tuxcord/tuxcord.nix
8
2
Fork 1
Code Issues 13 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

agenix: import initial user dns keys

Browse Source
This commit is contained in:
Ryan
2026-05-03 18:28:35 -04:00
parent 82bbb02b58
commit 82c30ea31f
3 changed files with 24 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
agenix/dns/tuxcord.net/error.tuxcord.net.key.age
BIN
View File
Binary file not shown.
agenix/dns/tuxcord.net/javalsai.tuxcord.net.key.age
+7
View File
@@ -0,0 +1,7 @@
age-encryption.org/v1
-> ssh-ed25519 Wl2fDA 3CWPYLgoTMGb9gBbDzZIQxYJ9Gfm49g6lqQyqlegUDQ
ryhsPP5+Byus2e5GSXDJlKYX1o3HfQ87CLRv2htU4n4
-> ssh-ed25519 EiAAKw B2uGdkeC3OZISN2iH2DR1J7L3/mbuFvebzqaTdAURCw
ze0X/MmHP78rRqAn0O3VBtnMJsiOXPk8RIe82tdQMeg
--- kLBxPuJdbPmJ1Lz3iBu8EPItdZtpNHIyV6pz1QzhcUY
ä3ÛÿÉèŸP>gòh@­ö•AZ’üz-í6R€¸zèÚ¢[ÇÝÍòã¿y?•ÉŽUSNÝ©&ú#}ÝR+o?.B¶&´5]ÇW€OΉPuh‹½ŽÞ=t¶5|¿×“s×€ú&!­‰Î-æTÝSÆfÕ™-j"#žwzºš›ãjö¯“HŒí
agenix/secrets.nix
+17 -9
View File
@@ -1,17 +1,25 @@
let let
users = import ../lib/ssh/keys.nix; inherit (import ../lib)
users
adminSSHKeys
attrsToList
getSSHKeys
;
tuxcord-ca = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPxiko5Csyq9UODglYzLBvRfxkhQu9GXP7SH2BpC8G/7"; tuxcord-ca = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPxiko5Csyq9UODglYzLBvRfxkhQu9GXP7SH2BpC8G/7";
in in
{ {
"ntfy.age".publicKeys = [ tuxcord-ca ] ++ builtins.attrValues users; "ntfy.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
# tsig-keygen etc.sub.domain.tld. # tsig-keygen etc.sub.domain.tld.
"dns/tuxcord.net/tuxcord.net.key.age".publicKeys = [ tuxcord-ca ] ++ [ users.error users.javalsai ]; "dns/tuxcord.net/tuxcord.net.key.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
# "dns/tuxcord.net/XXX.tuxcord.net.key.age".publicKeys = [ tuxcord-ca ] ++ [ users.XXX ]; "dns/nix.tuxcord.net/nix.tuxcord.net.key.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
"dns/tuxcord.test/tuxcord.test.key.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
"dns/tuxcord.test/tuxcord.test.key.age".publicKeys = [ tuxcord-ca ] ++ builtins.attrValues users; "dns/tuxcord.test/sub.tuxcord.test.key.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
"dns/tuxcord.test/sub.tuxcord.test.key.age".publicKeys = [ tuxcord-ca ] ++ builtins.attrValues users;
"dns/nix.tuxcord.net/nix.tuxcord.net.key.age".publicKeys = [ tuxcord-ca ] ++ builtins.attrValues users;
} }
// builtins.listToAttrs (
map (user: {
name = "dns/tuxcord.net/${user.name}.tuxcord.net.key.age";
value.publicKeys = [ tuxcord-ca ] ++ getSSHKeys user.name;
}) (builtins.filter (user: user.value.ddns or false) (attrsToList users))
)