document access control
This commit is contained in:
parent
a7ce39a2f5
commit
5bc379c1d1
4 changed files with 28 additions and 0 deletions
|
@ -1,3 +1,7 @@
|
|||
/*
|
||||
Metadata for the nodes. You can add custom attributes, they are
|
||||
accessible through the specialArg meta in the config.
|
||||
*/
|
||||
let
|
||||
members = import ./members.nix;
|
||||
nodes = import ./nodes.nix;
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
/*
|
||||
To add a new member add an attribute to `members`
|
||||
Then add the key to the required groups.
|
||||
*/
|
||||
let
|
||||
members = {
|
||||
mdebray = {
|
||||
|
@ -17,8 +21,10 @@ let
|
|||
};
|
||||
|
||||
groups = {
|
||||
# members of this group are root on all nodes
|
||||
root = [ "thubrecht" ];
|
||||
|
||||
# members of this group are root on web nodes
|
||||
web = [ "mdebray" "raito" ];
|
||||
};
|
||||
in
|
||||
|
|
|
@ -1,3 +1,15 @@
|
|||
/* File specifying all the deployement options for the nodes administrated by the dgnum.
|
||||
|
||||
Node metadata template is:
|
||||
|
||||
NODE_NAME = {
|
||||
adminGroups = []; # List of groups that have root access
|
||||
admins = []; # List of individuals that have root access
|
||||
deployment = {}; # Colmena deployment options
|
||||
nixpkgs = "unstable" or "22.11"; # nixpkgs version
|
||||
}
|
||||
*/
|
||||
|
||||
{
|
||||
web-01 = {
|
||||
adminGroups = [ "web" ];
|
||||
|
|
|
@ -19,6 +19,12 @@ with lib;
|
|||
default = { };
|
||||
description = ''
|
||||
Attribute set describing which member has access to which user on the node.
|
||||
Members must be declared in `meta/members.nix`.
|
||||
'';
|
||||
example = ''
|
||||
{
|
||||
user1 = [ "member1" "member2" ];
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue