht 2025-02-24 17:45:55 +01:00
parent 8e39d6bc1a
commit 6dc90315c5
Signed by: thubrecht
SSH key fingerprint: SHA256:r+nK/SIcWlJ0zFZJGHtlAoRwq1Rm+WcKAm5ADYMoQPc
2 changed files with 9 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/keys/default.nix
View file

@ -40,6 +40,8 @@ rec {
mkSecrets = nodes: setDefault { publicKeys = unique (builtins.concatMap getSecretKeys nodes); }; mkSecrets = nodes: setDefault { publicKeys = unique (builtins.concatMap getSecretKeys nodes); };
mkRootSecrets = setDefault { publicKeys = unique rootKeys; };
machineKeysBySystem = machineKeysBySystem =
system: system:
rootKeys rootKeys

15
modules/nixos/dgn-backups/keys/secrets.nix
View file

@ -2,11 +2,10 @@
# #
# SPDX-License-Identifier: EUPL-1.2 # SPDX-License-Identifier: EUPL-1.2
(import ../../../../keys.nix).mkSecrets (import ../../../../keys.nix).mkRootSecrets [
[ ] "compute01.key"
[ "storage01.key"
"compute01.key" "web01.key"
"storage01.key" "web02.key"
"web01.key" "web03.key"
"web03.key" ]
]