diff options
Diffstat (limited to 'ops')
-rw-r--r-- | ops/machines/all-systems.nix | 2 | ||||
-rw-r--r-- | ops/machines/whitby/default.nix | 10 | ||||
-rw-r--r-- | ops/modules/tvl-users.nix | 6 | ||||
-rw-r--r-- | ops/modules/www/wigglydonke.rs.nix | 2 | ||||
-rw-r--r-- | ops/secrets/secrets.nix | 10 |
5 files changed, 14 insertions, 16 deletions
diff --git a/ops/machines/all-systems.nix b/ops/machines/all-systems.nix index e2371d76e742..449d41a5f745 100644 --- a/ops/machines/all-systems.nix +++ b/ops/machines/all-systems.nix @@ -12,7 +12,7 @@ zamalek ]) ++ -(with depot.users.grfn.system.system; [ +(with depot.users.aspen.system.system; [ yeren mugwump ogopogo diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index d57f7698263f..4eb9135313a0 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -83,7 +83,7 @@ in authorizedKeys = depot.users.tazjin.keys.all ++ depot.users.lukegb.keys.all - ++ [ depot.users.grfn.keys.whitby ]; + ++ [ depot.users.aspen.keys.whitby ]; hostKeys = [ /etc/secrets/initrd_host_ed25519_key @@ -189,7 +189,7 @@ in secret-key-files = "/run/agenix/nix-cache-priv"; trusted-users = [ - "grfn" + "aspen" "lukegb" "tazjin" "sterni" @@ -201,7 +201,7 @@ in keys = with depot.users; tazjin.keys.all ++ lukegb.keys.all - ++ [ grfn.keys.whitby ] + ++ [ aspen.keys.whitby ] ++ sterni.keys.all ; }; @@ -565,8 +565,8 @@ in token_url = "https://auth.tvl.fyi/auth/realms/TVL/protocol/openid-connect/token"; api_url = "https://auth.tvl.fyi/auth/realms/TVL/protocol/openid-connect/userinfo"; - # Give lukegb, grfn, tazjin "Admin" rights. - role_attribute_path = "((sub == 'lukegb' || sub == 'grfn' || sub == 'tazjin') && 'Admin') || 'Editor'"; + # Give lukegb, aspen, tazjin "Admin" rights. + role_attribute_path = "((sub == 'lukegb' || sub == 'aspen' || sub == 'tazjin') && 'Admin') || 'Editor'"; # Allow creating new Grafana accounts from OAuth accounts. allow_sign_up = true; diff --git a/ops/modules/tvl-users.nix b/ops/modules/tvl-users.nix index d8269746a8f1..ea83b435f4e8 100644 --- a/ops/modules/tvl-users.nix +++ b/ops/modules/tvl-users.nix @@ -17,12 +17,10 @@ openssh.authorizedKeys.keys = depot.users.lukegb.keys.all; }; - users.grfn = { + users.aspen = { isNormalUser = true; extraGroups = [ "git" "wheel" ]; - openssh.authorizedKeys.keys = [ - depot.users.grfn.keys.whitby - ]; + openssh.authorizedKeys.keys = [ depot.users.aspen.keys.whitby ]; }; users.edef = { diff --git a/ops/modules/www/wigglydonke.rs.nix b/ops/modules/www/wigglydonke.rs.nix index 3d85e4eb9843..644016432513 100644 --- a/ops/modules/www/wigglydonke.rs.nix +++ b/ops/modules/www/wigglydonke.rs.nix @@ -9,7 +9,7 @@ services.nginx.virtualHosts."wigglydonke.rs" = { enableACME = true; forceSSL = true; - root = "${depot.path + "/users/grfn/wigglydonke.rs"}"; + root = "${depot.path + "/users/aspen/wigglydonke.rs"}"; }; }; } diff --git a/ops/secrets/secrets.nix b/ops/secrets/secrets.nix index cdaceedb3515..5cbf2bf612a2 100644 --- a/ops/secrets/secrets.nix +++ b/ops/secrets/secrets.nix @@ -11,7 +11,7 @@ let "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDBRXeb8EuecLHP0bW4zuebXp4KRnXgJTZfeVWXQ1n1R" ]; - grfn = [ + aspen = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMcBGBoWd5pPIIQQP52rcFOQN3wAY0J/+K2fuU6SffjA " ]; @@ -22,10 +22,10 @@ let sanduny = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOag0XhylaTVhmT6HB8EN2Fv5Ymrc4ZfypOXONUkykTX"; whitby = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNh/w4BSKov0jdz3gKBc98tpoLta5bb87fQXWBhAl2I"; - terraform.publicKeys = tazjin ++ grfn ++ sterni ++ flokli; - whitbyDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ whitby ]; - allDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ sanduny whitby ]; - sandunyDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ sanduny ]; + terraform.publicKeys = tazjin ++ aspen ++ sterni ++ flokli; + whitbyDefault.publicKeys = tazjin ++ aspen ++ sterni ++ [ whitby ]; + allDefault.publicKeys = tazjin ++ aspen ++ sterni ++ [ sanduny whitby ]; + sandunyDefault.publicKeys = tazjin ++ aspen ++ sterni ++ [ sanduny ]; in { "besadii.age" = whitbyDefault; |