diff options
| author | Aspen Smith <grfn@gws.fyi> | 2024-02-12T03·00-0500 |
|---|---|---|
| committer | clbot <clbot@tvl.fyi> | 2024-02-14T19·37+0000 |
| commit | 82ecd61f5c699cf3af6c4eadf47a1c52b1d696c6 (patch) | |
| tree | 429c5e078528000591742ec3211bc768ae913a78 /ops | |
| parent | 0ba476a4266015f278f18d74094299de74a5a111 (diff) | |
chore(users): grfn -> aspen r/7511
Change-Id: I6c6847fac56f0a9a1a2209792e00a3aec5e672b9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10809 Autosubmit: aspen <root@gws.fyi> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
Diffstat (limited to 'ops')
| -rw-r--r-- | ops/machines/all-systems.nix | 2 | ||||
| -rw-r--r-- | ops/machines/whitby/default.nix | 10 | ||||
| -rw-r--r-- | ops/modules/tvl-users.nix | 6 | ||||
| -rw-r--r-- | ops/modules/www/wigglydonke.rs.nix | 2 | ||||
| -rw-r--r-- | ops/secrets/secrets.nix | 10 |
5 files changed, 14 insertions, 16 deletions
diff --git a/ops/machines/all-systems.nix b/ops/machines/all-systems.nix index e2371d76e7..449d41a5f7 100644 --- a/ops/machines/all-systems.nix +++ b/ops/machines/all-systems.nix @@ -12,7 +12,7 @@ zamalek ]) ++ -(with depot.users.grfn.system.system; [ +(with depot.users.aspen.system.system; [ yeren mugwump ogopogo diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index d57f769826..4eb9135313 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -83,7 +83,7 @@ in authorizedKeys = depot.users.tazjin.keys.all ++ depot.users.lukegb.keys.all - ++ [ depot.users.grfn.keys.whitby ]; + ++ [ depot.users.aspen.keys.whitby ]; hostKeys = [ /etc/secrets/initrd_host_ed25519_key @@ -189,7 +189,7 @@ in secret-key-files = "/run/agenix/nix-cache-priv"; trusted-users = [ - "grfn" + "aspen" "lukegb" "tazjin" "sterni" @@ -201,7 +201,7 @@ in keys = with depot.users; tazjin.keys.all ++ lukegb.keys.all - ++ [ grfn.keys.whitby ] + ++ [ aspen.keys.whitby ] ++ sterni.keys.all ; }; @@ -565,8 +565,8 @@ in token_url = "https://auth.tvl.fyi/auth/realms/TVL/protocol/openid-connect/token"; api_url = "https://auth.tvl.fyi/auth/realms/TVL/protocol/openid-connect/userinfo"; - # Give lukegb, grfn, tazjin "Admin" rights. - role_attribute_path = "((sub == 'lukegb' || sub == 'grfn' || sub == 'tazjin') && 'Admin') || 'Editor'"; + # Give lukegb, aspen, tazjin "Admin" rights. + role_attribute_path = "((sub == 'lukegb' || sub == 'aspen' || sub == 'tazjin') && 'Admin') || 'Editor'"; # Allow creating new Grafana accounts from OAuth accounts. allow_sign_up = true; diff --git a/ops/modules/tvl-users.nix b/ops/modules/tvl-users.nix index d8269746a8..ea83b435f4 100644 --- a/ops/modules/tvl-users.nix +++ b/ops/modules/tvl-users.nix @@ -17,12 +17,10 @@ openssh.authorizedKeys.keys = depot.users.lukegb.keys.all; }; - users.grfn = { + users.aspen = { isNormalUser = true; extraGroups = [ "git" "wheel" ]; - openssh.authorizedKeys.keys = [ - depot.users.grfn.keys.whitby - ]; + openssh.authorizedKeys.keys = [ depot.users.aspen.keys.whitby ]; }; users.edef = { diff --git a/ops/modules/www/wigglydonke.rs.nix b/ops/modules/www/wigglydonke.rs.nix index 3d85e4eb98..6440164325 100644 --- a/ops/modules/www/wigglydonke.rs.nix +++ b/ops/modules/www/wigglydonke.rs.nix @@ -9,7 +9,7 @@ services.nginx.virtualHosts."wigglydonke.rs" = { enableACME = true; forceSSL = true; - root = "${depot.path + "/users/grfn/wigglydonke.rs"}"; + root = "${depot.path + "/users/aspen/wigglydonke.rs"}"; }; }; } diff --git a/ops/secrets/secrets.nix b/ops/secrets/secrets.nix index cdaceedb35..5cbf2bf612 100644 --- a/ops/secrets/secrets.nix +++ b/ops/secrets/secrets.nix @@ -11,7 +11,7 @@ let "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDBRXeb8EuecLHP0bW4zuebXp4KRnXgJTZfeVWXQ1n1R" ]; - grfn = [ + aspen = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMcBGBoWd5pPIIQQP52rcFOQN3wAY0J/+K2fuU6SffjA " ]; @@ -22,10 +22,10 @@ let sanduny = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOag0XhylaTVhmT6HB8EN2Fv5Ymrc4ZfypOXONUkykTX"; whitby = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNh/w4BSKov0jdz3gKBc98tpoLta5bb87fQXWBhAl2I"; - terraform.publicKeys = tazjin ++ grfn ++ sterni ++ flokli; - whitbyDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ whitby ]; - allDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ sanduny whitby ]; - sandunyDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ sanduny ]; + terraform.publicKeys = tazjin ++ aspen ++ sterni ++ flokli; + whitbyDefault.publicKeys = tazjin ++ aspen ++ sterni ++ [ whitby ]; + allDefault.publicKeys = tazjin ++ aspen ++ sterni ++ [ sanduny whitby ]; + sandunyDefault.publicKeys = tazjin ++ aspen ++ sterni ++ [ sanduny ]; in { "besadii.age" = whitbyDefault; |