From 0e390f79d052c9226320167ec380df3085f854f3 Mon Sep 17 00:00:00 2001 From: Johannes Kirschbauer Date: Mon, 26 Aug 2024 18:33:47 +0200 Subject: [PATCH 1/2] ClanModules: add admin module --- clanModules/admin/README.md | 4 ++++ clanModules/admin/default.nix | 17 +++++++++++++++++ clanModules/admin/roles/default.nix | 1 + clanModules/flake-module.nix | 1 + 4 files changed, 23 insertions(+) create mode 100644 clanModules/admin/README.md create mode 100644 clanModules/admin/default.nix create mode 100644 clanModules/admin/roles/default.nix diff --git a/clanModules/admin/README.md b/clanModules/admin/README.md new file mode 100644 index 000000000..e9cfbb04f --- /dev/null +++ b/clanModules/admin/README.md @@ -0,0 +1,4 @@ +--- +description = "Convenient Administration for the Clan App" +categories = ["administration"] +--- diff --git a/clanModules/admin/default.nix b/clanModules/admin/default.nix new file mode 100644 index 000000000..cfe59e11c --- /dev/null +++ b/clanModules/admin/default.nix @@ -0,0 +1,17 @@ +{ lib, config, ... }: +{ + options.clan.admin = { + allowedKeys = lib.mkOption { + default = [ ]; + type = lib.types.listOf lib.types.str; + description = "The allowed public keys for ssh access to the admin user"; + }; + }; + imports = [ + ../sshd + ../root-password + ]; + config = { + users.users.root.openssh.authorizedKeys.keys = config.clan.admin.allowedKeys; + }; +} diff --git a/clanModules/admin/roles/default.nix b/clanModules/admin/roles/default.nix new file mode 100644 index 000000000..ffcd4415b --- /dev/null +++ b/clanModules/admin/roles/default.nix @@ -0,0 +1 @@ +{ } diff --git a/clanModules/flake-module.nix b/clanModules/flake-module.nix index d0f950eda..60fc9eeec 100644 --- a/clanModules/flake-module.nix +++ b/clanModules/flake-module.nix @@ -1,6 +1,7 @@ { ... }: { flake.clanModules = { + admin = ./admin; borgbackup = ./borgbackup; borgbackup-static = ./borgbackup-static; deltachat = ./deltachat; From c2ba0629598e1e9f8ee8219b4a8e2834f78a5379 Mon Sep 17 00:00:00 2001 From: Johannes Kirschbauer Date: Mon, 26 Aug 2024 18:34:53 +0200 Subject: [PATCH 2/2] Python classes: add admin module --- docs/mkdocs.yml | 1 + pkgs/clan-cli/clan_cli/inventory/classes.py | 47 ++++++++++++++++++--- 2 files changed, 41 insertions(+), 7 deletions(-) diff --git a/docs/mkdocs.yml b/docs/mkdocs.yml index 2fab52d1e..756efd6ea 100644 --- a/docs/mkdocs.yml +++ b/docs/mkdocs.yml @@ -55,6 +55,7 @@ nav: - Reference: - reference/index.md - Clan Modules: + - reference/clanModules/admin.md - reference/clanModules/borgbackup-static.md - reference/clanModules/borgbackup.md - reference/clanModules/deltachat.md diff --git a/pkgs/clan-cli/clan_cli/inventory/classes.py b/pkgs/clan-cli/clan_cli/inventory/classes.py index 60c9107b9..7501a3e74 100644 --- a/pkgs/clan-cli/clan_cli/inventory/classes.py +++ b/pkgs/clan-cli/clan_cli/inventory/classes.py @@ -30,6 +30,45 @@ class Meta: icon: None | str = field(default = None) +@dataclass +class AdminConfig: + allowedKeys: list[str] = field(default_factory = list) + + +@dataclass +class ServiceAdminMachine: + config: AdminConfig = field(default_factory = AdminConfig) + imports: list[str] = field(default_factory = list) + + +@dataclass +class ServiceMeta: + name: str + description: None | str = field(default = None) + icon: None | str = field(default = None) + + +@dataclass +class ServiceAdminRoleDefault: + config: AdminConfig = field(default_factory = AdminConfig) + imports: list[str] = field(default_factory = list) + machines: list[str] = field(default_factory = list) + tags: list[str] = field(default_factory = list) + + +@dataclass +class ServiceAdminRole: + default: ServiceAdminRoleDefault + + +@dataclass +class ServiceAdmin: + meta: ServiceMeta + roles: ServiceAdminRole + config: AdminConfig = field(default_factory = AdminConfig) + machines: dict[str, ServiceAdminMachine] = field(default_factory = dict) + + @dataclass class BorgbackupConfigDestination: name: str @@ -48,13 +87,6 @@ class ServiceBorgbackupMachine: imports: list[str] = field(default_factory = list) -@dataclass -class ServiceMeta: - name: str - description: None | str = field(default = None) - icon: None | str = field(default = None) - - @dataclass class ServiceBorgbackupRoleClient: config: BorgbackupConfig = field(default_factory = BorgbackupConfig) @@ -151,6 +183,7 @@ class ServiceSingleDisk: @dataclass class Service: + admin: dict[str, ServiceAdmin] = field(default_factory = dict) borgbackup: dict[str, ServiceBorgbackup] = field(default_factory = dict) packages: dict[str, ServicePackage] = field(default_factory = dict) single_disk: dict[str, ServiceSingleDisk] = field(default_factory = dict, metadata = {"alias": "single-disk"})