From c2fbfef90fdbc918fb838694f942369265120520 Mon Sep 17 00:00:00 2001 From: Emery Hemingway Date: Sun, 16 Jan 2022 00:09:17 +0100 Subject: [PATCH] Reduce users to attrset of ssh keys --- config/c3d2.nix | 4 ++-- config/users/antrares.nix | 13 ---------- config/users/astro.nix | 18 -------------- config/users/default.nix | 44 ---------------------------------- config/users/emery.nix | 29 ---------------------- config/users/j03.nix | 18 -------------- config/users/k-ot.nix | 10 -------- config/users/marenz.nix | 25 ------------------- config/users/nek0.nix | 9 ------- config/users/poelzi.nix | 29 ---------------------- config/users/polygon.nix | 9 ------- config/users/sandro.nix | 26 -------------------- config/users/tboston.nix | 10 -------- config/users/windsleep.nix | 26 -------------------- flake.nix | 12 ++++++---- modules/c3d2.nix | 36 +++++++++++++++++++++++++++- {config => modules}/motd | 0 users.nix | 49 ++++++++++++++++++++++++++++++++++++++ 18 files changed, 93 insertions(+), 274 deletions(-) delete mode 100644 config/users/antrares.nix delete mode 100644 config/users/astro.nix delete mode 100644 config/users/default.nix delete mode 100644 config/users/emery.nix delete mode 100644 config/users/j03.nix delete mode 100644 config/users/k-ot.nix delete mode 100644 config/users/marenz.nix delete mode 100644 config/users/nek0.nix delete mode 100644 config/users/poelzi.nix delete mode 100644 config/users/polygon.nix delete mode 100644 config/users/sandro.nix delete mode 100644 config/users/tboston.nix delete mode 100644 config/users/windsleep.nix rename {config => modules}/motd (100%) create mode 100644 users.nix diff --git a/config/c3d2.nix b/config/c3d2.nix index 5c732439..d87fe629 100644 --- a/config/c3d2.nix +++ b/config/c3d2.nix @@ -93,14 +93,14 @@ in { }) ]; + c3d2.allUsersCanSshRoot = lib.mkDefault true; + networking.defaultGateway = lib.mkIf (!config.networking.useNetworkd) ( mkIfIsInHq "172.22.99.4" ); networking.domain = mkIfIsInHq "hq.c3d2.de"; - users.motd = lib.mkIf cfg.enableMotd (builtins.readFile ./motd); - networking.hosts = let getHost = hostName: builtins.getAttr hostName hostRegistry.hosts; diff --git a/config/users/antrares.nix b/config/users/antrares.nix deleted file mode 100644 index a21282ac..00000000 --- a/config/users/antrares.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ pkgs, ... }: - -let - keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDC6Io8mHskJhkUh+vaSo95pi1E/gAoesQ0v+s+7DCTgjpOkB+W6vdJ8U6rblFxrETaWFAIVfkg+I/ZYvNWqCAxu1iWXaZ3IEK2ZiP5Vg0HevAP0ratfIHw50V8wfsyA8/lLVGdpX76xqexdY3G1SYZUcedq6AqWx6FpyoKGVOL2+jlJhmxCoEYfOJe6HbTi02UtAw1qavaD2acvuLksHOiwRAq1+ijPo/OmU3LmaErheceiPC97Wn4H/a98HdnWXJ3AXZCpPzp784/gUxOd/fvKRQPv0Lza9dytmpkAVc9efLMAQZm60w9InpIY0VxJRu2iFDc6msMF/iJp1UXSJfk4hTxUvXL8rPXc4GYKDSQlWO4UXoKd2gZEmCdcsIN/re6VR1lJWcm4eKxI9zJAQRZDrYHZP3ALBJrBY+7pJUHGSB+jCdZ73zkvkiNWUHZ9Wwp4RvdFoCR9qT+AoDU2SMiBMn8/hNMZRUs6RKjUzzn2vhCbZh19QIDxivaFg3DOKq7CCI3XNR3M781MFdmeTXKBLnv2YEVXy5XDIMvucQaZIUoD14fSF2wnncuP9h0gs2H1zG7nQfMagGpE+ro56FO3rBQqfRzz/U528yuq8uf/6TD9u3jTu7ngZ0YpDvAwAh8yG3b2KGFbrcYc3N1zEQOz7IqKixmIt/f3VOOjQ3Yww== antrares@c3d2.de" - ]; -in { - users.users.antrares = { - isNormalUser = true; - extraGroups = [ "users" "wheel" ]; - openssh.authorizedKeys.keys = keys; - }; -} diff --git a/config/users/astro.nix b/config/users/astro.nix deleted file mode 100644 index d8e5225c..00000000 --- a/config/users/astro.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ pkgs, ... }: - -let - keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJJTSJdpDh82486uPiMhhyhnci4tScp5uUe7156MBC8 astro" - ]; -in { - - nix.trustedUsers = [ "astro" ]; - - users.users.astro = { - isNormalUser = true; - extraGroups = [ "users" "wheel" "kvm" "audio" "video" "adbusers" "camera" ]; - openssh.authorizedKeys.keys = keys; - }; - - nix.sshServe.keys = keys; -} diff --git a/config/users/default.nix b/config/users/default.nix deleted file mode 100644 index d7fe0a74..00000000 --- a/config/users/default.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ config, lib, pkgs, ... }: -with builtins; -let - userModules = let - userDir = readDir ./.; - filter = name: kind: name != "default.nix" && kind != "directory"; - in lib.filterAttrs filter userDir; - - import' = name: - lib.mkIf config.c3d2.users."${name}" - (import (./. + "/${name}.nix") { inherit config lib pkgs; }); - - userNames = let f = replaceStrings [ ".nix" ] [ "" ]; - in map f (attrNames userModules); - -in { - options.c3d2.users = let - f = name: { - inherit name; - value = lib.mkOption { - type = lib.types.bool; - default = false; - }; - }; - in listToAttrs (map f userNames); - - options.c3d2.allUsersCanSshRoot = lib.mkOption { - type = lib.types.bool; - default = true; - description = '' - Let all people in `lib/users/` login as root for deployment via SSH. - ''; - }; - - config = lib.mkMerge ([ { - users.users.root = lib.mkIf config.c3d2.allUsersCanSshRoot { - openssh = lib.mkMerge (map (name: - let - userConf = (import' name).content.users.users."${name}"; - in lib.optionalAttrs (userConf ? openssh) userConf.openssh - ) userNames); - }; - } ] ++ map import' userNames); -} diff --git a/config/users/emery.nix b/config/users/emery.nix deleted file mode 100644 index 284976b5..00000000 --- a/config/users/emery.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ pkgs, ... }: - -let - keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCqAXBEROEfldkHdUbF3TinBhfeX5l4DQ/5MAOhLh09avqCqcHY2FanZN+qmWpD695UZ71Cl+XF6Bj0KO7Rt4SAemvkEDPMBoidkt+ZjLsdnb8GVvbDhu/62JnqW9meYTN5GcjfmKMPDtKFbgSx9PPcjsDaO6LI/GWeyTz+EYQqwTdc7TKffjLXp6bREYLf0oKIBTvW9/oPCBI7ywYmyBaadFKrYSnujJbMejH91L+JN2fJoxjjhsGcRR78ottbjz4q6JxYjt9CG5oa7Lm60xdZkiiA3c4dMuHU9+EWGshjBKL1Fb9BafeAKhHobcs7UG8IVlqHRJC5VAGQlmus/fNagAArz9PnGW4MAOgg+yLjQJLLKqePBMsAsMHZ9XT+sqPyJfcai5dWynGXFP1B63C/oosVMkeZAlBIwDz/CmufpKBCJZXCfFoC3PotWsH/JT3ir/RSdtVHQ169CEgm+AUd7gjBuRwn6j2eBHcYkn0nCbQ93KLPlnYCLXzjByGved8= emery@fuji" - ]; -in { - - nix.trustedUsers = [ "emery" ]; - - programs = { - fish.enable = true; - tmux.enable = true; - }; - - users.users.emery = { - isNormalUser = true; - description = "Emery"; - extraGroups = [ "users" "wheel" ]; - hashedPassword = - "$6$ZgiLSFCQPW0DB0i$aPeZ9E62y2OvqRbNAEL.8IK30YgvyLy6UOitN6A.li.YmUrmYAh1ukB844MFp3KlTpYzi5e80hRIg1Vx1F0uO/"; - openssh.authorizedKeys.keys = keys; - shell = pkgs.fish; - }; - - users.users.root.openssh.authorizedKeys.keys = keys; - - nix.sshServe.keys = keys; -} diff --git a/config/users/j03.nix b/config/users/j03.nix deleted file mode 100644 index e841aa9e..00000000 --- a/config/users/j03.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ pkgs, ... }: - -let - keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDW+YfsFtRz1h/0ubcKU+LyGfxH505yUkbWa5VtRFNWF2fjTAYGj6o5M4dt+fv1h370HXvvOBtt8sIlWQgMsD10+9mvjdXWhTcpnYPx4yWuyEERE1/1BhItrog6XJKAedbCDpQQ+POoewouiHWVAUfFByPj5RXuE8zKUeIEkGev/QKrKTLnTcS8zFs/yrokf1qYYR571B3U8IPDjpV/Y1GieG3MSNaefIMCwAAup1gPkUA0XZ4A1L7NdEiUEHlceKVu9eYiWUM+wDRunBXnLHubeGyP8KmBA7PNKgml3WWRNTZjqNQk4u9Bl+Qea5eCkD8KI257EqgXYXy0QBWNyF8X j03@l302" - ]; -in { - - nix.trustedUsers = [ "j03" ]; - - users.users.j03 = { - isNormalUser = true; - extraGroups = [ "users" "wheel" ]; - openssh.authorizedKeys.keys = keys; - }; - - nix.sshServe.keys = keys; -} diff --git a/config/users/k-ot.nix b/config/users/k-ot.nix deleted file mode 100644 index 551e4fe6..00000000 --- a/config/users/k-ot.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ pkgs, ... }: { - users.users.k-ot = { - packages = with pkgs; [ screen tmux ]; - createHome = true; - isNormalUser = true; - uid = 1000; - extraGroups = [ "audio" ]; - password = "k-otk-ot"; - }; -} diff --git a/config/users/marenz.nix b/config/users/marenz.nix deleted file mode 100644 index 146f35eb..00000000 --- a/config/users/marenz.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ pkgs, ... }: - -let - keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDixJ6x0QnSk/ebIJ9zlsRM5olZbqrxDaIt0QQmZOuAbbz441SVW+/0/7ks80GMIMxzUy5YpNvrkY+6q/dZVvNybZLm/csdoFB2soOI/F1NUOppM+r2f33db/5ae3iaun/xBOW/D5lQTbm6IfrYjN9z3gW6tTYFPauZyctizZz5P1egwtCrAnMti8aBE3G+lGXVIVbjsjYruqgSN86WM0YM9HH9XB8Kd/TDCI/j9prXFkoj9EuzOQtIDNRA4Asmi08ZmoVKqadbuZAXoYEngPe2nigiiBoV/5fyyWIJSliWPZ8YDXk8X6pRJaOgZyc6mmot0/BLJo+DkhoUDA7wp3wr cardno:000609614306" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6edpEvI6/0IBBolm3fX67U7UhA42hBVXPcN2hrTe9DiaRTMC1EnsgHSLYAuV1Ltu9gkDxHZ4aTpa69La7C7I0WPAhzXWAE1BNl2/93CETAcZoum2IYl9CZNGFG5D2Uxd8lnyZH9WtgN5WYLaKm/xFSVclYwbnYtTjI2T9mYmrrDf4bwvvjg6p6KBQUgaotwC+qyADGTJjfSiIsYU8cJhA4XROudmiKa6LAlw0VrkgQoITRYoWvmrdHMgzeCJa5UvKGxyGRqGcPB7wVFQpv2uxJVtCjb5Uhk8ZHzbc/rANBXwCgMr9tmyKDsO9imtcucQXZT7O06mkD5OYCVSdtVsx cardno:000610670724" - ]; -in { - - nix.trustedUsers = [ "marenz" ]; - - programs = { - tmux.enable = true; - }; - - users.users.marenz = { - isNormalUser = true; - extraGroups = [ "users" "wheel" ]; - openssh.authorizedKeys.keys = keys; - }; - - users.users.root.openssh.authorizedKeys.keys = keys; - - nix.sshServe.keys = keys; -} diff --git a/config/users/nek0.nix b/config/users/nek0.nix deleted file mode 100644 index c3daf6c2..00000000 --- a/config/users/nek0.nix +++ /dev/null @@ -1,9 +0,0 @@ -_: -{ - users.users.nek0 = { - isNormalUser = true; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMm4eqwfpRHGyxOWu+VmfqDyYp5+G2+6jiPWdBnakkZh" - ]; - }; -} diff --git a/config/users/poelzi.nix b/config/users/poelzi.nix deleted file mode 100644 index 763f4016..00000000 --- a/config/users/poelzi.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ pkgs, ... }: - -let - keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAuQbziwBjiSZqzE2b4iOqz1HxjinqHbGjAv1XHLOq+AFfNwMc4wiyQ/u2LpuRG2HlwK9pBeIY/gZSUP3YJZ1RumnrEOxY2Tgmzko0W9ME+hvK1OHZcXI69QA/ctxEVgOUMvTtS8XssFLAbQfkXJYeTL/5yr/Qrs3MDDfa+1UGY7LQlyzh6c4pQ+pBgWJALyzztc0orqgSVUJ2u8naQ210Jv3dQnpE+bwfeG9IuWjQqBXWHwlqxwRDxnnDBVcUj4z24XsMmHHWd/zizD+4C0Qx/rBiFhYBDXP+320U5gpgFzRl3t1HQXiPCb/LAgp2CLpZ8Eh4u9tgIhp6Z6l9r0B+vQ== poelzi@poelzi.org" - ]; -in { - - nix.trustedUsers = [ "poelzi" ]; - - programs = { - fish.enable = true; - tmux.enable = true; - }; - - users.users.poelzi = { - isNormalUser = true; - description = "poelzi"; - extraGroups = [ "users" "wheel" ]; - hashedPassword = - "$6$SoesSFadpfcSfEOe$pmkiIMvxTAaEAyqDoZ3a7jk7GZsEXqX1N8r8UvGnaPsb85csX6FC2bwFQyyu8I8QoG/wO85WnHIMMMQAglKSK/"; - openssh.authorizedKeys.keys = keys; - shell = pkgs.fish; - }; - - users.users.root.openssh.authorizedKeys.keys = keys; - - nix.sshServe.keys = keys; -} diff --git a/config/users/polygon.nix b/config/users/polygon.nix deleted file mode 100644 index b5b0c58d..00000000 --- a/config/users/polygon.nix +++ /dev/null @@ -1,9 +0,0 @@ -_: -{ - users.users.polygon = { - isNormalUser = true; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICGEKrCGXyHqD0jdTYVHnnScL9mhDU2PR9VyH7fu528J jan@nixbrett" - ]; - }; -} diff --git a/config/users/sandro.nix b/config/users/sandro.nix deleted file mode 100644 index 0619a590..00000000 --- a/config/users/sandro.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ pkgs, ... }: - -let - keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpMhnSYDzeopiK+uDz8hQSGnJ7l2lh5Te1PWtiCGiO2 sandro@nitrogen" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFidD6Snqgd8J7avxHvdDd81rdi0zNZWSilBe3eaTIlv sandro@magnesium" - ]; -in { - - nix.trustedUsers = [ "sandro" ]; - - programs = { - bash.enable = true; - tmux.enable = true; - }; - - users.users.sandro = { - isNormalUser = true; - extraGroups = [ "users" "wheel" ]; - openssh.authorizedKeys.keys = keys; - }; - - users.users.root.openssh.authorizedKeys.keys = keys; - - nix.sshServe.keys = keys; -} diff --git a/config/users/tboston.nix b/config/users/tboston.nix deleted file mode 100644 index 8d8c2615..00000000 --- a/config/users/tboston.nix +++ /dev/null @@ -1,10 +0,0 @@ -_: -{ - users.users.tboston = { - isNormalUser = true; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIINkmizml/XsSRzp3mNIumb3ZEPQoZhi/TtDU7rOUiKA tboston" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2bxUZkDM++SVg/lR6JI/ANUWVPPgGp7fmcD0mL7AI5u+VtdwUlVpPl4GjPnpBPFD2W3+WAg9DQpiA3+j/MuwaP7JjUwfI9hfVP/4QjdfgVgEyAuCWstHftk2bZvzKa+D5d7r5kOpDmWnxwuffOUqR7vmZscIJfRxSD/gOnIDMKUF8RAF94p4SuTX+1uoTbzmlIFVFZjoR1hqPL+PjA/Rmwncy8/2QKn3fagM5oTeLuk7ebFqL9mEBQolE9NJSTZJsN1IflRI9jxQYNN/jebaxDDF/bT+p8v0WxXGLmogzzyxviqOvrJVCjugyplLRh1AQ4XPh8yBqCeY9fN+LuKmz tboston" - ]; - }; -} diff --git a/config/users/windsleep.nix b/config/users/windsleep.nix deleted file mode 100644 index f50e38ed..00000000 --- a/config/users/windsleep.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ pkgs, ... }: - -let - keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD6vi3Y/e5wxJzsehFyM+N16f1QAmepMwIOSL3gO9w7CZ1jUF2Cky6y/40TcNWMDyvgxbcEfobG/Foa8DXQgKcc9LZS8jjGmzTVRCKxON5hQsYXRmxzawe8Fg2bkYxpWeoknW0wgDc/3XJA17IP2ONfVtX3YVQyhf5WPDHrXojnBadXMBUtvK5p7T+L9Z3/cGB80K5BoQCC4ZRn6gkOMjpFOKYXJfIzmLI5WPvTe7B/uuEfZ8IT8nzZsi2VBwru01s+iEXs7th/rAp2Q74pWTW8Q8jhNL1E15Yct9K7yV1p6D7YPF/BCKtXKP6VzU2ULmTp6nlCkeDJvZgLP6UpzLJJ basti@windnix" - ]; -in { - - nix.trustedUsers = [ "windsleep" ]; - - programs = { - zsh.enable = true; - tmux.enable = true; - }; - - users.users.windsleep = { - isNormalUser = true; - description = "winzlieb"; - extraGroups = [ "users" "wheel" ]; - openssh.authorizedKeys = { inherit keys; }; - shell = pkgs.zsh; - }; - - users.users.root.openssh.authorizedKeys.keys = keys; - nix.sshServe.keys = keys; -} diff --git a/flake.nix b/flake.nix index efd108ff..bcb76195 100644 --- a/flake.nix +++ b/flake.nix @@ -210,7 +210,6 @@ ./config/cache.nix ./config/ceph-storage.nix ./config/stats.nix - ./config/users ./modules/pi-sensors.nix ] ++ modules; @@ -502,10 +501,13 @@ nixosModule = self.nixosModules.c3d2; nixosModules = { - c3d2.imports = [ - sops-nix.nixosModule - ./modules/c3d2.nix - ]; + c3d2 = { + imports = [ + sops-nix.nixosModule + ./modules/c3d2.nix + ]; + c3d2.users = import ./users.nix; + }; plume = { imports = [ ./modules/plume.nix ]; nixpkgs.overlays = [ fenix.overlay naersk.overlay ]; diff --git a/modules/c3d2.nix b/modules/c3d2.nix index 99d7cd53..5841eb8a 100644 --- a/modules/c3d2.nix +++ b/modules/c3d2.nix @@ -3,10 +3,20 @@ { config, lib, ... }: let cfg = config.c3d2; -in { +in +{ options.c3d2 = with lib; with lib.types; { + allUsersCanSshRoot = lib.mkOption { + type = lib.types.bool; + default = false; + description = '' + Let all people in c3d2.users + login as root for deployment via SSH. + ''; + }; + isInHq = mkEnableOption "HQ presence (TODO: what is this? association to VLAN 5?)"; enableMotd = mkOption { @@ -65,5 +75,29 @@ in { }; + users = + mkOption { + type = attrsOf (submodule { + options = { + sshKeys = mkOption { + type = listOf types.str; + default = [ ]; + }; + }; + }); + }; + }; + config = { + + users.motd = lib.mkIf cfg.enableMotd (builtins.readFile ./motd); + + users.users.root.openssh.authorizedKeys.keys = lib.mkIf cfg.allUsersCanSshRoot + (with builtins; lib.lists.flatten ( + map + (getAttr "sshKeys") + (attrValues cfg.users) + )); + + }; } diff --git a/config/motd b/modules/motd similarity index 100% rename from config/motd rename to modules/motd diff --git a/users.nix b/users.nix new file mode 100644 index 00000000..eab1c2e0 --- /dev/null +++ b/users.nix @@ -0,0 +1,49 @@ +{ + antrares.sshKeys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDC6Io8mHskJhkUh+vaSo95pi1E/gAoesQ0v+s+7DCTgjpOkB+W6vdJ8U6rblFxrETaWFAIVfkg+I/ZYvNWqCAxu1iWXaZ3IEK2ZiP5Vg0HevAP0ratfIHw50V8wfsyA8/lLVGdpX76xqexdY3G1SYZUcedq6AqWx6FpyoKGVOL2+jlJhmxCoEYfOJe6HbTi02UtAw1qavaD2acvuLksHOiwRAq1+ijPo/OmU3LmaErheceiPC97Wn4H/a98HdnWXJ3AXZCpPzp784/gUxOd/fvKRQPv0Lza9dytmpkAVc9efLMAQZm60w9InpIY0VxJRu2iFDc6msMF/iJp1UXSJfk4hTxUvXL8rPXc4GYKDSQlWO4UXoKd2gZEmCdcsIN/re6VR1lJWcm4eKxI9zJAQRZDrYHZP3ALBJrBY+7pJUHGSB+jCdZ73zkvkiNWUHZ9Wwp4RvdFoCR9qT+AoDU2SMiBMn8/hNMZRUs6RKjUzzn2vhCbZh19QIDxivaFg3DOKq7CCI3XNR3M781MFdmeTXKBLnv2YEVXy5XDIMvucQaZIUoD14fSF2wnncuP9h0gs2H1zG7nQfMagGpE+ro56FO3rBQqfRzz/U528yuq8uf/6TD9u3jTu7ngZ0YpDvAwAh8yG3b2KGFbrcYc3N1zEQOz7IqKixmIt/f3VOOjQ3Yww== antrares@c3d2.de" + ]; + + astro.sshKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJJTSJdpDh82486uPiMhhyhnci4tScp5uUe7156MBC8 astro" + ]; + + emery.sshKeys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCqAXBEROEfldkHdUbF3TinBhfeX5l4DQ/5MAOhLh09avqCqcHY2FanZN+qmWpD695UZ71Cl+XF6Bj0KO7Rt4SAemvkEDPMBoidkt+ZjLsdnb8GVvbDhu/62JnqW9meYTN5GcjfmKMPDtKFbgSx9PPcjsDaO6LI/GWeyTz+EYQqwTdc7TKffjLXp6bREYLf0oKIBTvW9/oPCBI7ywYmyBaadFKrYSnujJbMejH91L+JN2fJoxjjhsGcRR78ottbjz4q6JxYjt9CG5oa7Lm60xdZkiiA3c4dMuHU9+EWGshjBKL1Fb9BafeAKhHobcs7UG8IVlqHRJC5VAGQlmus/fNagAArz9PnGW4MAOgg+yLjQJLLKqePBMsAsMHZ9XT+sqPyJfcai5dWynGXFP1B63C/oosVMkeZAlBIwDz/CmufpKBCJZXCfFoC3PotWsH/JT3ir/RSdtVHQ169CEgm+AUd7gjBuRwn6j2eBHcYkn0nCbQ93KLPlnYCLXzjByGved8= emery@fuji" + ]; + + j03.sshKeys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDW+YfsFtRz1h/0ubcKU+LyGfxH505yUkbWa5VtRFNWF2fjTAYGj6o5M4dt+fv1h370HXvvOBtt8sIlWQgMsD10+9mvjdXWhTcpnYPx4yWuyEERE1/1BhItrog6XJKAedbCDpQQ+POoewouiHWVAUfFByPj5RXuE8zKUeIEkGev/QKrKTLnTcS8zFs/yrokf1qYYR571B3U8IPDjpV/Y1GieG3MSNaefIMCwAAup1gPkUA0XZ4A1L7NdEiUEHlceKVu9eYiWUM+wDRunBXnLHubeGyP8KmBA7PNKgml3WWRNTZjqNQk4u9Bl+Qea5eCkD8KI257EqgXYXy0QBWNyF8X j03@l302" + ]; + + marenz.sshKeys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDixJ6x0QnSk/ebIJ9zlsRM5olZbqrxDaIt0QQmZOuAbbz441SVW+/0/7ks80GMIMxzUy5YpNvrkY+6q/dZVvNybZLm/csdoFB2soOI/F1NUOppM+r2f33db/5ae3iaun/xBOW/D5lQTbm6IfrYjN9z3gW6tTYFPauZyctizZz5P1egwtCrAnMti8aBE3G+lGXVIVbjsjYruqgSN86WM0YM9HH9XB8Kd/TDCI/j9prXFkoj9EuzOQtIDNRA4Asmi08ZmoVKqadbuZAXoYEngPe2nigiiBoV/5fyyWIJSliWPZ8YDXk8X6pRJaOgZyc6mmot0/BLJo+DkhoUDA7wp3wr cardno:000609614306" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6edpEvI6/0IBBolm3fX67U7UhA42hBVXPcN2hrTe9DiaRTMC1EnsgHSLYAuV1Ltu9gkDxHZ4aTpa69La7C7I0WPAhzXWAE1BNl2/93CETAcZoum2IYl9CZNGFG5D2Uxd8lnyZH9WtgN5WYLaKm/xFSVclYwbnYtTjI2T9mYmrrDf4bwvvjg6p6KBQUgaotwC+qyADGTJjfSiIsYU8cJhA4XROudmiKa6LAlw0VrkgQoITRYoWvmrdHMgzeCJa5UvKGxyGRqGcPB7wVFQpv2uxJVtCjb5Uhk8ZHzbc/rANBXwCgMr9tmyKDsO9imtcucQXZT7O06mkD5OYCVSdtVsx cardno:000610670724" + ]; + + nek0.sshKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMm4eqwfpRHGyxOWu+VmfqDyYp5+G2+6jiPWdBnakkZh" + ]; + + poelzi.sshKeys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAuQbziwBjiSZqzE2b4iOqz1HxjinqHbGjAv1XHLOq+AFfNwMc4wiyQ/u2LpuRG2HlwK9pBeIY/gZSUP3YJZ1RumnrEOxY2Tgmzko0W9ME+hvK1OHZcXI69QA/ctxEVgOUMvTtS8XssFLAbQfkXJYeTL/5yr/Qrs3MDDfa+1UGY7LQlyzh6c4pQ+pBgWJALyzztc0orqgSVUJ2u8naQ210Jv3dQnpE+bwfeG9IuWjQqBXWHwlqxwRDxnnDBVcUj4z24XsMmHHWd/zizD+4C0Qx/rBiFhYBDXP+320U5gpgFzRl3t1HQXiPCb/LAgp2CLpZ8Eh4u9tgIhp6Z6l9r0B+vQ== poelzi@poelzi.org" + ]; + + polygon.sshKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICGEKrCGXyHqD0jdTYVHnnScL9mhDU2PR9VyH7fu528J jan@nixbrett" + ]; + + sandro.sshKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpMhnSYDzeopiK+uDz8hQSGnJ7l2lh5Te1PWtiCGiO2 sandro@nitrogen" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFidD6Snqgd8J7avxHvdDd81rdi0zNZWSilBe3eaTIlv sandro@magnesium" + ]; + + tboston.sshKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIINkmizml/XsSRzp3mNIumb3ZEPQoZhi/TtDU7rOUiKA tboston" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2bxUZkDM++SVg/lR6JI/ANUWVPPgGp7fmcD0mL7AI5u+VtdwUlVpPl4GjPnpBPFD2W3+WAg9DQpiA3+j/MuwaP7JjUwfI9hfVP/4QjdfgVgEyAuCWstHftk2bZvzKa+D5d7r5kOpDmWnxwuffOUqR7vmZscIJfRxSD/gOnIDMKUF8RAF94p4SuTX+1uoTbzmlIFVFZjoR1hqPL+PjA/Rmwncy8/2QKn3fagM5oTeLuk7ebFqL9mEBQolE9NJSTZJsN1IflRI9jxQYNN/jebaxDDF/bT+p8v0WxXGLmogzzyxviqOvrJVCjugyplLRh1AQ4XPh8yBqCeY9fN+LuKmz tboston" + ]; + + windsleep.sshKeys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD6vi3Y/e5wxJzsehFyM+N16f1QAmepMwIOSL3gO9w7CZ1jUF2Cky6y/40TcNWMDyvgxbcEfobG/Foa8DXQgKcc9LZS8jjGmzTVRCKxON5hQsYXRmxzawe8Fg2bkYxpWeoknW0wgDc/3XJA17IP2ONfVtX3YVQyhf5WPDHrXojnBadXMBUtvK5p7T+L9Z3/cGB80K5BoQCC4ZRn6gkOMjpFOKYXJfIzmLI5WPvTe7B/uuEfZ8IT8nzZsi2VBwru01s+iEXs7th/rAp2Q74pWTW8Q8jhNL1E15Yct9K7yV1p6D7YPF/BCKtXKP6VzU2ULmTp6nlCkeDJvZgLP6UpzLJJ basti@windnix" + ]; + +}