581fa6b560
All checks were successful
build configuration / build_vault01 (push) Successful in 1m5s
build configuration / build_web02 (push) Successful in 1m6s
build configuration / build_compute01 (push) Successful in 1m11s
build configuration / build_storage01 (push) Successful in 1m10s
lint / check (push) Successful in 24s
build configuration / build_web01 (push) Successful in 1m33s
build configuration / build_rescue01 (push) Successful in 49s
33 lines
719 B
Nix
33 lines
719 B
Nix
_:
|
|
|
|
let
|
|
sources = import ../npins;
|
|
|
|
lib = import sources.nix-lib {
|
|
inherit ((import sources.nixpkgs { })) lib;
|
|
|
|
keysRoot = ../keys;
|
|
};
|
|
|
|
meta = import ../meta lib;
|
|
|
|
inherit (lib.extra) getAllKeys;
|
|
in
|
|
|
|
lib.extra
|
|
// rec {
|
|
# Get publickeys associated to a node
|
|
getNodeKeys =
|
|
node:
|
|
let
|
|
names = builtins.foldl' (names: group: names ++ meta.organization.groups.${group}) (
|
|
meta.nodes.${node}.admins ++ [ "/machines/${node}" ]
|
|
) meta.nodes.${node}.adminGroups;
|
|
in
|
|
rootKeys ++ (getAllKeys names);
|
|
|
|
rootKeys = getAllKeys meta.organization.groups.root;
|
|
|
|
machineKeys =
|
|
rootKeys ++ (getAllKeys (builtins.map (n: "machines/${n}") (builtins.attrNames meta.nodes)));
|
|
}
|