Skip to content

Commit

Permalink
nixos-rebuild: support sudo + --target-host
Browse files Browse the repository at this point in the history 
This adds support for deploying to remote hosts without being root:

  sudo nixos-rebuild --target-host non-root@host

Without this change, only root@host is able to deploy.

The idea is that if the local command is run with sudo, so should the
remote one, thus there is no need for adding any CLI options.
  • Loading branch information
@bjornfor
bjornfor committed Oct 22, 2019
1 parent 14803d8 commit 263a81e
Showing 1 changed file with 7 additions and 3 deletions.
10 changes: 7 additions & 3 deletions nixos/modules/installer/tools/nixos-rebuild.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ repair=
profile=/nix/var/nix/profiles/system
buildHost=
targetHost=
maybeSudo=

while [ "$#" -gt 0 ]; do
i="$1"; shift 1
Expand Down Expand Up @@ -96,6 +97,9 @@ while [ "$#" -gt 0 ]; do
esac
done

if [ -n "$SUDO_USER" ]; then
maybeSudo="sudo "
fi

if [ -z "$buildHost" -a -n "$targetHost" ]; then
buildHost="$targetHost"
Expand All @@ -111,17 +115,17 @@ buildHostCmd() {
if [ -z "$buildHost" ]; then
"$@"
elif [ -n "$remoteNix" ]; then
ssh $SSHOPTS "$buildHost" env PATH="$remoteNix:$PATH" "$@"
ssh $SSHOPTS "$buildHost" env PATH="$remoteNix:$PATH" "$maybeSudo$@"
else
ssh $SSHOPTS "$buildHost" "$@"
ssh $SSHOPTS "$buildHost" "$maybeSudo$@"
fi
}

targetHostCmd() {
if [ -z "$targetHost" ]; then
"$@"
else
ssh $SSHOPTS "$targetHost" "$@"
ssh $SSHOPTS "$targetHost" "$maybeSudo$@"
fi
}

Expand Down

0 comments on commit 263a81e

Please sign in to comment.