| commit | 985a612c285e5bf324a4119bed53d0e1d02c4de0 | [log] [tgz] |
|---|---|---|
| author | Skyler Grey <sky@a.starrysky.fyi> | Wed Jul 17 22:00:16 2024 +0000 |
| committer | Skyler Grey <minion@clicks.codes> | Fri Aug 02 19:46:49 2024 +0000 |
| tree | 72c2d4f8552eeb00bd54893cd108b8b4b4bdeead | |
| parent | 4bf2de5c100d990d362ea999deb65d783d9fb3b6 [diff] |
feat(headscale): Add "friends" group to ACL Friends can access other people's machines, but they aren't allowed to access our servers. The use-case here is people who should be able to, e.g., use our headscale instance to play Minecraft with friends but should not, e.g., be able to access our finances through https://fava.clicks.codes Change-Id: Idaed7133c951edb6e1fcd6b0f58f363b65161028 Reviewed-on: https://git.clicks.codes/c/Infra/NixFiles/+/803 Reviewed-by: Skyler Grey <minion@clicks.codes> Tested-by: Skyler Grey <minion@clicks.codes>
This repository contains system configuration for Clicks's infrastructure.
Config is written using Snowfall lib. It keeps us organized and has some nice features like namespaces.
Devices are named after colors, areas are named as a letter, with the matching phonetic alphabet word. Areas are generally managed by one member of Clicks, who has full access to all of the servers in that area. If you require help for a specific area you can email admin@clicks.codes and in the subject line include the area you want help for.
| System | Description | Address |
|---|---|---|
| teal | Primary Host | teal.alpha.clicks.domains |
| a1d2 | Build Server | d2.a1.clicks.domains |
Deploys are done with deploy-rs, you'll need to be able to ssh into a machine with its hostname (either by a nifty .ssh/config rule or tailscale).
Once you've done that, you'll be able to deploy with
$ deploy .#MACHINE_NAME