Skip to content

Allow ssh config hostnames #49

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
J-Swift wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Allow ssh config hostnames #49

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
699f6b4
Allow providing 'sshConfigHost' param
J-Swift Sep 29, 2023
279c5c5
Some docs about sshConfigHost
J-Swift Sep 29, 2023
f1b4d6e
Whoops typo
J-Swift Sep 29, 2023
8a13c25
Merge remote-tracking branch 'upstream/master' into feature/allow-ssh…
J-Swift May 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,10 @@ Below is a minimal example:
_module.args.nixinate = {
host = "itchy.scratchy.com";
sshUser = "matthew";

# Or optionally pass a 'short' hostname that is defined in ssh config
sshConfigHost = "itchy-scratchy";

buildOn = "remote"; # valid args are "local" or "remote"
substituteOnTarget = true; # if buildOn is "local" then it will substitute on the target, "-s"
hermetic = false;
Expand Down Expand Up @@ -91,6 +95,11 @@ Connection to itchy.scratchy.com closed.

A string representing the username a machine to connect to via ssh.

- `sshConfigHost` *`string`*

A string representing an entry in ssh config. If provided, it takes precedence
over `host` and `sshUser`.

- `buildOn` *`"remote"`* or *`"local"`*

- `"remote"`
Expand Down
19 changes: 12 additions & 7 deletions flake.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,9 @@
n = flake.nixosConfigurations.${machine}._module.args.nixinate;
hermetic = n.hermetic or true;
user = n.sshUser or "root";
host = n.host;
host = n.host or "";
sshConfigHost = n.sshConfigHost or "";
userHost = if sshConfigHost != "" then sshConfigHost else if host != "" then "${user}@${host}" else abort "_module.args.nixinate.host or _module.args.nixinate.sshConfigHost must be set";
where = n.buildOn or "remote";
remote = if where == "remote" then true else if where == "local" then false else abort "_module.args.nixinate.buildOn is not set to a valid value of 'local' or 'remote'";
substituteOnTarget = n.substituteOnTarget or false;
Expand All @@ -47,22 +49,25 @@
''
set -e
echo "🚀 Deploying nixosConfigurations.${machine} from ${flake}"
'' + (if sshConfigHost != "" then ''
echo "🌐 SSH Config Host: ${sshConfigHost}"
'' else ''
echo "👤 SSH User: ${user}"
echo "🌐 SSH Host: ${host}"
'' + (if remote then ''
'') + (if remote then ''
echo "🚀 Sending flake to ${machine} via nix copy:"
( set -x; ${nix} ${nixOptions} copy ${flake} --to ssh://${user}@${host} )
( set -x; ${nix} ${nixOptions} copy ${flake} --to ssh://${userHost} )
'' + (if hermetic then ''
echo "🤞 Activating configuration hermetically on ${machine} via ssh:"
( set -x; ${nix} ${nixOptions} copy --derivation ${nixos-rebuild} ${flock} --to ssh://${user}@${host} )
( set -x; ${openssh} -t ${user}@${host} "sudo nix-store --realise ${nixos-rebuild} ${flock} && sudo ${flock} -w 60 /dev/shm/nixinate-${machine} ${nixos-rebuild} ${nixOptions} ${switch} --flake ${flake}#${machine}" )
( set -x; ${nix} ${nixOptions} copy --derivation ${nixos-rebuild} ${flock} --to ssh://${userHost} )
( set -x; ${openssh} -t ${userHost} "sudo nix-store --realise ${nixos-rebuild} ${flock} && sudo ${flock} -w 60 /dev/shm/nixinate-${machine} ${nixos-rebuild} ${nixOptions} ${switch} --flake ${flake}#${machine}" )
'' else ''
echo "🤞 Activating configuration non-hermetically on ${machine} via ssh:"
( set -x; ${openssh} -t ${user}@${host} "sudo flock -w 60 /dev/shm/nixinate-${machine} nixos-rebuild ${switch} --flake ${flake}#${machine}" )
( set -x; ${openssh} -t ${userHost} "sudo flock -w 60 /dev/shm/nixinate-${machine} nixos-rebuild ${switch} --flake ${flake}#${machine}" )
'')
else ''
echo "🔨 Building system closure locally, copying it to remote store and activating it:"
( set -x; NIX_SSHOPTS="-t" ${flock} -w 60 /dev/shm/nixinate-${machine} ${nixos-rebuild} ${nixOptions} ${switch} --flake ${flake}#${machine} --target-host ${user}@${host} --use-remote-sudo ${optionalString substituteOnTarget "-s"} )
( set -x; NIX_SSHOPTS="-t" ${flock} -w 60 /dev/shm/nixinate-${machine} ${nixos-rebuild} ${nixOptions} ${switch} --flake ${flake}#${machine} --target-host ${userHost} --use-remote-sudo ${optionalString substituteOnTarget "-s"} )

'');
in final.writeShellScript "deploy-${machine}.sh" script;
Expand Down