| commit | 2154d2208807dbe7f5579138a2a8595b99a66a3c | [log] [tgz] |
|---|---|---|
| author | Skyler Grey <minion@clicks.codes> | Mon Jun 10 17:17:51 2024 +0000 |
| committer | Samuel Shuert <coded@clicks.codes> | Mon Jun 10 17:29:42 2024 +0000 |
| tree | d03f4b5a08f1ba15d01754d925a0bccd5ad66e36 | |
| parent | 107cb5e892d3f22c9603ff1b2e02f0ae68bc844d [diff] |
feat(teal): Add headscale ACLs Currently the ACLs are pretty basic: users (that is currently coded, minion, pineafan) can access anything. areas (that is devices which we are running as servers) can only access other areas. We can work on more complex ACLs in the future, but for now this is preferable to nothing. Refs: 36dcad1f5f4583a12c23e160929fda467f5574cbd0aba00d Change-Id: I07b42bff444eb0d3d766a070578b97460443aa31 Reviewed-on: https://git.clicks.codes/c/Infra/NixFiles/+/745 Reviewed-by: Samuel Shuert <coded@clicks.codes> Tested-by: Skyler Grey <minion@clicks.codes>
This repository contains system configuration for Clicks's infrastructure.
Config is written using Snowfall lib. It keeps us organized and has some nice features like namespaces.
Devices are named after colors, areas are named as a letter, with the matching phonetic alphabet word. Areas are generally managed by one member of Clicks, who has full access to all of the servers in that area. If you require help for a specific area you can email admin@clicks.codes and in the subject line include the area you want help for.
| System | Description | Address |
|---|---|---|
| teal | Primary Host | teal.alpha.clicks.domains |
| a1d2 | Build Server | d2.a1.clicks.domains |
Deploys are done with deploy-rs, you'll need to be able to ssh into a machine with its hostname (either by a nifty .ssh/config rule or tailscale).
Once you've done that, you'll be able to deploy with
$ deploy .#MACHINE_NAME