From b3a25143d69385d81f042424858f441f39c5bd48 Mon Sep 17 00:00:00 2001 From: Noah Metz Date: Sun, 3 Dec 2023 15:10:47 -0700 Subject: [PATCH] Added default password for base image, added new sudoers file for machines to allow aws to sudo --- aws.scm | 1 + kerberos.metznet.ca.scm | 9 +++------ ldap.metznet.ca.scm | 9 +++------ vpn.metznet.ca.scm | 9 +++------ 4 files changed, 10 insertions(+), 18 deletions(-) diff --git a/aws.scm b/aws.scm index 698f715..0f1d9cd 100644 --- a/aws.scm +++ b/aws.scm @@ -27,6 +27,7 @@ (users (cons (user-account (name "aws") (group "aws") + (password (crypt "aws" "$6$change")) (shell (file-append zsh "/bin/zsh"))) %base-user-accounts)) (sudoers-file (plain-file "sudoers" diff --git a/kerberos.metznet.ca.scm b/kerberos.metznet.ca.scm index e703346..00be04e 100644 --- a/kerberos.metznet.ca.scm +++ b/kerberos.metznet.ca.scm @@ -19,19 +19,16 @@ (device (file-system-label "krb-guix-data")) (mount-point "/") (type "ext4")) %base-file-systems)) - (groups (cons (user-group - (system? #t) - (name "admin")) %metznet-base-groups)) (users (cons (user-account (name "aws") - (group "admin") + (group "root") (shell (file-append zsh "/bin/zsh"))) %metznet-base-user-accounts)) (sudoers-file (plain-file "sudoers" (string-join (list "Defaults mail_badpass" - "root ALL=(ALL:ALL) ALL" - "%admin ALL=(ALL:ALL) ALL" "") + "root ALL=(ALL:ALL) NOPASSWD:ALL" + "%root ALL=(ALL:ALL) NOPASSWD:ALL" "") "\n"))) (packages (cons* openssh awscli neovim %metznet-base-packages)) diff --git a/ldap.metznet.ca.scm b/ldap.metznet.ca.scm index ed4c8f9..0e09b0d 100644 --- a/ldap.metznet.ca.scm +++ b/ldap.metznet.ca.scm @@ -19,18 +19,15 @@ (device (file-system-label "ldap-guix-data")) (mount-point "/") (type "ext4")) %base-file-systems)) - (groups (cons (user-group - (system? #t) - (name "admin")) %metznet-base-groups)) (users (cons (user-account (name "aws") - (group "admin") + (group "root") (shell (file-append zsh "/bin/zsh"))) %metznet-base-user-accounts)) (sudoers-file (plain-file "sudoers" (string-join (list "Defaults mail_badpass" - "root ALL=(ALL:ALL) ALL" - "%admin ALL=(ALL:ALL) ALL" "") + "root ALL=(ALL:ALL) NOPASSWD:ALL" + "%root ALL=(ALL:ALL) NOPASSWD:ALL" "") "\n"))) (packages (cons* openssh awscli neovim %metznet-base-packages)) diff --git a/vpn.metznet.ca.scm b/vpn.metznet.ca.scm index 6c62b65..6b01ce2 100644 --- a/vpn.metznet.ca.scm +++ b/vpn.metznet.ca.scm @@ -19,18 +19,15 @@ (device (file-system-label "vpn-guix-data")) (mount-point "/") (type "ext4")) %base-file-systems)) - (groups (cons (user-group - (system? #t) - (name "admin")) %metznet-base-groups)) (users (cons (user-account (name "aws") - (group "admin") + (group "root") (shell (file-append zsh "/bin/zsh"))) %metznet-base-user-accounts)) (sudoers-file (plain-file "sudoers" (string-join (list "Defaults mail_badpass" - "root ALL=(ALL:ALL) ALL" - "%admin ALL=(ALL:ALL) ALL" "") + "root ALL=(ALL:ALL) NOPASSWD:ALL" + "%root ALL=(ALL:ALL) NOPASSWD:ALL" "") "\n"))) (packages (cons* openssh awscli neovim %metznet-base-packages))