tree-wide: better separate/name some things

author: seth <[email protected]> 2024-02-04 16:40:38 -0500
committer: seth <[email protected]> 2024-02-04 16:41:47 -0500
commit: 5f848623dff7cbcd21911032e5fd4c77bcf7d413 (patch)
tree: 7462ae7abec5beee71443702b330e3eeca1a407f /terranix/tailscale/acl.nix
parent: 371235663a4e8d783dfc4294bb0b10cd3206c9c6 (diff)
1 files changed, 0 insertions, 25 deletions
diff --git a/terranix/tailscale/acl.nix b/terranix/tailscale/acl.nix
deleted file mode 100644
index d27d3e1..0000000
--- a/terranix/tailscale/acl.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{lib, ...}: {
-  resource.tailscale_acl.default = {
-    acl = toString (builtins.toJSON {
-      tagOwners = let
-        me = ["getchoo@github"];
-        tags = map (name: "tag:${name}") ["server" "personal" "gha"];
-      in
-        lib.genAttrs tags (_: me);
-
-      acls = let
-        mkAcl = action: src: dst: {inherit action src dst;};
-      in [
-        (mkAcl "accept" ["tag:personal"] ["*:*"])
-        (mkAcl "accept" ["tag:server" "tag:gha"] ["tag:server:*"])
-      ];
-
-      ssh = let
-        mkSshAcl = action: src: dst: users: {inherit action src dst users;};
-      in [
-        (mkSshAcl "accept" ["tag:personal"] ["tag:server" "tag:personal"] ["autogroup:nonroot" "root"])
-        (mkSshAcl "accept" ["tag:gha"] ["tag:server"] ["root"])
-      ];
-    });
-  };
-}
author	seth <[email protected]>	2024-02-04 16:40:38 -0500
committer	seth <[email protected]>	2024-02-04 16:41:47 -0500
commit	5f848623dff7cbcd21911032e5fd4c77bcf7d413 (patch)
tree	7462ae7abec5beee71443702b330e3eeca1a407f /terranix/tailscale/acl.nix
parent	371235663a4e8d783dfc4294bb0b10cd3206c9c6 (diff)