1 files changed, 12 insertions, 23 deletions

diff --git a/ops/modules/tvl-users.nix b/ops/modules/tvl-users.nix
index c01809e0e6..ea83b435f4 100644
--- a/ops/modules/tvl-users.nix
+++ b/ops/modules/tvl-users.nix
@@ -17,12 +17,10 @@
       openssh.authorizedKeys.keys = depot.users.lukegb.keys.all;
     };
 
-    users.grfn = {
+    users.aspen = {
       isNormalUser = true;
       extraGroups = [ "git" "wheel" ];
-      openssh.authorizedKeys.keys = [
-        depot.users.grfn.keys.whitby
-      ];
+      openssh.authorizedKeys.keys = [ depot.users.aspen.keys.whitby ];
     };
 
     users.edef = {
@@ -33,6 +31,7 @@
 
     users.qyliss = {
       isNormalUser = true;
+      description = "Alyssa Ross";
       extraGroups = [ "git" ];
       openssh.authorizedKeys.keys = depot.users.qyliss.keys.all;
     };
@@ -63,32 +62,22 @@
 
     users.flokli = {
       isNormalUser = true;
-      extraGroups = [ "git" ];
+      extraGroups = [ "git" "wheel" ];
       openssh.authorizedKeys.keys = depot.users.flokli.keys.all;
     };
-
-    # Temporarily disabled (inactive) users.
-    users.isomer = {
-      isNormalUser = true;
-      extraGroups = [ "git" ];
-      shell = "${pkgs.shadow}/bin/nologin";
-      openssh.authorizedKeys.keys = depot.users.isomer.keys.all;
-    };
-
-    users.riking = {
-      isNormalUser = true;
-      extraGroups = [ "git" ];
-      shell = "${pkgs.shadow}/bin/nologin";
-      openssh.authorizedKeys.keys = depot.users.riking.keys.u2f ++ depot.users.riking.keys.passworded;
-    };
   };
 
+  programs.fish.enable = true;
+
   environment.systemPackages = with pkgs; [
     alacritty.terminfo
     foot.terminfo
     rxvt-unicode-unwrapped.terminfo
-
-    # TODO(sterni): re-enable when the kitty build is fixed upstreams
-    # kitty.terminfo
+    kitty.terminfo
   ];
+
+  security.sudo.extraRules = [{
+    groups = [ "wheel" ];
+    commands = [{ command = "ALL"; options = [ "NOPASSWD" ]; }];
+  }];
 }