let
  user_eyjhb = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPuma8g+U8Wh+4mLvZoV9V+ngPqxjuIG4zhsbaTeXq65 eyjhb@chronos";
  user_rendal = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGee4uz+HDOj4Y4ANOhWJhoc4mMLP1gz6rpKoMueQF2J rendal@popper";
  users = [ user_eyjhb user_rendal ];


  system_gerd = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJosDVq8j4V50/z6nj2OMBPhqda95HOS1hKLGvo8viLQ";
  systems = [ system_gerd ];

  defaultAccess = users ++ systems;
in
{
  # authelia
  "authelia/jwt.age".publicKeys = defaultAccess;
  "authelia/storage.age".publicKeys = defaultAccess;
  "authelia/session.age".publicKeys = defaultAccess;
  "authelia/oidc-issuer-privatekey-pem.age".publicKeys = defaultAccess;
  "authelia/oidc-issuer-privatekey-crt.age".publicKeys = defaultAccess;
  "authelia/smtp-password.age".publicKeys = defaultAccess;

  # lldap
  "lldap/admin-user-pass.age".publicKeys = defaultAccess;
  "lldap/bind-user-pass.age".publicKeys = defaultAccess;
  "lldap/bind-user-pass-hedgedoc-env.age".publicKeys = defaultAccess;

  # mumble
  "murmur/env.age".publicKeys = defaultAccess;
  "murmur/superpassword.age".publicKeys = defaultAccess;

  # forgejo
  "forgejo/authelia-secret.age".publicKeys = defaultAccess;

  # teeworlds
  "teeworlds/env.age".publicKeys = defaultAccess;

  # nextcloud
  "nextcloud/admin-pass.age".publicKeys = defaultAccess;
  "nextcloud/secrets.age".publicKeys = defaultAccess;

  # mailserver/stalwart
  "stalwart/admin-fallback-password.age".publicKeys = defaultAccess;
}