let pkgs = import { system = builtins.currentSystem; }; inherit (builtins) attrValues; inherit (pkgs.lib.attrsets) concatMapAttrs; keys = import ../keys; contributors = attrValues keys.contributors; in concatMapAttrs (name: systems: { "${name}.age".publicKeys = contributors ++ systems; }) ( with keys.systems; ############################################################################## ## File name <-> system host keys mapping ## ## This attribute set defines precisely which secrets exist and which systems ## are able to decrypt them. { forgejo-database-password = [ vm02116 ]; forgejo-email-password = [ vm02116 ]; forgejo-runner-token = [ vm02179 vm02186 ]; } )