Gitiles
Code Review Sign In
git.clicks.codes / Chimera / NixFiles / 9d53965cf6976b37d37cb478524c6481af1ccd33^! / . / systems / x86_64-linux / greylag
commit9d53965cf6976b37d37cb478524c6481af1ccd33[log] [tgz]
authorSkyler Grey <minion@clicks.codes>Sun Jun 30 23:44:06 2024 +0000
committerSkyler Grey <minion@clicks.codes>Mon Jul 01 01:18:06 2024 +0000
treee8114818869b7e8af4babd426a7de896f4061831
parent3883b646c585757edabf8eb2d223fb3557fa83d4 [diff]
feat(greylag): Add coded

Coded should be able to ssh to greylag and use sudo commands. To
facilitate this, let's give him a user

Change-Id: I5e74200ed984c1258e0c6482d32a97c7a426bcc8
Reviewed-on: https://git.clicks.codes/c/Chimera/NixFiles/+/774
Tested-by: Skyler Grey <minion@clicks.codes>
Reviewed-by: Skyler Grey <minion@clicks.codes>

diff --git a/systems/x86_64-linux/greylag/users/default.nix b/systems/x86_64-linux/greylag/users/default.nix
index 66e3f73..537bc99 100644
--- a/systems/x86_64-linux/greylag/users/default.nix
+++ b/systems/x86_64-linux/greylag/users/default.nix

@@ -2,6 +2,8 @@
 {
   users.users.minion.hashedPasswordFile =
     config.sops.secrets."systems/x86_64-linux/greylag/users/passwords.sops.minion.json:minion".path;
+  users.users.coded.hashedPasswordFile =
+    config.sops.secrets."systems/x86_64-linux/greylag/users/passwords.sops.minion.json:coded".path;
 
   sops.secrets."systems/x86_64-linux/greylag/users/passwords.sops.minion.json:minion" = {
     mode = "0400";
@@ -12,4 +14,13 @@
     key = "minion";
     neededForUsers = true;
   };
+  sops.secrets."systems/x86_64-linux/greylag/users/passwords.sops.minion.json:coded" = {
+    mode = "0400";
+    owner = config.users.users.root.name;
+    group = config.users.users.root.group;
+    sopsFile = ./passwords.sops.minion.json;
+    format = "json";
+    key = "coded";
+    neededForUsers = true;
+  };
 }

diff --git a/systems/x86_64-linux/greylag/users/passwords.sops.minion.json b/systems/x86_64-linux/greylag/users/passwords.sops.minion.json
index f5f5f2d..d36423f 100644
--- a/systems/x86_64-linux/greylag/users/passwords.sops.minion.json
+++ b/systems/x86_64-linux/greylag/users/passwords.sops.minion.json

@@ -1,13 +1,14 @@
 {
 	"minion": "ENC[AES256_GCM,data:oXHG5HiGFQ2fYFfhvxMubgadEeWVj7rn0H+3Ql7OkHXoxVDH13LkQAG6LmTMHdTkAALCLRZ9NV+iZ40S,iv:/ZfjWMCHYgct0kkVdZhQ2bRkTkN24bq7eDheFzkpUro=,tag:Hv4agIYRWx0FNYyQ18tu7g==,type:str]",
+	"coded": "ENC[AES256_GCM,data:NMGEC2o5NPEW4NZR1+fvK64tMlIIYLzesIKbFD8I1jBLmKs0usDsxd68XJryrzR+FPcl38iLsjiw3Uj1,iv:wUzOfaLyluiRdMbyL22Jh+Mhp3nES6ii10J2wcWlxI8=,tag:1WY0k1IYy5ij7jKUeLoISQ==,type:str]",
 	"sops": {
 		"kms": null,
 		"gcp_kms": null,
 		"azure_kv": null,
 		"hc_vault": null,
 		"age": null,
-		"lastmodified": "2024-02-24T00:15:23Z",
-		"mac": "ENC[AES256_GCM,data:Nv7v6Jevfqogl02oMDb7oishg3QtuYnFXscHXwe0UtRWpRt1f0lB5tXMdXttzlC/Axvywjxnr3NoF4Mo1mw25hSpZGaAhm7lqJZpGIGWFOCaMCKKuRQ4GwlbmeKDD1JYYYeaKxsosYM8EU/QP8IyKUdfkZz84raXv55joi+bJUU=,iv:PX0SaHCStXu/VOddeL/LzAf2xDK3BCcWxGWSLW5GOpw=,tag:TmYsojaN+IWmaqU4oYBECA==,type:str]",
+		"lastmodified": "2024-06-15T13:56:19Z",
+		"mac": "ENC[AES256_GCM,data:Gjx5000IwynQtbUfY1W78BUoWwOV08Xps2EBdFNseQVo5AlkEDYSbFUkV9GhnL0xBot/7R0ls158Rq8+twYcp6O5IB83gCaWisg7PaeC9UM8Ag13M3KpdEhImF9fzsanW+52338OPK48WD4Ul1C+zK5S7lNSq4v6oU3IlO9b29o=,iv:W4O1fF9E/uo4uQet9JbyAO4JycoLVhqXo9w+rCKYOHs=,tag:OTsyiJLDDV3UPhiHw/9gLg==,type:str]",
 		"pgp": [
 			{
 				"created_at": "2024-02-23T18:06:19Z",