oceanbox/platform
6
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Add Kubernetes, remove nginx

Browse Source
This commit is contained in:
Jonas Juselius
2021-10-06 11:03:30 +02:00
parent a0e109077f
commit 9bf1722b03
5 changed files with 228 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
clusters/stokes/cluster.nix
View File

@@ -1,7 +1,13 @@
{ pkgs, lib, config, ... }:
with lib;
let
cfg = config.node;
cfg = config.features.host;
mkSANs = host: [
host.name
host.address
"127.0.0.1"
];
configuration = {
system.autoUpgrade.enable = lib.mkForce false;
@@ -40,7 +46,7 @@ let
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDULdlLC8ZLu9qBZUYsjhpr6kv5RH4yPkekXQdD7prkqapyoptUkO1nOTDwy7ZsKDxmp9Zc6OtdhgoJbowhGW3VIZPmooWO8twcaYDpkxEBLUehY/n8SlAwBtiHJ4mTLLcynJMVrjmTQLF3FeWVof0Aqy6UtZceFpLp1eNkiHTCM3anwtb9+gfr91dX1YsAOqxqv7ooRDu5rCRUvOi4OvRowepyuBcCjeWpTkJHkC9WGxuESvDV3CySWkGC2fF2LHkAu6SFsFE39UA5ZHo0b1TK+AFqRFiBAb7ULmtuno1yxhpBxbozf8+Yyc7yLfMNCyBpL1ci7WnjKkghQv7yM1xN2XMJLpF56v0slSKMoAs7ThoIlmkRm/6o3NCChgu0pkpNg/YP6A3HfYiEDgChvA6rAHX6+to50L9xF3ajqk4BUzWd/sCk7Q5Op2lzj31L53Ryg8vMP8hjDjYcgEcCCsGOcjUVgcsmfC9LupwRIEz3aF14AWg66+3zAxVho8ozjes= jonas.juselius@juselius.io"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCk5EKXxo/KLogjqSxSf/GkQdZ30UxB3wXc5k6Y6RRKQ/5iJ+XyYTbuqYOUp30p54apZzbayU2icahE/upr754lQicQwJtOXW/Iut57VRhSpq4P+mKCIdT58xCUkAZYr8Aja8UjHlYeJgFvp023K/fqmwbapu8R1gh4bzXm7uU1XeJoYfuOb+Cb8NGMn1ICrw2aztA0yVOXZ7tyJd2qyr1+6PuM/Ca2nKN4wLIX2vwyN3vZjR15nkIaHQGlTaJlNk2NEG1YTxsIQ9axDjNtyL80kjUr5M8zxW6s0h3451zr1b21EetP1i+1POIjS9uWXv5iabF+1Qb1GaS4FAYzzpqNY+moLzY7Zqfi05MPsMYkNoZ1Kg5aj0IuZb0OM9i6ZJrFs9nYAGG0uLSUTfrs957f9nokFyILGYg5xY46YN3uQrqfZifvcR0KaEdxEKvnfq0qrNG3uYLR/OYm2yblRcNbWgDoQ1hH7qa9uJM2JrPM07s4sJGkqfAib8Hwz9+l7jMrL6KIGUOA4aX0B1KZaIKKiZa42WlgdbeA17aW3laIqS5mZCkI3pLMYZAxe+A6rQi+V8ZAvDSyOL/Vws3lboXaN5QLu17R8uCY7MkIAvRBiZSpdWNeX3JO5m6zexkxkrFlxyEBf+ott4ATSw+eMYMs8i5xQRqPjgO1cABWkUdGpw== martin.moe.carstens@itpartner.no"
];
docker.enable = true;
docker.enable = false;
mailRelay = {
enable = true;
@@ -52,7 +58,7 @@ let
};
cachix.enable = false;
monitoring.nodeExporter.enable = true;
monitoring.nodeExporter.enable = false;
pki = { ca = ./ca; };
@@ -85,6 +91,33 @@ let
};
};
};
k8s = {
enable = true;
node.enable = true;
clusterName = "hpc0";
initca = ./ca;
cidr = "10.100.0.0/16";
master = {
name = "stokes";
address = "10.1.61.100";
extraSANs = [ "hpc0-0.regnekraft.io" ];
};
ingressNodes = [
"hpc0-0.regnekraft.io"
];
fileserver = "mds0-0";
charts = {
acme_email = "innovasjon@itpartner.no";
grafana_smtp_user = "utvikling";
grafana_smtp_password = "S0m3rp0m@de#21!";
};
};
};
services.kubernetes.kubelet.extraSANs = mkSANs {
name = cfg.name;
address = cfg.address;
};
networking = {
@@ -221,11 +254,6 @@ let
in {
options.node = {
address = mkOption {
type = types.str;
default = null;
};
i40efix = mkEnableOption "Apply fix for i40e driver";
myvnc = mkEnableOption "Enable myvnc script";
@@ -238,9 +266,9 @@ in {
shosts
(mkIf cfg.i40efix i40efix)
(mkIf config.node.i40efix i40efix)
(mkIf cfg.myvnc myvnc)
(mkIf config.node.myvnc myvnc)
];
imports = [

91
clusters/stokes/default.nix
View File

@@ -1,6 +1,29 @@
let
# Pin the deployment package-set to a specific version of nixpkgs
# pkgs = import (builtins.fetchTarball {
# url = "https://github.com/NixOS/nixpkgs/archive/e9148dc1c30e02aae80cc52f68ceb37b772066f3.tar.gz";
# sha256 = "1ckzhh24mgz6jd1xhfgx0i9mijk6xjqxwsshnvq789xsavrmsc36";
# }) {};
pkgs = import <nixpkgs> {};
etcdNodes = {
c0-0 = "10.1.61.100";
c0-1 = "10.1.61.101";
c0-2 = "10.1.61.102";
};
etcdCluster = {
enable = true;
existing = true;
nodes = etcdNodes;
};
nodes =
with builtins;
let nodes = genList (n: n + 1) 8; in
map (n: ({ name = "c0-${toString n}"; address = "10.1.61.10${toString n}"; })) nodes;
stokes = {
node.address = "10.1.62.2";
node.myvnc = true;
systemd.targets = {
@@ -11,6 +34,11 @@ let
};
features = {
host = {
address = "10.1.62.2";
name = "c0-0";
};
os = {
externalInterface = "eno1";
nfs.enable = true;
@@ -25,13 +53,17 @@ let
frontend = true;
};
k8s = {
master.enable = true;
node.enable = true;
inherit nodes;
inherit etcdCluster;
};
monitoring = {
server = {
enable = true;
scrapeHosts = [
"frontend" "mds0-0"
"c0-1" "c0-2" "c0-3" "c0-4" "c0-5" "c0-6" "c0-7" "c0-8"
];
enable = false;
scrapeHosts = [ "frontend" "mds0-0" ] ++ (builtins.map (x: x.name) nodes);
defaultAlertReceiver = {
email_configs = [
{ to = "jonas.juselius@tromso.serit.no"; }
@@ -48,7 +80,7 @@ let
];
};
};
webUI.enable = true;
webUI.enable = false;
webUI.acmeEmail = "innovasjon@itpartner.no";
webUI.allow = [
"10.1.2.0/24"
@@ -120,6 +152,14 @@ let
device = "10.1.63.80:/data";
fsType = "nfs";
};
"/vol/local-storage/vol1" = {
device = "/vol/vol1";
options = [ "bind" ];
};
"/vol/local-storage/vol2" = {
device = "/vol/vol2";
options = [ "bind" ];
};
};
security.pam.services.sshd.googleAuthenticator.enable = true;
@@ -169,16 +209,10 @@ let
};
};
imports = [ ./cluster.nix ./hw/frontend.nix ];
};
compute = {
features = {
os.externalInterface = "eno33";
hpc.compute = true;
};
fileSystems = {
"/home/stokes" = {
device = "10.1.63.100:/home";
@@ -195,27 +229,29 @@ let
};
};
genComputeNodes = idx: nNodes:
mkCompute = host:
let
nodeList = builtins.genList (x: x + 1) nNodes;
mkCompute = n:
let
ip = "10.1.61.${toString (n + 100)}";
ipoib = "10.1.63.${toString (n + 100)}";
name = "c${toString idx}-${toString n}";
hw = ./hw + "/${name}.nix";
ipoib = builtins.replaceStrings [".61."] [".63."] host.address;
hw = ./hw + "/${host.name}.nix";
in {
"${name}" = {
"${host.name}" = {
features = {
inherit host;
os.externalInterface = "eno33";
hpc.compute = true;
k8s = { inherit etcdCluster; };
};
node = {
address = ip;
i40efix = true;
};
networking = {
useDHCP = false;
interfaces.eno33 = {
useDHCP = false;
ipv4.addresses = [ {
address = ip;
address = host.address;
prefixLength = 24;
} ];
ipv4.routes = [ {
@@ -234,10 +270,9 @@ let
};
};
imports = [ ./cluster.nix hw ];
} // compute;
}
// compute;
};
in
builtins.foldl' (a: n: a // mkCompute n) {} nodeList;
in
{ inherit stokes; } // genComputeNodes 0 8
{ inherit stokes; } // builtins.foldl' (a: n: a // mkCompute n) {} nodes

18
clusters/stokes/hosts.nix
View File

@@ -1,15 +1,15 @@
''
10.1.62.2 stokes stokes.regnekraft.io
10.1.61.100 frontend frontend.hpc.local
10.1.61.101 c0-1 c0-1.hpc.local
10.1.61.102 c0-2 c0-2.hpc.local
10.1.61.103 c0-3 c0-3.hpc.local
10.1.61.104 c0-4 c0-4.hpc.local
10.1.61.105 c0-5 c0-5.hpc.local
10.1.61.106 c0-6 c0-6.hpc.local
10.1.61.107 c0-7 c0-7.hpc.local
10.1.61.108 c0-8 c0-8.hpc.local
10.1.61.100 frontend frontend.hpc.local c0-0.regnekraft.io
10.1.61.101 c0-1 c0-1.hpc.local c0-1.regnekraft.io
10.1.61.102 c0-2 c0-2.hpc.local c0-2.regnekraft.io
10.1.61.103 c0-3 c0-3.hpc.local c0-3.regnekraft.io
10.1.61.104 c0-4 c0-4.hpc.local c0-4.regnekraft.io
10.1.61.105 c0-5 c0-5.hpc.local c0-5.regnekraft.io
10.1.61.106 c0-6 c0-6.hpc.local c0-6.regnekraft.io
10.1.61.107 c0-7 c0-7.hpc.local c0-7.regnekraft.io
10.1.61.108 c0-8 c0-8.hpc.local c0-8.regnekraft.io
10.1.61.80 mds0-0 mds0-0.hpc.local

60
clusters/stokes/morph.nix
View File

@@ -6,9 +6,24 @@ let
# }) {};
pkgs = import <nixpkgs> {};
etcdNodes = {
# hpc0-0 = "10.1.63.100";
# hpc0-1 = "10.1.63.101";
# hpc0-2 = "10.1.63.102";
};
etcdCluster = {
enable = false;
existing = false;
nodes = etcdNodes;
};
k8sNodes = [
# { name = "hpc0-1"; address = "10.1.61.101"; }
];
stokes = {
deployment.tags = [ "frontend" ];
node.address = "10.1.62.2";
node.myvnc = true;
systemd.targets = {
@@ -19,6 +34,10 @@ let
};
features = {
host = {
address = "10.1.61.100";
name = "hpc0-0";
};
os = {
externalInterface = "eno1";
nfs.enable = true;
@@ -33,6 +52,30 @@ let
frontend = true;
};
k8s = {
enable = true;
master.enable = true;
node.enable = true;
nodes = nodes;
clusterName = "hpc0";
initca = ./ca;
cidr = "10.100.0.0/16";
master = {
name = "hpc0-0";
address = "10.1.63.100";
extraSANs = [ "stokes.regnekraft.io" ];
};
ingressNodes = [
"hpc0-0.itpartner.intern"
];
fileserver = "mds0-0";
charts = {
acme_email = "innovasjon@itpartner.no";
grafana_smtp_user = "utvikling";
grafana_smtp_password = "S0m3rp0m@de#21!";
};
};
monitoring = {
server = {
enable = true;
@@ -177,6 +220,15 @@ let
};
};
services.minio = {
enable = true;
region = "hpc";
browser = true;
accessKey = "admin";
secretKey = "en to tre fire";
listenAddress = "0.0.0.0:9000";
dataDir = [ "/data/minio" ];
};
imports = [ ./cluster.nix ./hw/frontend.nix ];
};
@@ -213,13 +265,17 @@ let
ip = "10.1.61.${toString (n + 100)}";
ipoib = "10.1.63.${toString (n + 100)}";
name = "c${toString idx}-${toString n}";
k8sName = "hpc${toString idx}-${toString n}";
hw = ./hw + "/${name}.nix";
in {
"${name}" = {
node = {
address = ip;
i40efix = true;
};
features.host = {
address = ip;
name = k8sName;
};
networking = {
useDHCP = false;
interfaces.eno33 = {

63
clusters/stokes/users.nix
View File

@@ -17,6 +17,7 @@
michael = { gid = 1012; };
yugaos = { gid = 1013; };
ata = { gid = 1014; };
kvile ={ gid = 1015; };
# @grp@
sif = {
@@ -61,8 +62,8 @@
"wheel"
"root"
"adm"
"admin"
"cdrom"
"docker"
"fuse"
"wireshark"
"libvirtd"
@@ -72,7 +73,7 @@
];
uid = 1000;
isNormalUser = true;
createHome = true;
createHome = false;
useDefaultShell = false;
shell = pkgs.fish;
openssh.authorizedKeys.keys = [
@@ -87,11 +88,10 @@
group = "olean";
extraGroups = [
"users"
"docker"
];
uid = 1001;
isNormalUser = true;
createHome = true;
createHome = false;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAlfc2r3mNkvmdta+H/5zfdFe6317zmCdhhPYbipaGVFPUZO2cCTgSso28oDvOpCDldo/wl3jUxYNDlwH8LYMqKT3aGaOZr8JbxYzd+L+5GM2KTD+4YRmPtpYS/LWcc3j+fiFXSgX6Mrrgf6ineCRuBxSooDVE+pBakM1U7d5NE25apaAvclzFTmZBg0Sf9e5sgHkR99r9DUeGEQWGNZVUGwti39dFVp+aC9dsA+1/OtNB/HMF5G1MMk9dqvN7n7i9o9Plef2DParn4QU1GhmUKeEiBe4OAmSP+WwD4YvK6iXSKZG6tuTEspw+mR3rK5gBHrEiaNlCtp7O9BnAw4Wjhw== rsa-key-20201218"
];
@@ -103,11 +103,10 @@
group = "frankgaa";
extraGroups = [
"users"
"docker"
];
uid = 1002;
isNormalUser = true;
createHome = true;
createHome = false;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTq/IAtLkvHaPKTsp5U9YnhBj7PLFflS9vWpm5e/bFXQkSShkqUOktff1GITIN+RTpUS8zF9UkJA8fj5K382DhIn4jVb9HvQzmHNBTxU5ClpOuKhfibrts5IKMLAiN1enwZYu0iUIVfDKTYmqgAnjN8B6OyzIAB8bsBUMdN29PEwJT4cCVRRySLRfoWiXiZKow71FzXIACgxMwGhj2fpslKQoat2LGny03XR7EZrv36u1OktT28Gxf4ZrGpT9+3SAyf7aW20xHALU/dHXVsfsuqnoqw1InZ5VhvIVtoIj+5Vc5dkTXkychL0Hb+WxiH5O/3T18YUqes08UPZX5G9kB fga@akvaplan.niva.no"
];
@@ -119,11 +118,10 @@
group = "hdj002";
extraGroups = [
"users"
"docker"
];
uid = 1003;
isNormalUser = true;
createHome = true;
createHome = false;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvXTQTRfcpVkaJ+HO6wpgMKO9bdoTvQunbexn1N4jOuJOB5uAKZrZsimucw4DpvzaLZAftLI6RQlmiklxWItZA2UCfhlIZus8wy0cSTic2PkxLUXzBa1wl7nr8anYSK/HReQfTkgSi6LGTsGhejBxe//XC24ygW9eFYZTwOkpD8klNBNFHUA6sXgnzcjT/j3rwUjYI4GVJ82kP3GA0GBDSMwZ45/8ZYBk/Dbja0RJlvTHLSIgAmKzOuor1ORXk4zGdVpsTgNRv7QxeXZT09KJFp9hexMB/fT/OwZopKrHdGrOIIi2vhO6AGh4U+qjnjWY8yn5qHSOAIDDiJQ/iLeCCw== rsa-key-20201217"
];
@@ -135,11 +133,10 @@
group = "hes";
extraGroups = [
"users"
"docker"
];
uid = 1004;
isNormalUser = true;
createHome = true;
createHome = false;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDH/05mXyrYgxlWazFDtTJBCCB4YzQQiPcAkeeolztt320CPQ+pRyLgCzyAVGT5AlisXanHyWFSsPXrfM5MRNbm2U87s8DoZLZS5CYMk+ieGKdbac8jUgaw16EKyW05NHfHhDGYL+DyTQ76WAe/btzgDpvkal5B824a6abqc/oYz7D5rnAqoIpt56m1BG3tJrSz8K3nbOGpnMKt3vlVSLqZ6WNtSfXT+hHjOTfacQYH9XGQn/nYIuUzgDUswiboJ8nox5eduJxFrUHY6GGFiFeX6+hxIZUOZZm4hff01+sBxWy4y727tzCTbZIw2ERKcxu94BOC/EJsIyQDkaHwzaIwP7bB8V5yqpz7Fjgt5Bu+pMxUV8uwZmA5S5r3UuXlKHaspaqDR7RVjCUWcwCSgMYioxLtcnZr2DdKuezXbOU8O/FRsxuqFEzZTeCrckAi8gFzTanIZYmkwujjRg1hidOMc5qcn2yH/5NyBlQ+Y4XjD0XTMjSLpONczuyG3t6SJpE= haavaes@nzinga"
];
@@ -151,11 +148,10 @@
group = "mad";
extraGroups = [
"users"
"docker"
];
uid = 1005;
isNormalUser = true;
createHome = true;
createHome = false;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDSHaeXMssp55DPb9Pnqn1WxQqutvOsvIrYDKgTsrnmf/GC3N7h593pX27Qrzjaf0OYHcT7drUbDvRIFsuzmtplff/87fqbx/GGyYUrP+LZwOB7BKHrRlixaVeOOmvE/f9SNM0sIolq47qKFHM2KMsbk5zhSiOmbsCXWzdyYu+kjRgSjSs8NByoKzW9+dUuop/dcTZtDJd0oxUwkpU3c+MSkdAtDpvuxG6vq56Z4j9llg8kzHtLQI7t8w35FhIcXaJOE+LXJfq1FuAl9rw0QMAvotRJ+wHiMOqdkbABkmHG594JNCvZStqN4r8r3ZI20AF8xB3EiLVAuiB08kdEcuoGJCj7IHUwozbds4PO32oDSVy2/IR6VtRJQSNLH99nSbDQ9AmJtn3gSVJvAil1zaw/PZGez/UnDevN7KwUnf6wxH7yxDqgRjEmTu62z7HxQkPKMbuIvcHCQV9ota4eJZFOpr9tH44tuETcvkOButJH1Qa6AMKZPj10bxlqPIHKFS3dhus0BiUIWbjUY9/dC3LwW0S8TeP1NLx0vUeDiqY7BId6jZ8yeguQTvngPFJw5VPEuH5X/6sSXoCn1MnwdhXyeIylE5JoPXahVGQkaHo1Hap0JajxIlsZN6Q719qwSYJouH4mjdFBT46kw8CSH2sedv5qCQPchVmvaADirytYTQ== pckey"
];
@@ -167,11 +163,10 @@
group = "peyghamg";
extraGroups = [
"users"
"docker"
];
uid = 1006;
isNormalUser = true;
createHome = true;
createHome = false;
openssh.authorizedKeys.keys = [];
};
@@ -181,11 +176,10 @@
group = "qin";
extraGroups = [
"users"
"docker"
];
uid = 1007;
isNormalUser = true;
createHome = true;
createHome = false;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAhrMpKwIKQoANoB0I7X9IXGVpfPVvjFjeuT7RGKO+XghSm88B0RTeBeiEcwp1fADUTdzbd00YhrWLIBSl3z/fyhG/k/EyOadNYn0BFenJ9IBxBFo/Nyhbfg1jKAO/OLN7S6WFWPvJzE/G6UP/wN1QBeJmM1iEIuorwwTifMGD0nM1DaQA9R9Ji56yn6Kzl2wym0z0WKyqrn+vTBh3YXJljEFboeuWlBL/a7R7W6XxJHPo0wZzKxE7mdEQqqGXioTUTPgyBLK1duS0YjWuMS/pfkMIji0kD50QtlA72h2p++43ZS1NpFK9d8q7C2ZxE/RlxAFGwUcKGhEIUdk3JRhfcQ== rsa-key-20210429"
];
@@ -197,11 +191,10 @@
group = "eli";
extraGroups = [
"users"
"docker"
];
uid = 1008;
isNormalUser = true;
createHome = true;
createHome = false;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEA8cclW3+wlmFl4fNEIqudlrtKVsZCXdzLgXNaGnqZPbqUCVXqw6rigFXSPYnRnE47yi8heC+06ga+4l8LkAuFCPhoZN6xxq6M7qmlNRHtpNn6PrXuDaTkgNig9TD2BCbHGwkqIByPhea4qQbM0mLKRk+a4H0ZGHsJnZI+nm185sSo6jQJ1gCHLk6ZZOoRDGYjoZIs3En3fTSTJBfbluf5A/gVXf2pbvIQ+R5QEOszRcln6nFfTd2Lwu2t63jA1pHN3KQoKcJ9RtBrRC0ZgZrOlEU1bpGLwuHwpj5xoxlsoI49QMgqJL4PE06mNGLYuxl6N/Sj6l90fuPFrEQpf45S0w== rsa-key-20201217"
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvn2P+ID0J4SEIZF22Ewx4YqrUxgM78eUPZPtEngvQhi+s+lROpmkPPG7JQ2AO4tsATIOWHhXXerIciWuP5W8LikUmr4xXdQD7S1lbmH1sKvgyquPqyfjucQlP/efcoYXGQMp7tFs/1Z1RXPmq4oG3IZIy/wZOgiT8/wP/nCVOAahtAE1VxRldber286ruoF4e3GFjSxYafjyifaYwSvHySiKKqjVCaHw1oVv6bJn2H1sjuU19LSvDTZk+zMlWuxe1HW2dLtrGQGptd1JSURzmuc+stmrDBeiSGQ5QZza4+6TZKnSMNZ0RrjvTLlT+qW6OYMSPkiSDlEjkB47kIGQKQ== eli@AKVA9163"
@@ -214,11 +207,10 @@
group = "ovanov";
extraGroups = [
"users"
"docker"
];
uid = 1009;
isNormalUser = true;
createHome = true;
createHome = false;
openssh.authorizedKeys.keys = [];
};
@@ -228,13 +220,12 @@
group = "bast";
extraGroups = [
"users"
"docker"
"wheel"
"root"
];
uid = 1010;
isNormalUser = true;
createHome = true;
createHome = false;
useDefaultShell = false;
shell = pkgs.fish;
openssh.authorizedKeys.keys = [
@@ -250,11 +241,10 @@
group = "marius";
extraGroups = [
"users"
"docker"
];
uid = 1011;
isNormalUser = true;
createHome = true;
createHome = false;
useDefaultShell = false;
shell = pkgs.fish;
openssh.authorizedKeys.keys = [
@@ -268,11 +258,10 @@
group = "michael";
extraGroups = [
"users"
"docker"
];
uid = 1012;
isNormalUser = true;
createHome = true;
createHome = false;
useDefaultShell = false;
shell = pkgs.fish;
openssh.authorizedKeys.keys = [
@@ -286,11 +275,10 @@
group = "yugaos";
extraGroups = [
"users"
"docker"
];
uid = 1013;
isNormalUser = true;
createHome = true;
createHome = false;
useDefaultShell = true;
# shell = pkgs.fish;
openssh.authorizedKeys.keys = [
@@ -304,11 +292,10 @@
group = "ata";
extraGroups = [
"users"
"docker"
];
uid = 1014;
isNormalUser = true;
createHome = true;
createHome = false;
useDefaultShell = true;
# shell = pkgs.fish;
openssh.authorizedKeys.keys = [
@@ -316,6 +303,22 @@
];
};
kvile = {
description = "Kristina Øie Kvile";
home = "/home/kvile";
group = "kvile";
extraGroups = [
"users"
];
uid = 1015;
isNormalUser = true;
createHome = false;
useDefaultShell = true;
# shell = pkgs.fish;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCtB+HWtE4iXJiRVi1MUKaE3R3FAcHzCgiF84ho6GXKxx5H2iY8sgfxWo/lFSonhZKTo/+dHOYNKs42Q85ytG1rpcEYYVOK53mx8f7Z3THmw348a/+geM8Bukvo5pLc7KmXIvq6UQIjZmI/wnbA7B8MzLyrod71SaT1ujMEV1Jg0b3KnjS5kJnUHDICw3CdvuenNIgYl/zbTeEJ1iUu6T1TY+cNGG/7HOsaR1leCArDutHIKowcIFQFZoLEikM2DX5MSp9UBizAVogHugEqE2Bqh+C7NyTzJfQzR8s4drnt9IaptJQmCo6z9f+dQALjhftJXBDdkR6coMyOujV3Yyc5 rsa-key-20210928"
];
};
# @usr@
};