feat(meta): Add more assertions

meta/options.nix

@@ -333,6 +333,8 @@ in
 
       membersExists = nameExists members;
       groupsExists = nameExists groups;
+
+      extract = name: builtins.mapAttrs (_: builtins.getAttr name);
     in
     {
       assertions = builtins.concatLists [
@@ -342,14 +344,35 @@ in
         ) org.groups)
 
         # Check that all node admins exist
-        (membersExists (name: "A member of the ${name} admins was not found in the members list.") (
+        (membersExists (name: "A member of the node ${name} admins was not found in the members list.") (
-          builtins.mapAttrs (_: builtins.getAttr "admins") config.nodes
+          extract "admins" config.nodes
         ))
 
         # Check that all node adminGroups exist
-        (groupsExists (name: "A member of the ${name} adminGroups was not found in the groups list.") (
+        (groupsExists (name: "A member of the node ${name} adminGroups was not found in the groups list.") (
-          builtins.mapAttrs (_: builtins.getAttr "adminGroups") config.nodes
+          extract "adminGroups" config.nodes
         ))
+
+        # Check that all services admins exist
+        (membersExists (name: "A member of the service ${name} admins was not found in the members list.") (
+          extract "admins" org.services
+        ))
+
+        # Check that all services adminGroups exist
+        (groupsExists (
+          name: "A member of the service ${name} adminGroups was not found in the groups list."
+        ) (extract "adminGroups" org.services))
+
+        # Check that all external services admins exist
+        (membersExists (
+          name: "A member of the external service ${name} admins was not found in the members list."
+        ) org.external)
+
+        # Check that all members have a keyFile
+        (builtins.map (name: {
+          assertion = builtins.pathExists "${builtins.toString ../keys}/${name}.keys";
+          message = "No ssh keys file found for ${name}.";
+        }) members)
       ];
     };
 }