pub-solar/infra
6
1
Fork 3
Code Issues 25 Pull requests 11 Actions Packages Projects 1 Releases Wiki Activity

auth: add user for each administrator #261

Merged
teutat3s merged 7 commits from per-admin-user into main 2024-11-28 16:16:35 +00:00
Conversation 5 Commits 7 Files changed 19 +153 -139

7 commits

Author SHA1 Message Date
teutat3s aee317b463
flake: format
Some checks failed
Flake checks / Check (pull_request) Failing after 46m45s
Details
2024-11-26 17:58:30 +01:00
teutat3s 98b546f587
docs: update for per admin user SSH access 2024-11-26 17:58:26 +01:00
teutat3s 42b3052091
deploy: remove hard-coded SSH user barkeeper 2024-11-26 17:56:15 +01:00
b12f eb63779bb6
auth: use all sshPubKeys for disk unlock, fix tests, fix hm config
All checks were successful
Flake checks / Check (pull_request) Successful in 28m11s
Details
2024-11-20 16:49:39 +01:00
b12f acc537decd
hosts: use correct wireguardDevices option 2024-11-20 16:49:39 +01:00
b12f 2b72d9a5a8
style: run nix fmt 2024-11-20 16:49:39 +01:00
b12f 5366d07d44
auth: add user for each administrator 
After this has been tested successfully, root SSH login can be disabled.

The advantages of having a user for each adminstrator:

* Better security analysis: who issued executed what command, who
  touched which file, who used sudo at which time.
* Possibility of granular access, e.g. person X is only allowed to
  manage service Y
 2024-11-20 16:49:38 +01:00