diff --git a/meta/organization/default.nix b/meta/organization/default.nix new file mode 100644 index 0000000..2f6acc0 --- /dev/null +++ b/meta/organization/default.nix @@ -0,0 +1,11 @@ +# SPDX-FileCopyrightText: 2024 Tom Hubrecht +# +# SPDX-License-Identifier: EUPL-1.2 + +{ + imports = [ + ./groups.nix + ./members.nix + ./services.nix + ]; +} diff --git a/meta/organization/groups.nix b/meta/organization/groups.nix new file mode 100644 index 0000000..9d2fb80 --- /dev/null +++ b/meta/organization/groups.nix @@ -0,0 +1,58 @@ +# SPDX-FileCopyrightText: 2024 Tom Hubrecht +# SPDX-FileContributor: Constantin Gierczak--Galle +# SPDX-FileContributor: Elias Coppens +# SPDX-FileContributor: Lubin Bailly +# SPDX-FileContributor: Maurice Debray +# SPDX-FileContributor: Ryan Lahfa +# +# SPDX-License-Identifier: EUPL-1.2 + +/* + To add a new member add an attribute to `members` + Then add the key to the required groups. +*/ + +{ + organization = { + groups = { + # members of this group are root on all nodes + root = [ + "thubrecht" + "raito" + "mdebray" + ]; + + bureau = [ + "jemagius" + "raito" + "mdebray" + "ecoppens" + ]; + + # members of this group are root on the fai infrastructure + fai = [ + "catvayor" + "ecoppens" + ]; + + lab = [ + "catvayor" + "cst1" + "ecoppens" + ]; + + hypervisors = [ + "catvayor" + "ecoppens" + ]; + + nix-builder = [ + "catvayor" + "ecoppens" + "mdebray" + "raito" + "thubrecht" + ]; + }; + }; +} diff --git a/meta/organization.nix b/meta/organization/members.nix similarity index 80% rename from meta/organization.nix rename to meta/organization/members.nix index 96be8b9..705bc46 100644 --- a/meta/organization.nix +++ b/meta/organization/members.nix @@ -113,89 +113,5 @@ ]; }; }; - - groups = { - # members of this group are root on all nodes - root = [ - "thubrecht" - "raito" - "mdebray" - ]; - - bureau = [ - "jemagius" - "raito" - "mdebray" - "ecoppens" - ]; - - # members of this group are root on the fai infrastructure - fai = [ - "catvayor" - "ecoppens" - ]; - - lab = [ - "catvayor" - "cst1" - "ecoppens" - ]; - - hypervisors = [ - "catvayor" - "ecoppens" - ]; - - nix-builder = [ - "catvayor" - "ecoppens" - "mdebray" - "raito" - "thubrecht" - ]; - }; - - external = { - dns = [ - "thubrecht" - "raito" - ]; - - email = [ "raito" ]; - - irc = [ "raito" ]; - }; - - services = { - # DG·SI - dgsi.admins = [ - "mdebray" - "raito" - "thubrecht" - ]; - - # Démarches Normaliennes - ds-fr.admins = [ - "thubrecht" - "jemagius" - ]; - - # Cloud DGNum - nextcloud.admins = [ - "jemagius" - "mdebray" - "raito" - "thubrecht" - ]; - - # Netbox DGNum - netbox.adminGroups = [ - "root" - "fai" - ]; - - # Videos DGNum - peertube.admins = [ "thubrecht" ]; - }; }; } diff --git a/meta/organization/services.nix b/meta/organization/services.nix new file mode 100644 index 0000000..fae8c98 --- /dev/null +++ b/meta/organization/services.nix @@ -0,0 +1,68 @@ +# SPDX-FileCopyrightText: 2024 Tom Hubrecht +# +# SPDX-License-Identifier: EUPL-1.2 + +# INFO: This file serves to publicize who are the administrators of +# certain services + +{ + organization = { + external = { + dns = [ + "thubrecht" + "raito" + ]; + + email = [ "raito" ]; + + irc = [ "raito" ]; + }; + + services = { + # DG·SI + dgsi.admins = [ + "mdebray" + "raito" + "thubrecht" + ]; + + # Démarches Normaliennes + ds-fr.admins = [ + "thubrecht" + "jemagius" + ]; + + # Forge git + forgejo.admins = [ + "ecoppens" + "mdebray" + "raito" + "thubrecht" + ]; + + # SSO and IdM + kanidm.admins = [ + "mdebray" + "raito" + "thubrecht" + ]; + + # Netbox DGNum + netbox.adminGroups = [ + "root" + "fai" + ]; + + # Cloud DGNum + nextcloud.admins = [ + "jemagius" + "mdebray" + "raito" + "thubrecht" + ]; + + # Videos DGNum + peertube.admins = [ "thubrecht" ]; + }; + }; +}