26 lines
905 B
Nix
26 lines
905 B
Nix
let
|
|
inherit (import ../lib)
|
|
users
|
|
adminSSHKeys
|
|
attrsToList
|
|
getSSHKeys
|
|
;
|
|
|
|
tuxcord-ca = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPxiko5Csyq9UODglYzLBvRfxkhQu9GXP7SH2BpC8G/7";
|
|
in
|
|
{
|
|
"ntfy.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
|
|
|
|
# tsig-keygen etc.sub.domain.tld.
|
|
"dns/tuxcord.net/tuxcord.net.key.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
|
|
"dns/nix.tuxcord.net/nix.tuxcord.net.key.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
|
|
"dns/tuxcord.test/tuxcord.test.key.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
|
|
"dns/tuxcord.test/sub.tuxcord.test.key.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
|
|
}
|
|
// builtins.listToAttrs (
|
|
map (user: {
|
|
name = "dns/tuxcord.net/${user.name}.tuxcord.net.key.age";
|
|
value.publicKeys = [ tuxcord-ca ] ++ getSSHKeys user.name;
|
|
}) (builtins.filter (user: user.value.options.ddns or false) (attrsToList users))
|
|
)
|