Added default password for base image, added new sudoers file for machines to allow aws to sudo

master
noah metz 2023-12-03 15:10:47 -07:00
parent ddf67a370f
commit b3a25143d6
4 changed files with 10 additions and 18 deletions

@ -27,6 +27,7 @@
(users (cons (user-account (users (cons (user-account
(name "aws") (name "aws")
(group "aws") (group "aws")
(password (crypt "aws" "$6$change"))
(shell (file-append zsh "/bin/zsh"))) %base-user-accounts)) (shell (file-append zsh "/bin/zsh"))) %base-user-accounts))
(sudoers-file (plain-file "sudoers" (sudoers-file (plain-file "sudoers"

@ -19,19 +19,16 @@
(device (file-system-label "krb-guix-data")) (device (file-system-label "krb-guix-data"))
(mount-point "/") (mount-point "/")
(type "ext4")) %base-file-systems)) (type "ext4")) %base-file-systems))
(groups (cons (user-group
(system? #t)
(name "admin")) %metznet-base-groups))
(users (cons (user-account (users (cons (user-account
(name "aws") (name "aws")
(group "admin") (group "root")
(shell (file-append zsh "/bin/zsh"))) (shell (file-append zsh "/bin/zsh")))
%metznet-base-user-accounts)) %metznet-base-user-accounts))
(sudoers-file (plain-file "sudoers" (sudoers-file (plain-file "sudoers"
(string-join (list "Defaults mail_badpass" (string-join (list "Defaults mail_badpass"
"root ALL=(ALL:ALL) ALL" "root ALL=(ALL:ALL) NOPASSWD:ALL"
"%admin ALL=(ALL:ALL) ALL" "") "%root ALL=(ALL:ALL) NOPASSWD:ALL" "")
"\n"))) "\n")))
(packages (cons* openssh awscli neovim %metznet-base-packages)) (packages (cons* openssh awscli neovim %metznet-base-packages))

@ -19,18 +19,15 @@
(device (file-system-label "ldap-guix-data")) (device (file-system-label "ldap-guix-data"))
(mount-point "/") (mount-point "/")
(type "ext4")) %base-file-systems)) (type "ext4")) %base-file-systems))
(groups (cons (user-group
(system? #t)
(name "admin")) %metznet-base-groups))
(users (cons (user-account (users (cons (user-account
(name "aws") (name "aws")
(group "admin") (group "root")
(shell (file-append zsh "/bin/zsh"))) %metznet-base-user-accounts)) (shell (file-append zsh "/bin/zsh"))) %metznet-base-user-accounts))
(sudoers-file (plain-file "sudoers" (sudoers-file (plain-file "sudoers"
(string-join (list "Defaults mail_badpass" (string-join (list "Defaults mail_badpass"
"root ALL=(ALL:ALL) ALL" "root ALL=(ALL:ALL) NOPASSWD:ALL"
"%admin ALL=(ALL:ALL) ALL" "") "%root ALL=(ALL:ALL) NOPASSWD:ALL" "")
"\n"))) "\n")))
(packages (cons* openssh awscli neovim %metznet-base-packages)) (packages (cons* openssh awscli neovim %metznet-base-packages))

@ -19,18 +19,15 @@
(device (file-system-label "vpn-guix-data")) (device (file-system-label "vpn-guix-data"))
(mount-point "/") (mount-point "/")
(type "ext4")) %base-file-systems)) (type "ext4")) %base-file-systems))
(groups (cons (user-group
(system? #t)
(name "admin")) %metznet-base-groups))
(users (cons (user-account (users (cons (user-account
(name "aws") (name "aws")
(group "admin") (group "root")
(shell (file-append zsh "/bin/zsh"))) %metznet-base-user-accounts)) (shell (file-append zsh "/bin/zsh"))) %metznet-base-user-accounts))
(sudoers-file (plain-file "sudoers" (sudoers-file (plain-file "sudoers"
(string-join (list "Defaults mail_badpass" (string-join (list "Defaults mail_badpass"
"root ALL=(ALL:ALL) ALL" "root ALL=(ALL:ALL) NOPASSWD:ALL"
"%admin ALL=(ALL:ALL) ALL" "") "%root ALL=(ALL:ALL) NOPASSWD:ALL" "")
"\n"))) "\n")))
(packages (cons* openssh awscli neovim %metznet-base-packages)) (packages (cons* openssh awscli neovim %metznet-base-packages))