From 2dd3b22a8aa2532b4c036b41e38ea69b89db3f52 Mon Sep 17 00:00:00 2001
From: EuAndreh <eu@euandre.org>
Date: Fri, 19 Dec 2025 19:26:20 -0300
Subject: Makefile: reify "authorized-keys.txt" file

---
 .gitignore |  1 +
 Makefile   | 16 +++++++++-------
 deps.mk    |  5 +++++
 mkdeps.sh  |  7 +------
 4 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/.gitignore b/.gitignore
index f72a7af..cff0c37 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
 /*.scm
 /*.sentinel
 /src/secrets/*/*.txt
+/authorized-keys.txt
diff --git a/Makefile b/Makefile
index d4ce136..a93039b 100644
--- a/Makefile
+++ b/Makefile
@@ -21,6 +21,7 @@ repo-secrets.txt = $(repo-secrets.txt.gpg:.gpg=)
 
 derived-assets = \
 	system.scm.sentinel            \
+	authorized-keys.txt            \
 
 side-assets = \
 	$(prod-secrets.txt)            \
@@ -34,7 +35,7 @@ side-assets = \
 all: $(derived-assets)
 
 
-$(derived-assets): Makefile
+$(derived-assets): Makefile deps.mk
 
 
 # Needed by server to reconfigure(8) without running make(1).
@@ -59,6 +60,9 @@ system.scm.sentinel: src/guix/system.scm $(config.txt)
 	guix build -v3 -r system.scm -Kf src/guix/system.scm
 	touch $@
 
+authorized-keys.txt: $(keys.txt)
+	find src/keys/SSH/*.txt | LANG=POSIX.UTF-8 sort | xargs cat > $@
+
 
 
 check-unit:
@@ -115,12 +119,10 @@ upload-secrets: $(prod-secrets.txt)
 		$(prod-secrets.txt) $(TLD):/opt/secrets/
 
 
-## Generate the ".ssh/authorized_keys" file and upload
-## it to $(OFFSITE_SSH).
-upload-keys:
-	find src/keys/SSH/*.txt | \
-		LANG=POSIX.UTF-8 sort | \
-		xargs cat | \
+## Upload the generated "authorized-keys.txt" file to
+## ".ssh/authorized_keys" in $(OFFSITE_SSH).
+upload-keys: authorized-keys.txt
+	cat authorized-keys.txt | \
 		ssh $(OFFSITE_SSH) dd of=.ssh/authorized_keys
 
 
diff --git a/deps.mk b/deps.mk
index 1e1ef74..1f15552 100644
--- a/deps.mk
+++ b/deps.mk
@@ -8,3 +8,8 @@ repo-secrets.txt.gpg = \
 	src/secrets/repo/root@euandre.org.id_rsa.txt.gpg \
 	src/secrets/repo/wireguard-private-key.txt.gpg \
 
+keys.txt = \
+	src/keys/SSH/andreh.pub.txt \
+	src/keys/SSH/paulo.pub.txt \
+	src/keys/SSH/root@euandre.org.id_rsa.pub.txt \
+
diff --git a/mkdeps.sh b/mkdeps.sh
index 5f04d8c..99e87a8 100755
--- a/mkdeps.sh
+++ b/mkdeps.sh
@@ -3,12 +3,7 @@ set -eu
 
 export LANG=POSIX.UTF-8
 
-varlist() {
-	printf '%s = \\\n' "$1"
-	sort | sed 's|^\(.*\)$|\t\1 \\|'
-	printf '\n'
-}
-
 
 find src/secrets/prod/*.txt.gpg | varlist 'prod-secrets.txt.gpg'
 find src/secrets/repo/*.txt.gpg | varlist 'repo-secrets.txt.gpg'
+find src/keys/SSH/*.txt         | varlist 'keys.txt'
-- 
cgit v1.2.3