2025-02-04 12:45:47 +01:00
|
|
|
# Keys
|
|
|
|
|
|
|
|
|
|
This directory contains the SSH public keys of both contributors to the projects
|
|
|
|
|
and systems that we administrate. Keys are used both for [secrets](../secrets)
|
|
|
|
|
decryption and [infra](../infra) management.
|
|
|
|
|
|
|
|
|
|
Which private keys can be used to decrypt secrets is defined in
|
|
|
|
|
[`secrets.nix`](../secrets/secrets.nix) as _all the contributors_ as well as the
|
|
|
|
|
specific systems that need access to the secret in question. Adding a
|
|
|
|
|
contributor of system's key to a secret requires rekeying the secret, which can
|
|
|
|
|
only be done by some key that had already access to it. (Alternatively, one can
|
|
|
|
|
overwrite a secret without knowing its contents.)
|
|
|
|
|
|
|
|
|
|
In infra management, the systems' keys are used for security reasons; they
|
|
|
|
|
identify the machine that we are talking to. The contributor keys are used to
|
|
|
|
|
give access to the `root` user on these machines, which allows, among other
|
|
|
|
|
things, to deploy their configurations with NixOps4.
|
|
|
|
|
|
|
|
|
|
## Adding a contributor
|
|
|
|
|
|
|
|
|
|
Adding a contributor consists of three steps:
|
|
|
|
|
|
|
|
|
|
1. The contributor in question adds a file with their key to the
|
|
|
|
|
`./contributors` directory, and opens a pull request with it.
|
|
|
|
|
|
2025-02-10 15:05:21 +01:00
|
|
|
2. An already-existing contributor uses their keys to [re-key the secrets](../secrets#adding-a-contributor), taking that new key into
|
|
|
|
|
account.
|
2025-02-04 12:45:47 +01:00
|
|
|
|
2025-02-10 15:05:21 +01:00
|
|
|
3. An already-existing contributor redeploys the [infrastructure](../infra) to take into
|
|
|
|
|
account the new access.
|
2025-02-04 12:45:47 +01:00
|
|
|
|
|
|
|
|
4. The pull request is accepted and merged.
|
