From c6f0a564e0eecf9c62ea5098e564a6aee969d7c1 Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Tue, 1 Jun 2021 09:38:23 -0400
Subject: [PATCH] make users non-secret

The default case was actually catastrophically bad for any actual deployment
since it would just lock everyone out of all the systems.
---
 morph/grid/testing/grid.nix  | 7 +------
 morph/grid/testing/users.nix | 2 ++
 2 files changed, 3 insertions(+), 6 deletions(-)
 create mode 100644 morph/grid/testing/users.nix

diff --git a/morph/grid/testing/grid.nix b/morph/grid/testing/grid.nix
index 16673c62..4f6e3694 100644
--- a/morph/grid/testing/grid.nix
+++ b/morph/grid/testing/grid.nix
@@ -6,12 +6,7 @@ import ../../lib/make-grid.nix {
   config = ./config.json;
   nodes = cfg:
   let
-    importDef = default: path: (
-      if builtins.pathExists path
-      then import path
-      else default
-    );
-    sshUsers = importDef {} ./secrets/staging-users.nix;
+    sshUsers = import ./users.nix;
   in {
     "payments" = import ../../lib/make-issuer.nix ({
       publicIPv4 = "18.197.42.120";
diff --git a/morph/grid/testing/users.nix b/morph/grid/testing/users.nix
new file mode 100644
index 00000000..d3520076
--- /dev/null
+++ b/morph/grid/testing/users.nix
@@ -0,0 +1,2 @@
+let key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGN4VQm3BIQKEFTw6aPrEwNuShf640N+Py2LOKznFCRT exarkun@bottom";
+in { "root" = key; jcalderone = key; }
-- 
GitLab