fix: move sudo settings from hpc module to actual nodes

ekman/fs-work/default.nix

@@ -25,6 +25,10 @@ in {
     # services.udev.extraRules = ''
     #     KERNEL=="ibp65s0", SUBSYSTEM=="net", ATTR{create_child}:="0x7666"
     # '';
+    security.sudo.extraConfig = ''
+      %sif ALL=(ALL) NOPASSWD: /run/current-system/sw/bin/singularity
+      %admin ALL=(admin) NOPASSWD: ALL
+    '';
 
     environment.systemPackages = with pkgs; [
         rdma-core
@@ -40,9 +44,9 @@ in {
         users = true;
         opt = true;
         work = false;
-        data = false;
+        data = true;
+        ceph = true;
         backup = false;
-        ceph = false;
       };
     };
 

ekman/login/default.nix

@@ -283,9 +283,11 @@ in
     #   };
     # };
 
-    # security.sudo.extraConfig = ''
+    security.sudo.extraConfig = ''
-    #   gitlab-runner ALL=(ALL) NOPASSWD: /run/current-system/sw/bin/singularity
+      %sif ALL=(ALL) NOPASSWD: /run/current-system/sw/bin/singularity
-    # '';
+      %admin ALL=(admin) NOPASSWD: ALL
+      # gitlab-runner ALL=(ALL) NOPASSWD: /run/current-system/sw/bin/singularity
+    '';
 
     security.pam = {
       services.sshd.googleAuthenticator.enable = true;

modules/hpc/hpc.nix

@@ -82,10 +82,6 @@ let
       turbovnc
       emacs
     ];
-    security.sudo.extraConfig = ''
-      %sif ALL=(ALL) NOPASSWD: /run/current-system/sw/bin/singularity
-      %admin ALL=(admin) NOPASSWD: ALL
-    '';
   };
 
   compute = {

rossby/login/default.nix

@@ -278,9 +278,11 @@ in
     #   };
     # };
 
-    # security.sudo.extraConfig = ''
+    security.sudo.extraConfig = ''
-    #   gitlab-runner ALL=(ALL) NOPASSWD: /run/current-system/sw/bin/singularity
+      %sif ALL=(ALL) NOPASSWD: /run/current-system/sw/bin/singularity
-    # '';
+      %admin ALL=(admin) NOPASSWD: ALL
+      # gitlab-runner ALL=(ALL) NOPASSWD: /run/current-system/sw/bin/singularity
+    '';
 
     security.pam = {
       services.sshd.googleAuthenticator.enable = true;