hauleth.dev / fuk
Fetch User Keys - simple tool for fetching SSH keys from various sources
2
fork

Configure Feed

Select the types of activity you want to include in your feed.

Initial commit

Łukasz Niemier fe132d11

+375
+5
.gitignore
··· 1 + .devenv 2 + 3 + # Added by cargo 4 + 5 + /target
+67
README.md
··· 1 + # FUK 2 + 3 + > No one gives a fuk… so you need to take it yourself. 4 + 5 + **F**etch **U**ser **K**eys - simple tool for fetching SSH keys from various 6 + sources. 7 + 8 + ## Sources 9 + 10 + - [ ] Raw - no fetching, just raw key from the configuration 11 + - [ ] Forges 12 + + [ ] GitHub 13 + + [ ] SourceHut 14 + + [ ] GitLab 15 + + [ ] Forgejo 16 + + [ ] Defining your own forges 17 + - [ ] Host keys via `ssh-keyscan` 18 + 19 + ## Reason 20 + 21 + In my case the reason was to be able to easily prepare set of SSH keys for use 22 + with [agenix][], tool for managing secrets while working with Nix deployments. 23 + However usage can be extended to other situations as well: 24 + 25 + - Managing `allowed_signers` to check SSH signatures under commits and stuff 26 + - Fetching `authorized_keys` to allow users to upload their keys without admin 27 + manual intervention 28 + 29 + ## Usage 30 + 31 + Define configuration file, for example `keys.toml` in form: 32 + 33 + ```toml 34 + [[entry]] 35 + name = "hauleth" 36 + emails = [ "~@hauleth.dev" ] 37 + keys = [ 38 + { sourcehut = "~hauleth" }, 39 + { github = "hauleth" } 40 + ] 41 + 42 + [[entry]] 43 + name = "heimdall" 44 + keys = [ 45 + { host = "heimdall" } 46 + ] 47 + ``` 48 + 49 + Now you can run 50 + 51 + ```sh 52 + fuk keys.toml > keys.json 53 + ``` 54 + 55 + And get JSON document containing all keys provided by these: 56 + 57 + ```json 58 + { 59 + "hauleth": [ 60 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN7q0wm7C+EX0ORpRxeyhvWTT2BMPjSRQIZmbzPLIiHC" 61 + ], 62 + "heimdall": [ 63 + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC36MGQHLsmS1aUtRYyC40lguLR4/sRXDxwT8ieSkGgLFc95xQ/7m8tIYmtCTwIMvN9gzJkW6ufbWfuX1iBYoWVVO/QdJz/5/Nl4ZofyfdFSk4ZYaWSOnMlY7vV9K0L0WsEEf1R3Erf42Ek051PcO8IeTtYTxkaugrBOPSVmzBOZu9osnJbatCsODe7uIWRU8jd5gmL7a9pmk9Q8nWDDXzu4bWd9Dg1M1d+rIY368J4LNOzknPZUkOcK1TpLkutB6bozvaeKSBNaqihA0un1VETArhiUmUY6a0y5e34PNLQjbl5UqHS5tmU5jmolDIJV2hF78+XrgaZf+CNoQ1Ac3QJ", 64 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEZsoYDw74ez/2YLPZMDQgN/KxyGiXHZt+CowWMiyoyL" 65 + ] 66 + } 67 + ```
+270
flake.lock
··· 1 + { 2 + "nodes": { 3 + "devenv": { 4 + "inputs": { 5 + "flake-compat": "flake-compat", 6 + "nix": "nix", 7 + "nixpkgs": "nixpkgs", 8 + "pre-commit-hooks": "pre-commit-hooks" 9 + }, 10 + "locked": { 11 + "lastModified": 1707004164, 12 + "narHash": "sha256-9Hr8onWtvLk5A8vCEkaE9kxA0D7PR62povFokM1oL5Q=", 13 + "owner": "cachix", 14 + "repo": "devenv", 15 + "rev": "0e68853bb27981a4ffd7a7225b59ed84f7180fc7", 16 + "type": "github" 17 + }, 18 + "original": { 19 + "owner": "cachix", 20 + "repo": "devenv", 21 + "type": "github" 22 + } 23 + }, 24 + "flake-compat": { 25 + "flake": false, 26 + "locked": { 27 + "lastModified": 1673956053, 28 + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", 29 + "owner": "edolstra", 30 + "repo": "flake-compat", 31 + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", 32 + "type": "github" 33 + }, 34 + "original": { 35 + "owner": "edolstra", 36 + "repo": "flake-compat", 37 + "type": "github" 38 + } 39 + }, 40 + "flake-parts": { 41 + "inputs": { 42 + "nixpkgs-lib": "nixpkgs-lib" 43 + }, 44 + "locked": { 45 + "lastModified": 1706830856, 46 + "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=", 47 + "owner": "hercules-ci", 48 + "repo": "flake-parts", 49 + "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f", 50 + "type": "github" 51 + }, 52 + "original": { 53 + "owner": "hercules-ci", 54 + "repo": "flake-parts", 55 + "type": "github" 56 + } 57 + }, 58 + "flake-utils": { 59 + "inputs": { 60 + "systems": "systems" 61 + }, 62 + "locked": { 63 + "lastModified": 1685518550, 64 + "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", 65 + "owner": "numtide", 66 + "repo": "flake-utils", 67 + "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", 68 + "type": "github" 69 + }, 70 + "original": { 71 + "owner": "numtide", 72 + "repo": "flake-utils", 73 + "type": "github" 74 + } 75 + }, 76 + "gitignore": { 77 + "inputs": { 78 + "nixpkgs": [ 79 + "devenv", 80 + "pre-commit-hooks", 81 + "nixpkgs" 82 + ] 83 + }, 84 + "locked": { 85 + "lastModified": 1660459072, 86 + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", 87 + "owner": "hercules-ci", 88 + "repo": "gitignore.nix", 89 + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", 90 + "type": "github" 91 + }, 92 + "original": { 93 + "owner": "hercules-ci", 94 + "repo": "gitignore.nix", 95 + "type": "github" 96 + } 97 + }, 98 + "lowdown-src": { 99 + "flake": false, 100 + "locked": { 101 + "lastModified": 1633514407, 102 + "narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=", 103 + "owner": "kristapsdz", 104 + "repo": "lowdown", 105 + "rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8", 106 + "type": "github" 107 + }, 108 + "original": { 109 + "owner": "kristapsdz", 110 + "repo": "lowdown", 111 + "type": "github" 112 + } 113 + }, 114 + "nix": { 115 + "inputs": { 116 + "lowdown-src": "lowdown-src", 117 + "nixpkgs": [ 118 + "devenv", 119 + "nixpkgs" 120 + ], 121 + "nixpkgs-regression": "nixpkgs-regression" 122 + }, 123 + "locked": { 124 + "lastModified": 1676545802, 125 + "narHash": "sha256-EK4rZ+Hd5hsvXnzSzk2ikhStJnD63odF7SzsQ8CuSPU=", 126 + "owner": "domenkozar", 127 + "repo": "nix", 128 + "rev": "7c91803598ffbcfe4a55c44ac6d49b2cf07a527f", 129 + "type": "github" 130 + }, 131 + "original": { 132 + "owner": "domenkozar", 133 + "ref": "relaxed-flakes", 134 + "repo": "nix", 135 + "type": "github" 136 + } 137 + }, 138 + "nixpkgs": { 139 + "locked": { 140 + "lastModified": 1678875422, 141 + "narHash": "sha256-T3o6NcQPwXjxJMn2shz86Chch4ljXgZn746c2caGxd8=", 142 + "owner": "NixOS", 143 + "repo": "nixpkgs", 144 + "rev": "126f49a01de5b7e35a43fd43f891ecf6d3a51459", 145 + "type": "github" 146 + }, 147 + "original": { 148 + "owner": "NixOS", 149 + "ref": "nixpkgs-unstable", 150 + "repo": "nixpkgs", 151 + "type": "github" 152 + } 153 + }, 154 + "nixpkgs-lib": { 155 + "locked": { 156 + "dir": "lib", 157 + "lastModified": 1706550542, 158 + "narHash": "sha256-UcsnCG6wx++23yeER4Hg18CXWbgNpqNXcHIo5/1Y+hc=", 159 + "owner": "NixOS", 160 + "repo": "nixpkgs", 161 + "rev": "97b17f32362e475016f942bbdfda4a4a72a8a652", 162 + "type": "github" 163 + }, 164 + "original": { 165 + "dir": "lib", 166 + "owner": "NixOS", 167 + "ref": "nixos-unstable", 168 + "repo": "nixpkgs", 169 + "type": "github" 170 + } 171 + }, 172 + "nixpkgs-regression": { 173 + "locked": { 174 + "lastModified": 1643052045, 175 + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", 176 + "owner": "NixOS", 177 + "repo": "nixpkgs", 178 + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", 179 + "type": "github" 180 + }, 181 + "original": { 182 + "owner": "NixOS", 183 + "repo": "nixpkgs", 184 + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", 185 + "type": "github" 186 + } 187 + }, 188 + "nixpkgs-stable": { 189 + "locked": { 190 + "lastModified": 1685801374, 191 + "narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=", 192 + "owner": "NixOS", 193 + "repo": "nixpkgs", 194 + "rev": "c37ca420157f4abc31e26f436c1145f8951ff373", 195 + "type": "github" 196 + }, 197 + "original": { 198 + "owner": "NixOS", 199 + "ref": "nixos-23.05", 200 + "repo": "nixpkgs", 201 + "type": "github" 202 + } 203 + }, 204 + "nixpkgs_2": { 205 + "locked": { 206 + "lastModified": 1706173671, 207 + "narHash": "sha256-lciR7kQUK2FCAYuszyd7zyRRmTaXVeoZsCyK6QFpGdk=", 208 + "path": "/nix/store/ildml01gk7v91fba35whklllfi343lvq-source", 209 + "rev": "4fddc9be4eaf195d631333908f2a454b03628ee5", 210 + "type": "path" 211 + }, 212 + "original": { 213 + "id": "nixpkgs", 214 + "type": "indirect" 215 + } 216 + }, 217 + "pre-commit-hooks": { 218 + "inputs": { 219 + "flake-compat": [ 220 + "devenv", 221 + "flake-compat" 222 + ], 223 + "flake-utils": "flake-utils", 224 + "gitignore": "gitignore", 225 + "nixpkgs": [ 226 + "devenv", 227 + "nixpkgs" 228 + ], 229 + "nixpkgs-stable": "nixpkgs-stable" 230 + }, 231 + "locked": { 232 + "lastModified": 1704725188, 233 + "narHash": "sha256-qq8NbkhRZF1vVYQFt1s8Mbgo8knj+83+QlL5LBnYGpI=", 234 + "owner": "cachix", 235 + "repo": "pre-commit-hooks.nix", 236 + "rev": "ea96f0c05924341c551a797aaba8126334c505d2", 237 + "type": "github" 238 + }, 239 + "original": { 240 + "owner": "cachix", 241 + "repo": "pre-commit-hooks.nix", 242 + "type": "github" 243 + } 244 + }, 245 + "root": { 246 + "inputs": { 247 + "devenv": "devenv", 248 + "flake-parts": "flake-parts", 249 + "nixpkgs": "nixpkgs_2" 250 + } 251 + }, 252 + "systems": { 253 + "locked": { 254 + "lastModified": 1681028828, 255 + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", 256 + "owner": "nix-systems", 257 + "repo": "default", 258 + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", 259 + "type": "github" 260 + }, 261 + "original": { 262 + "owner": "nix-systems", 263 + "repo": "default", 264 + "type": "github" 265 + } 266 + } 267 + }, 268 + "root": "root", 269 + "version": 7 270 + }
+33
flake.nix
··· 1 + { 2 + description = "Description for the project"; 3 + 4 + inputs = { 5 + flake-parts.url = "github:hercules-ci/flake-parts"; 6 + nixpkgs.url = "flake:nixpkgs"; 7 + devenv.url = "github:cachix/devenv"; 8 + }; 9 + 10 + nixConfig = { 11 + extra-trusted-public-keys = "devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="; 12 + extra-substituters = "https://devenv.cachix.org"; 13 + }; 14 + 15 + outputs = inputs@{ flake-parts, ... }: 16 + flake-parts.lib.mkFlake { inherit inputs; } { 17 + imports = [ 18 + inputs.devenv.flakeModule 19 + ]; 20 + 21 + flake = { 22 + 23 + }; 24 + 25 + systems = [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" "x86_64-darwin" ]; 26 + 27 + perSystem = { inputs', ... }: { 28 + devenv.shells.default = { 29 + languages.rust.enable = true; 30 + }; 31 + }; 32 + }; 33 + }