DGNum/infrastructure
12
6
Fork 3
Code Issues 16 Pull requests 11 Projects 1 Releases Packages Wiki Activity Actions

fix(keys): Add nixosMachineKeys
All checks were successful
Check meta / check_dns (pull_request) Successful in 18s
Details
Check meta / check_meta (pull_request) Successful in 18s
Details
Check workflows / check_workflows (pull_request) Successful in 26s
Details
Run pre-commit on all files / pre-commit (push) Successful in 43s
Details
Build all the nodes / ap01 (pull_request) Successful in 1m11s
Details
Build all the nodes / bridge01 (pull_request) Successful in 2m0s
Details
Build all the nodes / geo02 (pull_request) Successful in 1m56s
Details
Build all the nodes / geo01 (pull_request) Successful in 2m11s
Details
Build all the nodes / hypervisor01 (pull_request) Successful in 1m49s
Details
Build all the nodes / compute01 (pull_request) Successful in 2m40s
Details
Build all the nodes / netcore02 (pull_request) Successful in 41s
Details
Build all the nodes / hypervisor02 (pull_request) Successful in 1m55s
Details
Build all the nodes / hypervisor03 (pull_request) Successful in 1m57s
Details
Build all the nodes / rescue01 (pull_request) Successful in 2m16s
Details
Build all the nodes / storage01 (pull_request) Successful in 2m16s
Details
Build all the nodes / tower01 (pull_request) Successful in 1m56s
Details
Build all the nodes / vault01 (pull_request) Successful in 1m59s
Details
Run pre-commit on all files / pre-commit (pull_request) Successful in 36s
Details
Build all the nodes / web01 (pull_request) Successful in 2m29s
Details
Build all the nodes / web02 (pull_request) Successful in 1m40s
Details
Build all the nodes / web03 (pull_request) Successful in 1m51s
Details

Browse source 
This is needed for secret encryption since netconf and liminix machines
don't have an ssh key for now.
This commit is contained in:
sinavir 2024-12-22 11:47:04 +01:00
parent fc25d763d0
commit 9782c3b362
No known key found for this signature in database
3 changed files with 62 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
keys/default.nix
View file

@ -5,7 +5,9 @@
let
_sources = import ../npins;
meta = import ../meta (import _sources.nixpkgs { }).lib;
inherit (import _sources.nixpkgs { }) lib;
meta = import ../meta lib;
getAttr = flip builtins.getAttr;
@ -17,6 +19,7 @@ rec {
# If not, you will face an angry maintainer
_keys = {
# SSH keys of the nodes
ap01 = [ "" ];
bridge01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP5bS3iBXz8wycBnTvI5Qi79WLu0h4IVv/EOdKYbP5y7" ];
compute01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/YluSVS+4h3oV8CIUj0OmquyJXju8aEQy0Jz210vTu" ];
geo01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEl6Pubbau+usQkemymoSKrTBbrX8JU5m5qpZbhNx8p4" ];
@ -99,4 +102,8 @@ rec {
# List of 'machine' keys
machineKeys = rootKeys ++ (getKeys (builtins.attrNames meta.nodes));
nixosMachineKeys =
rootKeys
++ (getKeys (builtins.attrNames (lib.filterAttrs (_: v: v.nixpkgs.system == "nixos") meta.nodes)));
}

101
modules/nixos/dgn-records/__arkheon-token_file
View file

@ -1,50 +1,55 @@
age-encryption.org/v1
-> ssh-ed25519 jIXfPA YaucboAId6lgc1Y/jV6hLyovkJQnMBnKhJ2QWAci53U
Q8RUPu4GUC5QbzTROgL9xaG3BUWO1QU/q1p0/yimBQ0
-> ssh-ed25519 QlRB9Q y1tbd/81NoECRtKwOw41Tlls5y+WSu2jGmeOlC939VM
DT1zZgWJkkIWRWxzfu4VgiGpV8CioaDKnVemowH59N4
-> ssh-ed25519 r+nK/Q dDmGkZ3Y7xAzZGKvGIyIdhD+P0tkV6SMPx3UxphoTXo
tkanRbPfu3/cuMPoTrcWBlNcu6RmK+txif+9aIRLy+s
-> ssh-ed25519 jIXfPA Fg3/a46Mon39gTFeQkn0wtxbwsTzeBUNyEAaNHd27hQ
A78ImPc4lST6bAeBmWiWxoICV4JVCJVAmKuQJySerHs
-> ssh-ed25519 QlRB9Q P1C+ZzsB4oAWkwIq2zcaqoukMMo+yFwk9g6Al32fCWM
G+M9cYya5pX64/oEbvpvha2qbQg4y8frl1i18ZIG6fY
-> ssh-ed25519 r+nK/Q r4kctDRssAYznMRxHJqu7/GoBHyibP4xWdua6KYnpU0
l5KS9reXjT2P5iUCe0swZmK/m9Vg7VvtrK4L/TaEuAI
-> ssh-rsa krWCLQ
IZGpFoWjQuQzqkS2KbpVr+fP7NLPhyaxS4yQroVEkPEZnXx2c6eH3ul218zytZld
YRBCxiCtV6VfOB2N2QGuiK7YCGl6oUfN1DePy0jPrGKsnvWBitTuqzADiGQB7aSI
ie7GgblPpi4q3ovJPgf7Bs+Mi2dKW5hiD8Jnped7rEW7SEnESkQa3Cx22Ww/UYcW
9Uj7ZaDVVbP0ZWyc41HdoJwEnV6MYMRnXUJ/qrLMCIvRaYk8UdiCDgco+XxqAnbs
iyUqCvz8iVNsWbJxK+7jJHXp0dQJRciHzSGStIVRSGx4gvuXOGjsuBMjfwoq1XoR
5PE3BnP/atHZg3CkQcC2eA
-> ssh-ed25519 /vwQcQ WL0PdIIsSWzw+ar2QNXCp7Xs1NH9gUk2fSPskGC9o2I
+kHedFsYHgpsGfILtywJaIrTRj8HtHZvVyhtbRhKYC0
-> ssh-ed25519 0R97PA +G7wUHF6NJimsAxe6M9RVVTa3GLPoW1bhsgMsWXKNC8
i++lKoe8hFFb1rilkO9lcwBJujRqFsLGDOPvbaiz6Nw
-> ssh-ed25519 JGx7Ng o66YGXN0uMC2qZo1tVcEMOa4SwxNZaf4HvnGsgzlqjo
Tc4KMMrnJbybrNIkhEJz42PVHc3fVMFFSs96lKsEKCA
-> ssh-ed25519 5SY7Kg P8Xp9wVJDcPdj3uSiq0yLnLMDInMeFs6XX30VwlXWlg
uJfxXOZl8EX8fjRsHZ61JMKFpYksZJucZwVaRJs7qW8
-> ssh-ed25519 p/Mg4Q yUyxue7Oda0b+CjdF9VfUCliWyzXNOsVPH7OFoHzWCw
+zi+TSojvSc+VDXZG8XXSsTezxKRNC2XHc/hGGv4baM
-> ssh-ed25519 DqHxWQ 7Vnq/xidbguw/PkZPUOTHUBTe8/x4PvTjCusUe10jio
7Sl1MptpElvEA9VUj7JiVGuEWC0F3aA2rgYvfIchOB0
-> ssh-ed25519 tDqJRg udOCDV4/vszObNxcQhJ6iGiDkxgZlrBDyKt3MbibMx4
CDDd0LNCCdYvEww/h8q2z4f5QtjnL+kJsnPFtlbiD28
-> ssh-ed25519 9pVK7Q DXqkIewHGpUUDtL2ivAoFwY/HCjoQXjxoHGPGkuFfH0
JZ7xC2kdtnRNq8WADL2SNw/Ukezu1s4TuUbQnbP8L4o
-> ssh-ed25519 /BRpBQ 9j1+wzO733ej03ra8LQOkpOyvY63UCbO9sfT6bV6+zs
2F0UjpAqgCK5JS0y0kkHX30EV8JCcjhnJ1NkW06ww4w
-> ssh-ed25519 /x+F2Q wYchtMn7MCGllfiFwTrycdLEY3dl297ns26PHs7l320
feRd57Z5k6iJ71JRHud0wyYWo3O56q4rrYZt5y3aoqA
-> ssh-ed25519 +MNHsw FHfvx1FQWcsRlKrFF0SRcVZ+XG6LXBwIMcPCVeu/ZCg
w9fZGhZpEJHlf8JPcbWcNoAO9S06hi15LZxkv1dJUWk
-> ssh-ed25519 rHotTw QDcThfb0AJMQBfQDbbtqm6z7BGxC4/sBioprElUTXFA
2JOFoMLcVhMoGzZDDNOTL3PBWsqVnrFx8o/W/cWuzl0
-> ssh-ed25519 +mFdtQ tWg17VH1Q4gQj/1IK9yrxjw4kRPzsp4dDHFwDKYxvDE
9H4ohD3XN4Xtk15SsZQf5k0db+yIVcWp4EV5jKsZgHI
-> ssh-ed25519 0IVRbA rkMPsBgVEaiYtaBN5JzHNCPFYFKr/7dqoY+RX19+03o
baQK5t5sG8WabaCuMTZ2ZIfMTRH0jQU4l7JEyJ6H+LU
-> ssh-ed25519 IY5FSQ c1+2+CMJFMw/iF2XNx5ma28KhwdKKQ9dNC1nBvFz/B0
3AE1FQq+//dNIQfuW9BHcpfNbGn724Ydq7aJc95KmmY
-> ssh-ed25519 VQSaNw t9yLak0T7FO8hgGrPWFeR3Jw0D6cPxjR5LOIcMnAmgo
869SBp0nM5v/9+Xjib6rkmmelhTBfXcyuHiAXh08AWo
-> r32t]I\-grease ka<*
nkxH0w1aQ64
--- LlTR5EcQzCLJ5trkQcomW0+soQoec/IZZNW+g5dyOo0
M"ÏLm“õh]ñÖa£uq±ýÏ4ßÏ+ö“9;ФˆÇ-Z±L»¯H0o1»Eâ<>
g+zPwOWXgd06McsOCwo2QjAQF7B7t8oCf5eA5K79Om/X63VAqakts3ilwOt9SgZk
yQYa72TP67nyljLO4tPG7u/aKIBIwitGXIIYs+ZNLq9Q0ciWvzVAhsLsfi9yE7AF
I3tnL03fES2v5sbKes/JulBQl+87065YZr67TNWRY9f7a0XQZtfewP0vOxxfJsSy
RYBpztlzAGkaWXtqk2291x7yGhKsQWXmUhxx4KqyPs+KvFm1d4GglalFjhySzCkG
Rc7Flg1ukru3Bd1/fieOWpr3DyDBQ8pZyS4gIUYLB7xcy2t1JI/U3egTQTPBCSgy
PwoWgyQ7lGLRIarTMRa1JQ
-> ssh-ed25519 /vwQcQ FOpyMB3qDu3HpjqsH2VVpInqlvJlZD35y/XNf8RkSXU
ZUxuGbwH1XtE9Da+L7SjfoYinjq0cAwsHsDaz2u5Lrg
-> ssh-ed25519 0R97PA kphmpWyiMaxGmUAH4rvFUjtf0mvseVkPPBlMqKNE3lA
F1cgXiz2UjCHU0MeS5DryvOBtxW/1DIsjw28uQ1nd3A
-> ssh-ed25519 JGx7Ng ejW0Pf2cwsitmVLY8jJUaHZ/6Qhfxa7fnYWoaWYISWk
awOvJwkkFdXuc/ikZTX6512zG91FCi+0n7KaYrULO3E
-> ssh-ed25519 bUjjig 2Gw2h1bx0TRc6CmRjY8GPgtSHRs5rl/lg394JKiWBlA
yvltWHak7XMXBmBmlelE4pF5y1saRaQJmV5IUxzaPyo
-> ssh-ed25519 DqHxWQ gh/5iRZQbmbvwWGtah4b9MK3DNe4+UNiHoXPYnw0sEQ
z/nbwMWAjsBRAzTMSS/9dPzXe1st8mQWiUlZnVmtcCw
-> ssh-ed25519 tDqJRg 0GBbdUBhJxdCICdp6WtgXW2GXfQskuxanzucrKRoBns
AW0jVC8Y8lbhycDgLzPu40kQtgb7OI7fyycLldXknwc
-> ssh-ed25519 9pVK7Q +aOx8mN/HX4F7SdNdJZjMRWiy6SIhqFkWYIo+I24cTI
IQCd6tA+bUDlnW9JsxVE02EBKj38yYDybBe24PxXr68
-> ssh-ed25519 /BRpBQ 8UN2aIKUhi3JLhnOoOs38+a9qx+UhDnV5tYlWVF8d24
FkScXVvXdhFbDGs2Ks0BYfj9nJpAUVPz6OhX7vkOTmI
-> ssh-ed25519 t0vvHQ wDCpgqimo5goEB9Gj5/QGQ98nTEkKy/qHyxPg3NA6Ss
sielO8aAj9ke+nZL+F/zyMUzUPn1LjtKrSkAoMW6YYE
-> ssh-ed25519 E6cGqw zbwhYf2zKgjdymEjG0sVuqQQ/CgCDnSlT72OrAUFSiw
B70dyGna1SRXvf5SLJCiZGeBiXwS9nf3LPTBkG/3fGs
-> ssh-ed25519 EEPmeQ 06lIugc0LbiXVFwbV/6GKbSnlac0ROIVNmgS2Q9MM2A
KTUmdmSXZT2D4oQQpO1qNsdOn5sH70ameln6i7Itb+A
-> ssh-ed25519 +MNHsw OMAS3ud2K1+JGVytqHp9P/i+r4apcb91Dyc+tTudpQ8
V6T+VPSvRZ21nVtDeRkOsuP62bECSGcIm8vO3JADxVQ
-> ssh-ed25519 rHotTw JAc7ZlrFGL+DXq07YrmqY4lS5Pib31RoRTT6o7zJH04
Y1qLn6nWk7FfkrWIiBBd7BHHp5WXHTZfq734DMUlB74
-> ssh-ed25519 NaIdrw ZWfEZfhiXxkq6P6H2kbiVZiiPxH13Cehk+2ti9fYx08
gMlI5Da2cgP7m2pZnHpwJiA7BVVtZgNyZnPkYqhBYHQ
-> ssh-ed25519 +mFdtQ GZQpMTZySkDwDvzpWou8nfvAtYco/v4xF+YU7LYjAAI
deNceVs+tUxiQy2JHcoOd/w6KLYnxuDwrIPoVWJ66Vo
-> ssh-ed25519 0IVRbA S917NcJZ75oqjwGMMwknUFcHYJ2TCkEt331mpOZ5DxI
khoDidhLjy1wIs+qGAfx/qH+t4ROB71QeiiUmnpZ1s8
-> ssh-ed25519 IY5FSQ 2HjLcN2RK/dtAeHXUTu/Du4LiBH4SxpG0d6f7QCa61Y
ql6B8ZZzEaz+Czb0TRT8pF1KD7dhEv0XE9k9IJ9AgBo
-> ssh-ed25519 VQSaNw aAcXlRKzMgw847XeDTqnh+4XvApVIE183gJ2O42eohE
wndgsI85eDc+i+CBPmo2ym5koIvTMS9mOuWdLvLM3Qs
-> lm-grease -KjCZ 46y2wU x1
1iP6
--- MthoOm+rboJhFyo+SKFlPfwT9V3VeaKl5xQ2gs0W2ns
<>ÓÖ"b/‚éðÙ*ü}ýeÁ½g}âLšq
zGŠ~Q.í_àX{½ËìA ùþó²ëöË

2
modules/nixos/dgn-records/secrets.nix
View file

@ -2,4 +2,4 @@
#
# SPDX-License-Identifier: EUPL-1.2
{ __arkheon-token_file.publicKeys = (import ../../../keys).machineKeys; }
{ __arkheon-token_file.publicKeys = (import ../../../keys).nixosMachineKeys; }