[skip ci]: granted trainees permission to a server to test stuff out
This commit is contained in:
parent
21612fed13
commit
03add8f999
2 changed files with 27 additions and 11 deletions
|
|
@ -17,6 +17,12 @@ Notes:
|
|||
name = "marvin";
|
||||
ip_pub = "193.1.99.81";
|
||||
hostname = "${name}.skynet.ie";
|
||||
|
||||
groups = [
|
||||
"skynet-admins-linux"
|
||||
"skynet-trainees-linux"
|
||||
];
|
||||
groups_trusted = map (x: "@${x}") groups;
|
||||
in {
|
||||
imports = [
|
||||
];
|
||||
|
|
@ -31,17 +37,17 @@ in {
|
|||
};
|
||||
|
||||
# allow trainees to deploy
|
||||
nix.settings.trusted-users = [
|
||||
"root"
|
||||
"@skynet-admins-linux"
|
||||
"@skynet-trainees-linux"
|
||||
];
|
||||
nix.settings.trusted-users =
|
||||
[
|
||||
"root"
|
||||
]
|
||||
++ groups_trusted;
|
||||
|
||||
# allow trainees access
|
||||
services.skynet_ldap_client.groups = [
|
||||
"skynet-admins-linux"
|
||||
"skynet-trainees-linux"
|
||||
];
|
||||
services.skynet_ldap_client = {
|
||||
groups = groups;
|
||||
sudo_groups = groups;
|
||||
};
|
||||
|
||||
skynet_dns.records = [
|
||||
{
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue