about summary refs log tree commit diff
path: root/ops
diff options
context:
space:
mode:
Diffstat (limited to 'ops')
-rw-r--r--ops/machines/all-systems.nix2
-rw-r--r--ops/machines/whitby/default.nix10
-rw-r--r--ops/modules/tvl-users.nix6
-rw-r--r--ops/modules/www/wigglydonke.rs.nix2
-rw-r--r--ops/secrets/secrets.nix10
5 files changed, 14 insertions, 16 deletions
diff --git a/ops/machines/all-systems.nix b/ops/machines/all-systems.nix
index e2371d76e742..449d41a5f745 100644
--- a/ops/machines/all-systems.nix
+++ b/ops/machines/all-systems.nix
@@ -12,7 +12,7 @@
   zamalek
 ]) ++
 
-(with depot.users.grfn.system.system; [
+(with depot.users.aspen.system.system; [
   yeren
   mugwump
   ogopogo
diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix
index d57f7698263f..4eb9135313a0 100644
--- a/ops/machines/whitby/default.nix
+++ b/ops/machines/whitby/default.nix
@@ -83,7 +83,7 @@ in
           authorizedKeys =
             depot.users.tazjin.keys.all
             ++ depot.users.lukegb.keys.all
-            ++ [ depot.users.grfn.keys.whitby ];
+            ++ [ depot.users.aspen.keys.whitby ];
 
           hostKeys = [
             /etc/secrets/initrd_host_ed25519_key
@@ -189,7 +189,7 @@ in
       secret-key-files = "/run/agenix/nix-cache-priv";
 
       trusted-users = [
-        "grfn"
+        "aspen"
         "lukegb"
         "tazjin"
         "sterni"
@@ -201,7 +201,7 @@ in
       keys = with depot.users;
         tazjin.keys.all
         ++ lukegb.keys.all
-        ++ [ grfn.keys.whitby ]
+        ++ [ aspen.keys.whitby ]
         ++ sterni.keys.all
       ;
     };
@@ -565,8 +565,8 @@ in
         token_url = "https://auth.tvl.fyi/auth/realms/TVL/protocol/openid-connect/token";
         api_url = "https://auth.tvl.fyi/auth/realms/TVL/protocol/openid-connect/userinfo";
 
-        # Give lukegb, grfn, tazjin "Admin" rights.
-        role_attribute_path = "((sub == 'lukegb' || sub == 'grfn' || sub == 'tazjin') && 'Admin') || 'Editor'";
+        # Give lukegb, aspen, tazjin "Admin" rights.
+        role_attribute_path = "((sub == 'lukegb' || sub == 'aspen' || sub == 'tazjin') && 'Admin') || 'Editor'";
 
         # Allow creating new Grafana accounts from OAuth accounts.
         allow_sign_up = true;
diff --git a/ops/modules/tvl-users.nix b/ops/modules/tvl-users.nix
index d8269746a8f1..ea83b435f4e8 100644
--- a/ops/modules/tvl-users.nix
+++ b/ops/modules/tvl-users.nix
@@ -17,12 +17,10 @@
       openssh.authorizedKeys.keys = depot.users.lukegb.keys.all;
     };
 
-    users.grfn = {
+    users.aspen = {
       isNormalUser = true;
       extraGroups = [ "git" "wheel" ];
-      openssh.authorizedKeys.keys = [
-        depot.users.grfn.keys.whitby
-      ];
+      openssh.authorizedKeys.keys = [ depot.users.aspen.keys.whitby ];
     };
 
     users.edef = {
diff --git a/ops/modules/www/wigglydonke.rs.nix b/ops/modules/www/wigglydonke.rs.nix
index 3d85e4eb9843..644016432513 100644
--- a/ops/modules/www/wigglydonke.rs.nix
+++ b/ops/modules/www/wigglydonke.rs.nix
@@ -9,7 +9,7 @@
     services.nginx.virtualHosts."wigglydonke.rs" = {
       enableACME = true;
       forceSSL = true;
-      root = "${depot.path + "/users/grfn/wigglydonke.rs"}";
+      root = "${depot.path + "/users/aspen/wigglydonke.rs"}";
     };
   };
 }
diff --git a/ops/secrets/secrets.nix b/ops/secrets/secrets.nix
index cdaceedb3515..5cbf2bf612a2 100644
--- a/ops/secrets/secrets.nix
+++ b/ops/secrets/secrets.nix
@@ -11,7 +11,7 @@ let
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDBRXeb8EuecLHP0bW4zuebXp4KRnXgJTZfeVWXQ1n1R"
   ];
 
-  grfn = [
+  aspen = [
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMcBGBoWd5pPIIQQP52rcFOQN3wAY0J/+K2fuU6SffjA "
   ];
 
@@ -22,10 +22,10 @@ let
   sanduny = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOag0XhylaTVhmT6HB8EN2Fv5Ymrc4ZfypOXONUkykTX";
   whitby = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNh/w4BSKov0jdz3gKBc98tpoLta5bb87fQXWBhAl2I";
 
-  terraform.publicKeys = tazjin ++ grfn ++ sterni ++ flokli;
-  whitbyDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ whitby ];
-  allDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ sanduny whitby ];
-  sandunyDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ sanduny ];
+  terraform.publicKeys = tazjin ++ aspen ++ sterni ++ flokli;
+  whitbyDefault.publicKeys = tazjin ++ aspen ++ sterni ++ [ whitby ];
+  allDefault.publicKeys = tazjin ++ aspen ++ sterni ++ [ sanduny whitby ];
+  sandunyDefault.publicKeys = tazjin ++ aspen ++ sterni ++ [ sanduny ];
 in
 {
   "besadii.age" = whitbyDefault;