much nicer secret management for the user

2025-10-07 13:22:31 +02:00 · 2025-10-07 13:22:31 +02:00 · bc35b7bc8c
commit bc35b7bc8c
parent 102b259832
1 changed files with 13 additions and 8 deletions
--- a/secrets.nix
+++ b/secrets.nix
@ -8,11 +8,16 @@ let
  systems = [luna solis terra];

  all = [horseman] ++ systems;
-in {
-  "secrets/wifi.age".publicKeys = all;
-  "secrets/ssh/id_personal.age".publicKeys = all;
-  "secrets/ssh/id_personal.pub.age".publicKeys = all;
-  "secrets/ssh/id_github.age".publicKeys = all;
-  "secrets/ssh/id_github.pub.age".publicKeys = all;
-  "secrets/ssh/config.age".publicKeys = all;
-}
+
+  secrets = [
+    "wifi"
+    "tailscale"
+    "ssh/id_personal"
+    "ssh/id_personal.pub"
+    "ssh/id_github"
+    "ssh/id_github.pub"
+    "ssh/config"
+  ];
+  attrs = (map (secret: {"secrets/${secret}.age".publicKeys = all;}) secrets);
+
+in builtins.foldl' (acc: curr: acc // curr) {} attrs