chore(users): grfn -> aspen

Change-Id: I6c6847fac56f0a9a1a2209792e00a3aec5e672b9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10809 Autosubmit: aspen <root@gws.fyi> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
2024-02-11 22:00:40 -05:00 · 2024-02-11 22:00:40 -05:00 · 82ecd61f5c
commit 82ecd61f5c
parent 0ba476a426
478 changed files with 75 additions and 77 deletions
--- a/ops/machines/all-systems.nix
+++ b/ops/machines/all-systems.nix
@ -12,7 +12,7 @@
  zamalek
 ]) ++

-(with depot.users.grfn.system.system; [
+(with depot.users.aspen.system.system; [
  yeren
  mugwump
  ogopogo
--- a/ops/machines/whitby/default.nix
+++ b/ops/machines/whitby/default.nix
@ -83,7 +83,7 @@ in
          authorizedKeys =
            depot.users.tazjin.keys.all
            ++ depot.users.lukegb.keys.all
-            ++ [ depot.users.grfn.keys.whitby ];
+            ++ [ depot.users.aspen.keys.whitby ];

          hostKeys = [
            /etc/secrets/initrd_host_ed25519_key
@ -189,7 +189,7 @@ in
      secret-key-files = "/run/agenix/nix-cache-priv";

      trusted-users = [
-        "grfn"
+        "aspen"
        "lukegb"
        "tazjin"
        "sterni"
@ -201,7 +201,7 @@ in
      keys = with depot.users;
        tazjin.keys.all
        ++ lukegb.keys.all
-        ++ [ grfn.keys.whitby ]
+        ++ [ aspen.keys.whitby ]
        ++ sterni.keys.all
      ;
    };
@ -565,8 +565,8 @@ in
        token_url = "https://auth.tvl.fyi/auth/realms/TVL/protocol/openid-connect/token";
        api_url = "https://auth.tvl.fyi/auth/realms/TVL/protocol/openid-connect/userinfo";

-        # Give lukegb, grfn, tazjin "Admin" rights.
-        role_attribute_path = "((sub == 'lukegb' || sub == 'grfn' || sub == 'tazjin') && 'Admin') || 'Editor'";
+        # Give lukegb, aspen, tazjin "Admin" rights.
+        role_attribute_path = "((sub == 'lukegb' || sub == 'aspen' || sub == 'tazjin') && 'Admin') || 'Editor'";

        # Allow creating new Grafana accounts from OAuth accounts.
        allow_sign_up = true;
--- a/ops/modules/tvl-users.nix
+++ b/ops/modules/tvl-users.nix
@ -17,12 +17,10 @@
      openssh.authorizedKeys.keys = depot.users.lukegb.keys.all;
    };

-    users.grfn = {
+    users.aspen = {
      isNormalUser = true;
      extraGroups = [ "git" "wheel" ];
-      openssh.authorizedKeys.keys = [
-        depot.users.grfn.keys.whitby
-      ];
+      openssh.authorizedKeys.keys = [ depot.users.aspen.keys.whitby ];
    };

    users.edef = {
--- a/ops/modules/www/wigglydonke.rs.nix
+++ b/ops/modules/www/wigglydonke.rs.nix
@ -9,7 +9,7 @@
    services.nginx.virtualHosts."wigglydonke.rs" = {
      enableACME = true;
      forceSSL = true;
-      root = "${depot.path + "/users/grfn/wigglydonke.rs"}";
+      root = "${depot.path + "/users/aspen/wigglydonke.rs"}";
    };
  };
 }
--- a/ops/secrets/secrets.nix
+++ b/ops/secrets/secrets.nix
@ -11,7 +11,7 @@ let
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDBRXeb8EuecLHP0bW4zuebXp4KRnXgJTZfeVWXQ1n1R"
  ];

-  grfn = [
+  aspen = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMcBGBoWd5pPIIQQP52rcFOQN3wAY0J/+K2fuU6SffjA "
  ];

@ -22,10 +22,10 @@ let
  sanduny = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOag0XhylaTVhmT6HB8EN2Fv5Ymrc4ZfypOXONUkykTX";
  whitby = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNh/w4BSKov0jdz3gKBc98tpoLta5bb87fQXWBhAl2I";

-  terraform.publicKeys = tazjin ++ grfn ++ sterni ++ flokli;
-  whitbyDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ whitby ];
-  allDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ sanduny whitby ];
-  sandunyDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ sanduny ];
+  terraform.publicKeys = tazjin ++ aspen ++ sterni ++ flokli;
+  whitbyDefault.publicKeys = tazjin ++ aspen ++ sterni ++ [ whitby ];
+  allDefault.publicKeys = tazjin ++ aspen ++ sterni ++ [ sanduny whitby ];
+  sandunyDefault.publicKeys = tazjin ++ aspen ++ sterni ++ [ sanduny ];
 in
 {
  "besadii.age" = whitbyDefault;