21 lines
1.1 KiB
Nix
21 lines
1.1 KiB
Nix
let
|
|
pubkeysFor = directory: let
|
|
instances = builtins.attrNames (builtins.readDir directory);
|
|
instancesWithPubkey = builtins.filter (i: builtins.pathExists (directory + "/${i}/ssh.pub")) instances;
|
|
in
|
|
builtins.listToAttrs (map (i: { name = i; value = builtins.readFile (directory + "/${i}/ssh.pub"); }) instancesWithPubkey);
|
|
|
|
users = pubkeysFor ./users;
|
|
hosts = pubkeysFor ./hosts;
|
|
|
|
secretsForHost = hostname: let
|
|
secretsFiles = builtins.attrNames (builtins.readDir (./hosts + "/${hostname}/secrets"));
|
|
listOfSecrets = builtins.filter (i: (builtins.stringLength i) > 4 && builtins.substring ((builtins.stringLength i) - 4) (builtins.stringLength i) i == ".age") secretsFiles;
|
|
in
|
|
if builtins.pathExists (./hosts + "/${hostname}/secrets") && builtins.pathExists (./hosts + "/${hostname}/ssh.pub") then
|
|
map (secret: { name = "hosts/${hostname}/secrets/${secret}"; value = { publicKeys = [ users.clerie hosts."${hostname}" ]; }; }) (listOfSecrets ++ [ "new" ])
|
|
else
|
|
[];
|
|
in
|
|
builtins.listToAttrs (builtins.concatMap (hostname: secretsForHost hostname) (builtins.attrNames (builtins.readDir ./hosts)))
|