feat: remove default admin

README.md

@@ -150,26 +150,27 @@ We haven't fully implemented all the features, but the remaining work is tracked
 Bootstrap a brand new Ubuntu 22.04 DigitalOcean VPS into NixOS:
 
 ```sh
-nix run .#bootstrap-host -- [--admin <name>] <main-wiki|replica-wiki> <target-host> [ssh-identity-file]
-nix run .#bootstrap-host -- [--admin <name>] <main-target-host> <replica-target-host> [ssh-identity-file]
+nix run .#bootstrap-host -- --admin <name> <main-wiki|replica-wiki> <target-host> [ssh-identity-file]
+nix run .#bootstrap-host -- --admin <name> <main-target-host> <replica-target-host> [ssh-identity-file]
 ```
 
 Example:
 
 ```sh
-nix run .#bootstrap-host -- main-wiki root@203.0.113.10 ~/.ssh/do-bootstrap
 nix run .#bootstrap-host -- --admin jet main-wiki root@203.0.113.10 ~/.ssh/do-bootstrap
-nix run .#bootstrap-host -- root@203.0.113.10 root@203.0.113.11 ~/.ssh/do-bootstrap
+nix run .#bootstrap-host -- --admin jet root@203.0.113.10 root@203.0.113.11 ~/.ssh/do-bootstrap
 ```
 
+`--admin <name>` is required. The admin must exist in `siteConfig.adminUsers` in `flake.nix`.
+
 What bootstrap does:
 
 - copies a first-boot module to the host
 - runs `nixos-infect` on the Ubuntu VPS
-- converts the machine to NixOS with the `jet` admin user
+- converts the machine to NixOS with the requested admin user
 - disables direct root SSH
 - fixes the known bad IPv6 routes generated by `nixos-infect`
-- verifies that `jet` login and `sudo` work and that the host reaches `running`
+- verifies that the requested admin login and `sudo` work and that the host reaches `running`
 
 What bootstrap is not: