wip

2021-08-13 01:21:22 +02:00 · 2021-08-13 01:21:22 +02:00 · 53db057485
commit 53db057485
parent d2c1c6ab0d
4 changed files with 10 additions and 10 deletions
--- a/bundles/backup-server/metadata.py
+++ b/bundles/backup-server/metadata.py
@ -8,7 +8,7 @@ defaults = {
    },
    'users': {
        'backup-receiver': {
-            'authorized_keys': [],
+            'authorized_keys': set(),
        },
    },
    'sudoers': {
@ -78,12 +78,12 @@ def backup_authorized_keys(metadata):
    return {
        'users': {
            'backup-receiver': {
-                'authorized_keys': [
+                'authorized_keys': {
                    other_node.metadata.get('users/root/pubkey')
                        for other_node in repo.nodes
                        if other_node.has_bundle('backup')
                        and other_node.metadata.get('backup/server') == node.name
-                ],
+                },
            },
        },
    }
--- a/bundles/users/metadata.py
+++ b/bundles/users/metadata.py
@ -18,11 +18,11 @@ def authorized_users(metadata):

    for name, config in metadata.get('users').items():
        users[name] = {
-            'authorized_keys': [],
+            'authorized_keys': set(),
        }
        for authorized_user in config.get('authorized_users', []):
            authorized_user_name, authorized_user_node = authorized_user.split('@')
-            users[name]['authorized_keys'].append(
+            users[name]['authorized_keys'].add(
                repo.get_node(authorized_user_node).metadata.get(f'users/{authorized_user_name}/pubkey')
            )
    return {
@ -38,7 +38,7 @@ def user_defaults(metadata):

    for name, config in metadata.get('users').items():
        users[name] = {
-            'authorized_keys': [],
+            'authorized_keys': set(),
        }

        if not 'full_name' in config:
--- a/groups/all.py
+++ b/groups/all.py
@ -12,9 +12,9 @@
        'users': {
            'root': {
                'shell': '/usr/bin/zsh',
-                'authorized_keys': [
+                'authorized_keys': {
                    'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEU1l2ijW3ZqzFGZcdWg2ESgTGehdNfBTfafxsjWvWdS mwiegand@macbook',
-                ],
+                },
            },
        },
    }
--- a/nodes/htz.mails.py
+++ b/nodes/htz.mails.py
@ -126,9 +126,9 @@
                'authorized_users': [
                    'root@home.server',
                ],
-                'authorized_keys': [
+                'authorized_keys': {
                    'ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHMKTJLw6Cb+MLt+9JFOkuo2QBpuA8EoTKOFpb3IFQHEq19YLMzOhcErWmzaRfiCnILhnwTQz0njS+n9Qu4aghk= root@mail.sublimity.de'
-                ],
+                },
            },
        },
        'vm': {