Commit graph

17 commits

Author SHA1 Message Date
teutat3s eef268b21b
style: fix formatting
All checks were successful
Flake checks / Check (pull_request) Successful in 41m25s
2024-12-08 18:59:27 +01:00
b12f eb63779bb6
auth: use all sshPubKeys for disk unlock, fix tests, fix hm config
All checks were successful
Flake checks / Check (pull_request) Successful in 28m11s
2024-11-20 16:49:39 +01:00
b12f 2b72d9a5a8
style: run nix fmt 2024-11-20 16:49:39 +01:00
b12f 5366d07d44
auth: add user for each administrator
After this has been tested successfully, root SSH login can be disabled.

The advantages of having a user for each adminstrator:

* Better security analysis: who issued executed what command, who
  touched which file, who used sudo at which time.
* Possibility of granular access, e.g. person X is only allowed to
  manage service Y
2024-11-20 16:49:38 +01:00
teutat3s d085e49925
logins: add teutat3s secondary SSH public key
Some checks failed
Flake checks / Check (pull_request) Failing after 6m51s
2024-10-08 19:10:20 +02:00
b12f 1ec5bafa30
flora-6: remove
This commit removes the flora-6 host. All services are moved to
trinkgenossin, with the drone service being removed completely in favour
of forgejo actions.
2024-09-10 16:02:24 +02:00
teutat3s c856130766
logins: add ryzensun to teutat3s logins
All checks were successful
Flake checks / Check (pull_request) Successful in 2m34s
2024-05-09 01:58:15 +02:00
teutat3s 2ca0bd7c3e
style: run treefmt
All checks were successful
Flake checks / Check (pull_request) Successful in 2m36s
2024-05-08 22:57:07 +02:00
teutat3s 3caf085d0b
wireguard: add ryzensun to teutat3s' hosts
All checks were successful
Flake checks / Check (pull_request) Successful in 8m23s
2024-04-05 23:32:59 +02:00
Akshay Mankar cf1e6f8134
admins: Add axeman's wireguard device
All checks were successful
Flake checks / Check (pull_request) Successful in 8m48s
2024-04-05 15:41:21 +02:00
Benjamin Yule Bädorf 48845d6cf6
logins/wireguard: move teutat3s wireguard device 2024-04-05 11:09:31 +00:00
Hendrik Sokolowski c53adf51f7
logins: add judy for hensoko 2024-04-05 11:09:31 +00:00
Benjamin Yule Bädorf a795f0824f
logins: fix admin login merging 2024-04-05 11:09:31 +00:00
Benjamin Yule Bädorf 83125ae472
logins: check for missing wireguard device attribute 2024-04-05 11:09:31 +00:00
teutat3s 147ed44b9a
wireguard: add dumpyourvms 2024-04-05 11:09:31 +00:00
Benjamin Yule Bädorf 621e9336ed
wireguard: add basic keys 2024-04-05 11:09:31 +00:00
Benjamin Yule Bädorf eacf60974c
wireguard: initial commit 2024-04-05 11:09:31 +00:00