add inventory and move keys

2025-10-30 15:44:44 +08:00
parent 163d844af3
commit 2dd8d861d9
3 changed files with 28 additions and 17 deletions
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -1,19 +1,9 @@
 let
-  mbp-yadunut = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG yadunut";
-  penguin-yadunut = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOEg5wsPLOZvU6lT8cMUsStQqalh/Hw5u104QhOYPS8E yadunut@penguin";
-  users = [
-    mbp-yadunut
-    penguin-yadunut
-  ];
-
-  penguin-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF0NLOa9NNz7r3QODU0Oe/a5m+PFzcpM20aLwf+0wojT root@penguin";
-  gc2-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN2WBYhGKSXSYWwISsY1osfliVSS9J+W6uHBid5i2qey root@nut-gc2";
-  systems = [
-    penguin-host
-    gc2-host
-  ];
+  inv = import ../inventory.nix;
+  users = builtins.attrValues inv.userKeys;
+  systems = builtins.map (n: n.sshHostKey) (builtins.attrValues inv.nodes);
 in
 {
  "k3s.age".publicKeys = users ++ systems;
-  "btrbk-keyfile.age".publicKeys = systems ++ [ mbp-yadunut ];
+  "btrbk-keyfile.age".publicKeys = systems ++ [ inv.userKeys.yadunut ];
 }