diff --git a/lib/default.nix b/lib/default.nix
index 07fe91e..99b2785 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -5,6 +5,8 @@ let
 in
 
 trivial // (with trivial; rec {
+  recursiveFuse = builtins.foldl' lib.recursiveUpdate { };
+
   mkImport = root: file:
     let path = mkRel root file; in
     path + (lib.optionalString (!lib.pathIsDirectory path) ".nix");
@@ -19,4 +21,14 @@ trivial // (with trivial; rec {
   getAllKeys = names: builtins.concatLists (builtins.map getKeys names);
 
   getKeyFiles = builtins.map (compose (n: "${n}.keys") (mkRel ../keys));
+
+  getNodeKeys = node:
+    let
+      meta = import ../meta;
+      names = builtins.foldl'
+        (names: group: names ++ meta.members.groups.${group})
+        (meta.nodes.${node}.admins ++ [ "/machines/${node}" ])
+        (meta.nodes.${node}.adminGroups ++ [ "root" ]);
+    in
+    getAllKeys names;
 })
diff --git a/lib/trivial.nix b/lib/trivial.nix
index 1ba84d5..075a99f 100644
--- a/lib/trivial.nix
+++ b/lib/trivial.nix
@@ -27,6 +27,8 @@ rec {
 
   mapSingleFuse = f: mapFuse (x: singleAttr x (f x));
 
+  setDefault = default: mapFuse (name: { ${name} = default; });
+
   /* Creates a relative path as a string
 
      Example:
@@ -36,4 +38,8 @@ rec {
   mkRel = path: file: path + "/${file}";
 
   compose = f: g: (x: g (f x));
+
+  mkBaseSecrets = root: mapFuse (secret: { ${secret}.file = mkRel root secret; });
+
+  getSecrets = dir: builtins.attrNames (import (mkRel dir "secrets.nix"));
 }