From 3e16eec0e4e9ba4a7a1a316f511c036af17c38e4 Mon Sep 17 00:00:00 2001
From: Don Harper <duck@duckland.org>
Date: Tue, 15 Jul 2025 00:06:14 -0500
Subject: [PATCH] colmena | add connection dets

---
 hosts/ace/colmena.nix     | 7 ++++++-
 hosts/book/colmena.nix    | 2 ++
 hosts/display/colmena.nix | 6 +++++-
 hosts/eve/colmena.nix     | 7 ++++++-
 hosts/fred/colmena.nix    | 7 ++++++-
 hosts/loki/colmena.nix    | 2 ++
 hosts/pi1/colmena.nix     | 7 ++++++-
 hosts/pocket2/colmena.nix | 7 ++++++-
 hosts/smaug/colmena.nix   | 2 ++
 hosts/w1/colmena.nix      | 7 ++++++-
 hosts/w2/colmena.nix      | 2 ++
 11 files changed, 49 insertions(+), 7 deletions(-)

diff --git a/hosts/ace/colmena.nix b/hosts/ace/colmena.nix
index 33db243..0a74e1c 100644
--- a/hosts/ace/colmena.nix
+++ b/hosts/ace/colmena.nix
@@ -1,4 +1,9 @@
 { inputs, outputs, lib, config, pkgs, ... }: {
   imports = [ ./default.nix ];
-  deployment = { tags = [ "workstation" "intel" ]; };
+  deployment = {
+    tags = [ "workstation" "intel" ];
+    allowLocalDeployment = true;
+    targetUser = "don";
+    privilegeEscalationCommand = [ "/run/wrappers/bin/doas" ];
+  };
 }
diff --git a/hosts/book/colmena.nix b/hosts/book/colmena.nix
index 80dc73c..3b96b8b 100644
--- a/hosts/book/colmena.nix
+++ b/hosts/book/colmena.nix
@@ -3,5 +3,7 @@
   deployment = {
     tags = [ "workstation" "intel" "chromebook" ];
     allowLocalDeployment = true;
+    targetUser = "don";
+    privilegeEscalationCommand = [ "/run/wrappers/bin/doas" ];
   };
 }
diff --git a/hosts/display/colmena.nix b/hosts/display/colmena.nix
index 755457f..c114d5f 100644
--- a/hosts/display/colmena.nix
+++ b/hosts/display/colmena.nix
@@ -1,4 +1,8 @@
 { inputs, outputs, lib, config, pkgs, ... }: {
   imports = [ ./default.nix ];
-  deployment = { tags = [ "arm" ]; };
+  deployment = {
+    tags = [ "arm" ];
+    targetUser = "don";
+    privilegeEscalationCommand = [ "/run/wrappers/bin/doas" ];
+  };
 }
diff --git a/hosts/eve/colmena.nix b/hosts/eve/colmena.nix
index 851ae46..3b96b8b 100644
--- a/hosts/eve/colmena.nix
+++ b/hosts/eve/colmena.nix
@@ -1,4 +1,9 @@
 { inputs, outputs, lib, config, pkgs, ... }: {
   imports = [ ./default.nix ];
-  deployment = { tags = [ "workstation" "intel" "chromebook" ]; };
+  deployment = {
+    tags = [ "workstation" "intel" "chromebook" ];
+    allowLocalDeployment = true;
+    targetUser = "don";
+    privilegeEscalationCommand = [ "/run/wrappers/bin/doas" ];
+  };
 }
diff --git a/hosts/fred/colmena.nix b/hosts/fred/colmena.nix
index 2969eae..968b52c 100644
--- a/hosts/fred/colmena.nix
+++ b/hosts/fred/colmena.nix
@@ -1,4 +1,9 @@
 { inputs, outputs, lib, config, pkgs, ... }: {
   imports = [ ./default.nix ];
-  deployment = { tags = [ "server" "intel" ]; };
+  deployment = {
+    tags = [ "server" "intel" ];
+    allowLocalDeployment = true;
+    targetUser = "don";
+    privilegeEscalationCommand = [ "/run/wrappers/bin/doas" ];
+  };
 }
diff --git a/hosts/loki/colmena.nix b/hosts/loki/colmena.nix
index c1f207f..0a74e1c 100644
--- a/hosts/loki/colmena.nix
+++ b/hosts/loki/colmena.nix
@@ -3,5 +3,7 @@
   deployment = {
     tags = [ "workstation" "intel" ];
     allowLocalDeployment = true;
+    targetUser = "don";
+    privilegeEscalationCommand = [ "/run/wrappers/bin/doas" ];
   };
 }
diff --git a/hosts/pi1/colmena.nix b/hosts/pi1/colmena.nix
index 755457f..cfcc6ed 100644
--- a/hosts/pi1/colmena.nix
+++ b/hosts/pi1/colmena.nix
@@ -1,4 +1,9 @@
 { inputs, outputs, lib, config, pkgs, ... }: {
   imports = [ ./default.nix ];
-  deployment = { tags = [ "arm" ]; };
+  deployment = {
+    tags = [ "arm" ];
+    allowLocalDeployment = true;
+    targetUser = "don";
+    privilegeEscalationCommand = [ "/run/wrappers/bin/doas" ];
+  };
 }
diff --git a/hosts/pocket2/colmena.nix b/hosts/pocket2/colmena.nix
index d20e9c2..df02409 100644
--- a/hosts/pocket2/colmena.nix
+++ b/hosts/pocket2/colmena.nix
@@ -1,4 +1,9 @@
 { inputs, outputs, lib, config, pkgs, ... }: {
   imports = [ ./default.nix ];
-  deployment = { tags = [ "intel" ]; };
+  deployment = {
+    tags = [ "intel" ];
+    allowLocalDeployment = true;
+    targetUser = "don";
+    privilegeEscalationCommand = [ "/run/wrappers/bin/doas" ];
+  };
 }
diff --git a/hosts/smaug/colmena.nix b/hosts/smaug/colmena.nix
index c1f207f..0a74e1c 100644
--- a/hosts/smaug/colmena.nix
+++ b/hosts/smaug/colmena.nix
@@ -3,5 +3,7 @@
   deployment = {
     tags = [ "workstation" "intel" ];
     allowLocalDeployment = true;
+    targetUser = "don";
+    privilegeEscalationCommand = [ "/run/wrappers/bin/doas" ];
   };
 }
diff --git a/hosts/w1/colmena.nix b/hosts/w1/colmena.nix
index 02836e5..0bc2f83 100644
--- a/hosts/w1/colmena.nix
+++ b/hosts/w1/colmena.nix
@@ -1,4 +1,9 @@
 { inputs, outputs, lib, config, pkgs, ... }: {
   imports = [ ./default.nix ];
-  deployment = { tags = [ "server" "intel" "vps" "web" ]; };
+  deployment = {
+    tags = [ "server" "intel" "vps" "web" ];
+    allowLocalDeployment = true;
+    targetUser = "don";
+    privilegeEscalationCommand = [ "/run/wrappers/bin/doas" ];
+  };
 }
diff --git a/hosts/w2/colmena.nix b/hosts/w2/colmena.nix
index 634c8ba..a2c2c74 100644
--- a/hosts/w2/colmena.nix
+++ b/hosts/w2/colmena.nix
@@ -3,5 +3,7 @@
   deployment = {
     tags = [ "server" "intel" "vps" "web" ];
     targetHost = "178.156.139.49";
+    targetUser = "don";
+    privilegeEscalationCommand = [ "/run/wrappers/bin/doas" ];
   };
 }