Fediversity/keys/README.md

# Keys

This directory contains the SSH public keys of both contributors to the projects
and systems that we administrate. Keys are used both for [secrets](../secrets)
decryption and [infra](../infra) management.

Which private keys can be used to decrypt secrets is defined in
[`secrets.nix`](../secrets/secrets.nix) as _all the contributors_ as well as the
specific systems that need access to the secret in question. Adding a
contributor of system's key to a secret requires rekeying the secret, which can
only be done by some key that had already access to it. (Alternatively, one can
overwrite a secret without knowing its contents.)

In infra management, the systems' keys are used for security reasons; they
identify the machine that we are talking to. The contributor keys are used to
give access to the `root` user on these machines, which allows, among other
things, to deploy their configurations with NixOps4.

## Adding a contributor

Adding a contributor consists of three steps:

1. The contributor in question adds a file with their key to the
   `./contributors` directory, and opens a pull request with it.

2. An already-existing contributor rekeys the secrets, taking that new key into
   account. See [../secrets#adding-a-contributor].

3. An already-existing contributor redeploys the infrastructure to take into
   account the new access. See [../infra].

4. The pull request is accepted and merged.
Document adding a contributor 2025-02-04 12:45:47 +01:00			`# Keys`

			`This directory contains the SSH public keys of both contributors to the projects`
			`and systems that we administrate. Keys are used both for [secrets](../secrets)`
			`decryption and [infra](../infra) management.`

			`Which private keys can be used to decrypt secrets is defined in`
			[`secrets.nix`](../secrets/secrets.nix) as _all the contributors_ as well as the
			`specific systems that need access to the secret in question. Adding a`
			`contributor of system's key to a secret requires rekeying the secret, which can`
			`only be done by some key that had already access to it. (Alternatively, one can`
			`overwrite a secret without knowing its contents.)`

			`In infra management, the systems' keys are used for security reasons; they`
			`identify the machine that we are talking to. The contributor keys are used to`
			give access to the `root` user on these machines, which allows, among other
			`things, to deploy their configurations with NixOps4.`

			`## Adding a contributor`

			`Adding a contributor consists of three steps:`

			`1. The contributor in question adds a file with their key to the`
			`./contributors` directory, and opens a pull request with it.

			`2. An already-existing contributor rekeys the secrets, taking that new key into`
			`account. See [../secrets#adding-a-contributor].`

			`3. An already-existing contributor redeploys the infrastructure to take into`
			`account the new access. See [../infra].`

			`4. The pull request is accepted and merged.`