nixos-config/modules/pubkeys.nix
Simon Bruder 10b8d432d5
Relicense
This applies the REUSE specification to the repository, so the licensing
information can be tracked for every file individually.
2024-01-13 14:39:22 +01:00

38 lines
1.9 KiB
Nix

# SPDX-FileCopyrightText: 2020-2022 Simon Bruder <simon@sbruder.de>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
{ config, lib, ... }:
let
cfg = config.sbruder.pubkeys;
in
{
options.sbruder.pubkeys = {
keys = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
description = "Known public keys that can be used in the configuration";
default = {
"simon@hitagi" = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1kQUoPII8A9/bgPA+OrZGQLPA8MxkdmPSCCsfGMh9qRZfF7BSD8W6VdE/28tLw+39QeUl1+/9VuVvGjZBP1zBAbKIcKx4DjtgxpNXCsfWMjXFtpTGk2dyl71CaY5n72YlADxXYwtEvuwfNixgE2yTCefMbBsfwqYC0GZGiDlFtjxdg+RuUC8jU++C+WFUFct9gj9ieQ0LWjud+Oh0AF0JhyGnou+wVZIIO8mwo7Cc5xiPldXhbc13XiNC3mpNGCLFj+nh1feazk8TeAVDBps6xaDkOd+hDwTBQh8LoimePK7MiShzLvC38Vd/sim5ym/IqY634CjqBDGCMp1KXnqHUTT8CqeifMv10+aRJKUPevVkO3nEE3VoSPt7Ui9ZzLnL4qhZyygoBau+PvD2WCWm+gRwBkvU1uNrYKi4HIGhB/gXcYHKJimqJwLMyqG5Wv1jfuhn3ZZN+uNqTgdAznGgPRU1Q/Mx6nMEDiQip78qdYEc0YGwdb/TldEL6aHRjuNuZPpTW+zakQHiQTRb/0VdZT1bAwyT9yL0Uf40h706Kh/pKiSQ1yq1dlSdl3RlfedbqLqGjspds1iRSrSXyH2MBghPbz/SF7Vt4LW/tXF0rcyV7CU98ZvxJDWeN60OE0vPf/AT5udYyfPO1691y0F8jGKxGYYPg9R/Y5o7J24PbQ==";
"simon@mayushii" = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJ7qUGZUjiDhQ6Se+aXr9DbgRTG2tx69owqVMkd2bna";
"simon@nunotaba" = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILcOt4mAwIuAGMfRdfeoGX4UFkQDhkbihJcsAgG7JE/j";
};
};
trustedNames = lib.mkOption {
type = lib.types.listOf lib.types.str;
description = "Names of trusted public keys, used to generate <literal>sbruder.pubkeys.trustedKeys</literal>";
default = [
"simon@hitagi"
"simon@mayushii"
"simon@nunotaba"
];
};
trustedKeys = lib.mkOption {
type = lib.types.listOf lib.types.str;
description = "Trusted public keys, automatically generated from <literal>sbruder.pubkeys.trustedNames</literal>";
default = map
(name: cfg.keys."${name}")
cfg.trustedNames;
};
};
}