From ccae7987be59b8a30e98f0429bd78479f6f7c7bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Wed, 4 Oct 2023 14:51:54 +0200 Subject: Move dilion user to private --- systems/backup-2/flake.lock | 26 +++++++++++++------------- systems/dilion/base.nix | 12 ------------ systems/dilion/flake.lock | 14 +++++++------- systems/eldiron/flake.lock | 26 +++++++++++++------------- systems/monitoring-1/flake.lock | 18 +++++++++--------- systems/quatresaisons/flake.lock | 10 +++++----- systems/zoldene/flake.lock | 6 +++--- 7 files changed, 50 insertions(+), 62 deletions(-) (limited to 'systems') diff --git a/systems/backup-2/flake.lock b/systems/backup-2/flake.lock index e8f5ca8..507aaf6 100644 --- a/systems/backup-2/flake.lock +++ b/systems/backup-2/flake.lock @@ -22,7 +22,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-axj8Eo6qOPyh4DOk9cKEKqjpMjX5y5EDSB8Myxdm5jg=", + "narHash": "sha256-5xTmX1Pq80U/1q27508T1SVJDQXAdmTHGhVyA7lqnPg=", "path": "../../flakes/private/chatons", "type": "path" }, @@ -74,7 +74,7 @@ "environment": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -86,7 +86,7 @@ "environment_2": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../../flakes/private/environment", "type": "path" }, @@ -98,7 +98,7 @@ "environment_3": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -110,7 +110,7 @@ "environment_4": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -122,7 +122,7 @@ "environment_5": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -134,7 +134,7 @@ "environment_6": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -146,7 +146,7 @@ "environment_7": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -352,7 +352,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-9LJl0FUGZEsz5BY5YYzob5n0lz5YgEl6aoIYUkX+M5w=", + "narHash": "sha256-TYEdgBGt7mWEBdXMmuc+lmgRpsOJUlW55Y1atGlcpvU=", "path": "../../flakes/private/mail-relay", "type": "path" }, @@ -371,7 +371,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-8+5NUGSYepO6Pq3+9C4EaEJJTofaBUKSXJeeCFOQcnA=", + "narHash": "sha256-Q8RIW88dtLmxFy8ziw49PhWjU70fKJ8gO9SjdRr2ySw=", "path": "../../flakes/private/milters", "type": "path" }, @@ -389,7 +389,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-wQqciZXrwEBaeiBKJ3KMxx3hw89nlSCxT8tWf0apgHQ=", + "narHash": "sha256-rybO4c9UB9a34Xgoh+ToYz36Dz2OM1sgYxi3m00+W+E=", "path": "../../flakes/private/monitoring", "type": "path" }, @@ -925,7 +925,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-sTdenwe4616pSUR51SYGatczdwnDH2syuAG0RchZGVY=", + "narHash": "sha256-C75rGGf2EOkXc04RkzpTkyWOGF3GMZElDyvLSa4MsiI=", "path": "../../flakes/private/opendmarc", "type": "path" }, @@ -1104,7 +1104,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-biwf4E+pVKyOync6HNfiAMOsiyc20qbVM4ruqzGxupA=", + "narHash": "sha256-gxXgjqYGC3Nv6g42OOdU1d+HideZ4vXBZbbpBjlKsvg=", "path": "../../flakes/private/system", "type": "path" }, diff --git a/systems/dilion/base.nix b/systems/dilion/base.nix index ac4bdaf..c2778e3 100644 --- a/systems/dilion/base.nix +++ b/systems/dilion/base.nix @@ -30,7 +30,6 @@ "/boot" = { fsType = "ext4"; device = "/dev/disk/by-uuid/fd1c511e-2bc0-49d5-b8bb-95e7e8c8c816"; }; "/etc" = { fsType = "zfs"; device = "zpool/root/etc"; }; "/home" = { fsType = "zfs"; device = "zpool/root/home"; }; - "/home/immae" = { fsType = "zfs"; device = "zpool/root/home/immae"; }; "/tmp" = { fsType = "zfs"; device = "zpool/root/tmp"; }; "/var" = { fsType = "zfs"; device = "zpool/root/var"; }; "/data" = { fsType = "ext4"; label = "data"; }; @@ -147,23 +146,12 @@ in ["command=\"${pkgs.zrepl}/bin/zrepl stdinserver --config ${zreplConfig} eldiron\",restrict ${config.myEnv.zrepl_backup.ssh_key.public}"]; }; - security.sudo.extraRules = pkgs.lib.mkAfter [ - { - commands = [ - { command = "/home/immae/.nix-profile/root_scripts/*"; options = [ "NOPASSWD" ]; } - ]; - users = [ "immae" ]; - runAs = "root"; - } - ]; virtualisation.docker.enable = true; virtualisation.docker.storageDriver = "zfs"; virtualisation.libvirtd.enable = true; virtualisation.libvirtd.qemu.package = pkgs-no-overlay.qemu; systemd.services.libvirtd.path = lib.mkAfter [ config.boot.zfs.package ]; - users.groups.immae = {}; - users.extraUsers.immae.extraGroups = [ "immae" "libvirtd" "docker" ]; systemd.services.libvirtd.postStart = '' install -m 0770 -g libvirtd -d /var/lib/libvirt/images ''; diff --git a/systems/dilion/flake.lock b/systems/dilion/flake.lock index ecaa2d6..8accc4e 100644 --- a/systems/dilion/flake.lock +++ b/systems/dilion/flake.lock @@ -59,7 +59,7 @@ "environment": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../../flakes/private/environment", "type": "path" }, @@ -71,7 +71,7 @@ "environment_2": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -83,7 +83,7 @@ "environment_3": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -95,7 +95,7 @@ "environment_4": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -219,7 +219,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-wQqciZXrwEBaeiBKJ3KMxx3hw89nlSCxT8tWf0apgHQ=", + "narHash": "sha256-rybO4c9UB9a34Xgoh+ToYz36Dz2OM1sgYxi3m00+W+E=", "path": "../../flakes/private/monitoring", "type": "path" }, @@ -605,7 +605,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-zTBAHZAowKOG9MUCEkBhOuAdEEgCAMQIQRafgbi0bWw=", + "narHash": "sha256-Xr6wtT00fyC0QhwHb6+nHcwlSPlHBShzPNZFxBaC83Y=", "path": "../../flakes/private/ssh", "type": "path" }, @@ -640,7 +640,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-biwf4E+pVKyOync6HNfiAMOsiyc20qbVM4ruqzGxupA=", + "narHash": "sha256-gxXgjqYGC3Nv6g42OOdU1d+HideZ4vXBZbbpBjlKsvg=", "path": "../../flakes/private/system", "type": "path" }, diff --git a/systems/eldiron/flake.lock b/systems/eldiron/flake.lock index 089367c..3548e7a 100644 --- a/systems/eldiron/flake.lock +++ b/systems/eldiron/flake.lock @@ -129,7 +129,7 @@ "environment": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -141,7 +141,7 @@ "environment_2": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -153,7 +153,7 @@ "environment_3": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -165,7 +165,7 @@ "environment_4": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -177,7 +177,7 @@ "environment_5": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -189,7 +189,7 @@ "environment_6": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -2005,7 +2005,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-axj8Eo6qOPyh4DOk9cKEKqjpMjX5y5EDSB8Myxdm5jg=", + "narHash": "sha256-5xTmX1Pq80U/1q27508T1SVJDQXAdmTHGhVyA7lqnPg=", "path": "../../flakes/private/chatons", "type": "path" }, @@ -2017,7 +2017,7 @@ "private-environment": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../../flakes/private/environment", "type": "path" }, @@ -2036,7 +2036,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-8+5NUGSYepO6Pq3+9C4EaEJJTofaBUKSXJeeCFOQcnA=", + "narHash": "sha256-Q8RIW88dtLmxFy8ziw49PhWjU70fKJ8gO9SjdRr2ySw=", "path": "../../flakes/private/milters", "type": "path" }, @@ -2054,7 +2054,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-wQqciZXrwEBaeiBKJ3KMxx3hw89nlSCxT8tWf0apgHQ=", + "narHash": "sha256-rybO4c9UB9a34Xgoh+ToYz36Dz2OM1sgYxi3m00+W+E=", "path": "../../flakes/private/monitoring", "type": "path" }, @@ -2089,7 +2089,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-sTdenwe4616pSUR51SYGatczdwnDH2syuAG0RchZGVY=", + "narHash": "sha256-C75rGGf2EOkXc04RkzpTkyWOGF3GMZElDyvLSa4MsiI=", "path": "../../flakes/private/opendmarc", "type": "path" }, @@ -2165,7 +2165,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-zTBAHZAowKOG9MUCEkBhOuAdEEgCAMQIQRafgbi0bWw=", + "narHash": "sha256-Xr6wtT00fyC0QhwHb6+nHcwlSPlHBShzPNZFxBaC83Y=", "path": "../../flakes/private/ssh", "type": "path" }, @@ -2184,7 +2184,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-biwf4E+pVKyOync6HNfiAMOsiyc20qbVM4ruqzGxupA=", + "narHash": "sha256-gxXgjqYGC3Nv6g42OOdU1d+HideZ4vXBZbbpBjlKsvg=", "path": "../../flakes/private/system", "type": "path" }, diff --git a/systems/monitoring-1/flake.lock b/systems/monitoring-1/flake.lock index 62fed01..305e24d 100644 --- a/systems/monitoring-1/flake.lock +++ b/systems/monitoring-1/flake.lock @@ -22,7 +22,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-axj8Eo6qOPyh4DOk9cKEKqjpMjX5y5EDSB8Myxdm5jg=", + "narHash": "sha256-5xTmX1Pq80U/1q27508T1SVJDQXAdmTHGhVyA7lqnPg=", "path": "../../flakes/private/chatons", "type": "path" }, @@ -74,7 +74,7 @@ "environment": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -86,7 +86,7 @@ "environment_2": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../../flakes/private/environment", "type": "path" }, @@ -98,7 +98,7 @@ "environment_3": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -110,7 +110,7 @@ "environment_4": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -122,7 +122,7 @@ "environment_5": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -259,7 +259,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-9LJl0FUGZEsz5BY5YYzob5n0lz5YgEl6aoIYUkX+M5w=", + "narHash": "sha256-TYEdgBGt7mWEBdXMmuc+lmgRpsOJUlW55Y1atGlcpvU=", "path": "../../flakes/private/mail-relay", "type": "path" }, @@ -277,7 +277,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-wQqciZXrwEBaeiBKJ3KMxx3hw89nlSCxT8tWf0apgHQ=", + "narHash": "sha256-rybO4c9UB9a34Xgoh+ToYz36Dz2OM1sgYxi3m00+W+E=", "path": "../../flakes/private/monitoring", "type": "path" }, @@ -735,7 +735,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-biwf4E+pVKyOync6HNfiAMOsiyc20qbVM4ruqzGxupA=", + "narHash": "sha256-gxXgjqYGC3Nv6g42OOdU1d+HideZ4vXBZbbpBjlKsvg=", "path": "../../flakes/private/system", "type": "path" }, diff --git a/systems/quatresaisons/flake.lock b/systems/quatresaisons/flake.lock index b38cb3d..6a11318 100644 --- a/systems/quatresaisons/flake.lock +++ b/systems/quatresaisons/flake.lock @@ -59,7 +59,7 @@ "environment": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../../flakes/private/environment", "type": "path" }, @@ -71,7 +71,7 @@ "environment_2": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -83,7 +83,7 @@ "environment_3": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -239,7 +239,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-wQqciZXrwEBaeiBKJ3KMxx3hw89nlSCxT8tWf0apgHQ=", + "narHash": "sha256-rybO4c9UB9a34Xgoh+ToYz36Dz2OM1sgYxi3m00+W+E=", "path": "../../flakes/private/monitoring", "type": "path" }, @@ -712,7 +712,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-biwf4E+pVKyOync6HNfiAMOsiyc20qbVM4ruqzGxupA=", + "narHash": "sha256-gxXgjqYGC3Nv6g42OOdU1d+HideZ4vXBZbbpBjlKsvg=", "path": "../../flakes/private/system", "type": "path" }, diff --git a/systems/zoldene/flake.lock b/systems/zoldene/flake.lock index d374bc9..f207694 100644 --- a/systems/zoldene/flake.lock +++ b/systems/zoldene/flake.lock @@ -59,7 +59,7 @@ "environment": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../environment", "type": "path" }, @@ -436,7 +436,7 @@ "private-environment": { "locked": { "lastModified": 1, - "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", + "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", "path": "../../flakes/private/environment", "type": "path" }, @@ -455,7 +455,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-biwf4E+pVKyOync6HNfiAMOsiyc20qbVM4ruqzGxupA=", + "narHash": "sha256-gxXgjqYGC3Nv6g42OOdU1d+HideZ4vXBZbbpBjlKsvg=", "path": "../../flakes/private/system", "type": "path" }, -- cgit v1.2.3