From 07a6858fd7ef6ea6794cc37323d7c9cf1162d5b6 Mon Sep 17 00:00:00 2001
From: seth <getchoo@tuta.io>
Date: Sun, 19 Nov 2023 05:19:05 -0500
Subject: secrets: reorganize & rekey

---
 secrets/toSecrets.nix | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 secrets/toSecrets.nix

(limited to 'secrets/toSecrets.nix')

diff --git a/secrets/toSecrets.nix b/secrets/toSecrets.nix
new file mode 100644
index 0000000..3d495c6
--- /dev/null
+++ b/secrets/toSecrets.nix
@@ -0,0 +1,25 @@
+hosts: let
+  optional = attrset: val:
+    if attrset ? ${val}
+    then [attrset.${val}]
+    else [];
+
+  mkPubkeys = host: optional host "pubkey" ++ optional host "owner";
+
+  op = acc: host:
+    acc
+    // (
+      builtins.listToAttrs (
+        map (
+          file: {
+            name = "${host}/${file}";
+            value = {
+              publicKeys = mkPubkeys hosts.${host};
+            };
+          }
+        )
+        hosts.${host}.files
+      )
+    );
+in
+  builtins.foldl' op {} (builtins.attrNames hosts)
-- 
cgit v1.2.3