mirror of
https://github.com/fort-nix/nix-bitcoin.git
synced 2024-11-22 13:14:15 +03:00
examples/deploy-container: fix sudo
env propagation
Env vars can't be reliably passed through `sudo`, so always call nix-shell to setup the env after running sudo.
This commit is contained in:
parent
8d476cfeaf
commit
4b5b4eac58
@ -1,17 +1,11 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
if [[ ! -v NIX_BITCOIN_EXAMPLES_DIR ]]; then
|
||||
echo "Running script in nix shell env..."
|
||||
cd "${BASH_SOURCE[0]%/*}"
|
||||
exec nix-shell --run "./${BASH_SOURCE[0]##*/} $*"
|
||||
else
|
||||
cd "$NIX_BITCOIN_EXAMPLES_DIR"
|
||||
fi
|
||||
|
||||
tmpDir=$(mktemp -d /tmp/nix-bitcoin-minimal-container.XXX)
|
||||
trap 'rm -rf $tmpDir' EXIT
|
||||
|
||||
cd "${BASH_SOURCE[0]%/*}"
|
||||
|
||||
# Modify importable-configuration.nix to use the local <nix-bitcoin>
|
||||
# source instead of fetchTarball
|
||||
<importable-configuration.nix sed '
|
||||
@ -31,4 +25,4 @@ cat > "$tmpDir/configuration.nix" <<EOF
|
||||
}
|
||||
EOF
|
||||
|
||||
"${BASH_SOURCE[0]%/*}/deploy-container.sh" "$tmpDir/configuration.nix" "$@"
|
||||
./deploy-container.sh "$tmpDir/configuration.nix" "$@"
|
||||
|
@ -8,23 +8,21 @@ set -euo pipefail
|
||||
# Run with option `--interactive` or `-i` to start a shell for interacting with
|
||||
# the node.
|
||||
|
||||
if [[ ! -v NIX_BITCOIN_EXAMPLES_DIR ]]; then
|
||||
echo "Running script in nix shell env..."
|
||||
cd "${BASH_SOURCE[0]%/*}"
|
||||
exec nix-shell --run "./${BASH_SOURCE[0]##*/} $*"
|
||||
else
|
||||
cd "$NIX_BITCOIN_EXAMPLES_DIR"
|
||||
if [[ $EUID != 0 ]]; then
|
||||
# NixOS containers require root permissions
|
||||
exec sudo "${BASH_SOURCE[0]}" "$@"
|
||||
fi
|
||||
|
||||
if [[ $(sysctl -n net.ipv4.ip_forward || sudo sysctl -n net.ipv4.ip_forward) != 1 ]]; then
|
||||
if [[ $(sysctl -n net.ipv4.ip_forward) != 1 ]]; then
|
||||
echo "Error: IP forwarding (net.ipv4.ip_forward) is not enabled."
|
||||
echo "Needed for container WAN access."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ $EUID != 0 ]]; then
|
||||
# NixOS containers require root permissions
|
||||
exec sudo "PATH=$PATH" "NIX_PATH=$NIX_PATH" "NIX_BITCOIN_EXAMPLES_DIR=$NIX_BITCOIN_EXAMPLES_DIR" "${BASH_SOURCE[0]}" "$@"
|
||||
if [[ ! -v DEPLOY_CONTAINER_NIX_SHELL ]]; then
|
||||
echo "Running script in nix shell env..."
|
||||
cd "${BASH_SOURCE[0]%/*}"
|
||||
DEPLOY_CONTAINER_NIX_SHELL=1 exec nix-shell --run "./${BASH_SOURCE[0]##*/} $*"
|
||||
fi
|
||||
|
||||
interactive=
|
||||
|
Loading…
Reference in New Issue
Block a user