hackclub/burrow
1
0
Fork 0
Code Pull requests Releases Packages Activity Actions

Align Burrow operator access on forge
Some checks failed
Build Rust / Cargo Test (push) Successful in 3m48s
Details
Build Site / Next.js Build (push) Failing after 2s
Details
Lint Governance / BEP Metadata (push) Successful in 0s
Details

Browse source
This commit is contained in:
Conrad Kramer 2026-04-18 17:09:20 -07:00
parent abd5a35970
commit 4f88f0b1e0
2 changed files with 13 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
nixos/hosts/burrow-forge/default.nix
View file

@ -18,6 +18,15 @@ let
}
)
(lib.filterAttrs (_: identity: identity.bootstrapAuthentik or false) identities);
headscaleBootstrapUsers = lib.mapAttrsToList
(
username: identity: {
name = username;
displayName = identity.displayName;
email = identity.canonicalEmail;
}
)
(lib.filterAttrs (_: identity: identity.bootstrapAuthentik or false) identities);
forgeAuthorizedKeys = map
(username: builtins.readFile identities.${username}.sshPublicKeyPath)
(builtins.attrNames (lib.filterAttrs (_: identity: identity.forgeAuthorized or false) identities));
@ -173,5 +182,6 @@ in
services.burrow.headscale = {
enable = true;
oidcClientSecretFile = config.age.secrets.burrowHeadscaleOidcClientSecret.path;
bootstrapUsers = headscaleBootstrapUsers;
};
}