Admin module: integrate with clan app

pkgs/clan-cli/clan_cli/__init__.py

@@ -5,12 +5,12 @@ from pathlib import Path
 from types import ModuleType
 
 # These imports are unused, but necessary for @API.register to run once.
-from clan_cli.api import directory, disk, mdns_discovery, modules
+from clan_cli.api import admin, directory, disk, mdns_discovery, modules
 from clan_cli.arg_actions import AppendOptionAction
 from clan_cli.clan import show, update
 
 # API endpoints that are not used in the cli.
-__all__ = ["directory", "mdns_discovery", "modules", "update", "disk"]
+__all__ = ["directory", "mdns_discovery", "modules", "update", "disk", "admin"]
 
 from . import (
     backups,

pkgs/clan-cli/clan_cli/api/admin.py

@@ -23,7 +23,10 @@ def get_admin_service(base_url: str) -> ServiceAdmin | None:
 
 @API.register
 def set_admin_service(
-    base_url: str, allowed_keys: list[str], instance_name: str = "admin"
+    base_url: str,
+    allowed_keys: dict[str, str],
+    instance_name: str = "admin",
+    extra_machines: list[str] = [],
 ) -> None:
     """
     Set the admin service of a clan
@@ -34,20 +37,20 @@ def set_admin_service(
     if not allowed_keys:
         raise ValueError("At least one key must be provided to ensure access")
 
-    keys = []
-    for keyfile in allowed_keys:
+    keys = {}
+    for name, keyfile in allowed_keys.items():
         if not keyfile.startswith("/"):
             raise ValueError(f"Keyfile '{keyfile}' must be an absolute path")
         with open(keyfile) as f:
             pubkey = f.read()
-            keys.append(pubkey)
+            keys[name] = pubkey
 
     instance = ServiceAdmin(
         meta=ServiceMeta(name=instance_name),
         roles=ServiceAdminRole(
             default=ServiceAdminRoleDefault(
                 config=AdminConfig(allowedKeys=keys),
-                machines=[],
+                machines=extra_machines,
                 tags=["all"],
             )
         ),

pkgs/clan-cli/clan_cli/inventory/classes.py

@@ -32,7 +32,7 @@ class Meta:
 
 @dataclass
 class AdminConfig:
-    allowedKeys: list[str] = field(default_factory = list)
+    allowedKeys: dict[str, str] | dict[str,Any] = field(default_factory = dict)
 
 
 @dataclass