1 { flakes, pkgs, lib, config, ... }:
4 "Julien Moutinho <julm@sourcephile.fr>" = {
5 uid = "Julien Moutinho <julm@sourcephile.fr>";
8 usage = ["cert" "sign"];
9 passPath = "members/julm/gpg/password";
11 { algo = "rsa4096"; expire = "3y"; usage = ["sign"]; }
12 { algo = "rsa4096"; expire = "3y"; usage = ["encrypt"]; }
13 { algo = "rsa4096"; expire = "3y"; usage = ["auth"]; }
15 backupRecipients = [""];
17 "Julien Moutinho <julm@mermet>" = {
18 uid = "Julien Moutinho <julm@mermet>";
21 usage = ["cert" "sign"];
22 passPath = "members/julm/gpg/password";
24 { algo = "rsa4096"; expire = "3y"; usage = ["sign"]; }
25 { algo = "rsa4096"; expire = "3y"; usage = ["encrypt"]; }
26 { algo = "rsa4096"; expire = "3y"; usage = ["auth"]; }
28 backupRecipients = [""];
30 } // lib.listToAttrs (
31 let domain = "sourcephile.fr"; in
32 builtins.map (machine: lib.nameValuePair "root@${machine}.${domain}" {
33 uid = "root@${machine}.${domain}";
36 usage = ["cert" "sign"];
37 passPath = "machines/${machine}/root/key.pass";
39 { algo = "rsa4096"; expire = "0"; usage = ["encrypt"]; }
41 backupRecipients = [""];
42 }) (builtins.attrNames flakes.self.nixosConfigurations));