2023-09-04 21:36:31 +02:00
|
|
|
let
|
|
|
|
|
keys = import ../keys.nix;
|
|
|
|
|
adminsKeys = builtins.attrValues keys.admins;
|
|
|
|
|
hut = [ keys.hosts.hut ] ++ adminsKeys;
|
|
|
|
|
# Only expose ceph keys to safe nodes and admins
|
2023-09-08 19:01:57 +02:00
|
|
|
safe = keys.hostGroup.safe ++ adminsKeys;
|
2023-09-04 21:36:31 +02:00
|
|
|
in
|
|
|
|
|
{
|
2023-09-28 14:11:30 +02:00
|
|
|
"gitlab-bsc-es-token.age".publicKeys = hut;
|
2024-04-26 16:52:52 +02:00
|
|
|
"gitea-runner-token.age".publicKeys = hut;
|
2023-09-04 21:36:31 +02:00
|
|
|
"ovni-token.age".publicKeys = hut;
|
|
|
|
|
"nosv-token.age".publicKeys = hut;
|
2023-09-12 12:19:43 +02:00
|
|
|
"nix-serve.age".publicKeys = hut;
|
2024-05-02 17:54:09 +02:00
|
|
|
"jungle-robot-password.age".publicKeys = hut;
|
2023-09-04 21:36:31 +02:00
|
|
|
|
2023-09-08 19:01:57 +02:00
|
|
|
"ceph-user.age".publicKeys = safe;
|
|
|
|
|
"munge-key.age".publicKeys = safe;
|
2023-09-04 21:36:31 +02:00
|
|
|
}
|
