diff options
| author | Vincent Ambo <mail@tazj.in> | 2022-02-17T09·16+0300 |
|---|---|---|
| committer | clbot <clbot@tvl.fyi> | 2022-02-17T18·08+0000 |
| commit | dd5ce78dbdf88bcdafc46c7e77fc58b1973ba617 (patch) | |
| tree | 62dea477d184f69f97d5072129b7d52e29c6eb8d /ops/machines | |
| parent | c72c1efdebddd1d8d6c37c8efd360e1c3fcda90b (diff) | |
refactor(ops/modules): Move user configuration into module r/3838
Rather than defining all system users inline on whitby, move them into a module that can be imported on multiple machines. Configuration for terminfos that we've added follows along. Note that while doing this I've disabled logins for riking and isomer since they are currently inactive in TVL. Change-Id: Id18031d355afc34079c5e6e49dc6943e61809a8f Reviewed-on: https://cl.tvl.fyi/c/depot/+/5298 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: tazjin <tazjin@tvl.su>
Diffstat (limited to 'ops/machines')
| -rw-r--r-- | ops/machines/whitby/default.nix | 81 |
1 files changed, 1 insertions, 80 deletions
diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index 1965a661f91f..e9ec50da13d0 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -24,6 +24,7 @@ in "${depot.path}/ops/modules/sourcegraph.nix" "${depot.path}/ops/modules/tvl-buildkite.nix" "${depot.path}/ops/modules/tvl-slapd/default.nix" + "${depot.path}/ops/modules/tvl-users.nix" "${depot.path}/ops/modules/www/atward.tvl.fyi.nix" "${depot.path}/ops/modules/www/auth.tvl.fyi.nix" "${depot.path}/ops/modules/www/b.tvl.fyi.nix" @@ -456,24 +457,19 @@ in services.fail2ban.enable = true; environment.systemPackages = (with pkgs; [ - alacritty.terminfo bat bb curl direnv emacs-nox fd - foot.terminfo git htop hyperfine jq - # TODO(sterni): re-enable when the kitty build is fixed upstreams - # kitty.terminfo nano nvd ripgrep - rxvt_unicode.terminfo tree unzip vim @@ -645,81 +641,6 @@ in ]; users = { - users.tazjin = { - isNormalUser = true; - extraGroups = [ "git" "wheel" ]; - shell = pkgs.fish; - openssh.authorizedKeys.keys = depot.users.tazjin.keys.all; - }; - - users.lukegb = { - isNormalUser = true; - extraGroups = [ "git" "wheel" ]; - openssh.authorizedKeys.keys = depot.users.lukegb.keys.all; - }; - - users.grfn = { - isNormalUser = true; - extraGroups = [ "git" "wheel" ]; - openssh.authorizedKeys.keys = [ - depot.users.grfn.keys.whitby - ]; - }; - - users.isomer = { - isNormalUser = true; - extraGroups = [ "git" ]; - openssh.authorizedKeys.keys = depot.users.isomer.keys.all; - }; - - users.riking = { - isNormalUser = true; - extraGroups = [ "git" ]; - openssh.authorizedKeys.keys = depot.users.riking.keys.u2f ++ depot.users.riking.keys.passworded; - }; - - users.edef = { - isNormalUser = true; - extraGroups = [ "git" ]; - openssh.authorizedKeys.keys = depot.users.edef.keys.all; - }; - - users.qyliss = { - isNormalUser = true; - extraGroups = [ "git" ]; - openssh.authorizedKeys.keys = depot.users.qyliss.keys.all; - }; - - users.eta = { - isNormalUser = true; - extraGroups = [ "git" ]; - openssh.authorizedKeys.keys = depot.users.eta.keys.whitby; - }; - - users.cynthia = { - isNormalUser = true; # I'm normal OwO :3 - extraGroups = [ "git" ]; - openssh.authorizedKeys.keys = depot.users.cynthia.keys.all; - }; - - users.firefly = { - isNormalUser = true; - extraGroups = [ "git" ]; - openssh.authorizedKeys.keys = depot.users.firefly.keys.whitby; - }; - - users.sterni = { - isNormalUser = true; - extraGroups = [ "git" "wheel" ]; - openssh.authorizedKeys.keys = depot.users.sterni.keys.all; - }; - - users.flokli = { - isNormalUser = true; - extraGroups = [ "git" ]; - openssh.authorizedKeys.keys = depot.users.flokli.keys.all; - }; - # Set up a user & group for git shenanigans groups.git = { }; users.git = { |