nix-community/nixos-anywhere
1
1
Fork 0
mirror of https://github.com/nix-community/nixos-anywhere.git synced 2024-09-11 08:35:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #305 from a-kenji/add-password

Browse Source 
feat: add copy-password
This commit is contained in:
lassulus 2024-04-23 12:28:33 +02:00 committed by GitHub
commit 5f06770db9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 35 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/quickstart.md
View File

@ -106,6 +106,12 @@ below.
6. On the target machine, make sure you have access as root via ssh by adding 6. On the target machine, make sure you have access as root via ssh by adding
your SSH key to the file `authorized_keys` in the directory `/root/.ssh` your SSH key to the file `authorized_keys` in the directory `/root/.ssh`
Optionally, bootstrapping can also be performed through password login. For
example through the `image-installer-*` provided by
`nix-community/nixos-images`. Assign your password to the `SSH_PASS`
environment variable and specify `--env-password` as an additional command
line option. This will provide `ssh-copy-id` with the required password.
7. (Optional) Test your nixos and disko configuration: 7. (Optional) Test your nixos and disko configuration:
The following command will automatically test your nixos configuration and The following command will automatically test your nixos configuration and

2
src/default.nix
View File

@ -10,6 +10,7 @@
, gawk , gawk
, findutils , findutils
, gnused , gnused
, sshpass
, terraform-docs , terraform-docs
, lib , lib
, makeWrapper , makeWrapper
@ -26,6 +27,7 @@ let
gawk gawk
findutils findutils
gnused # needed by ssh-copy-id gnused # needed by ssh-copy-id
sshpass # used to provide password for ssh-copy-id
rsync # used to upload extra-files rsync # used to upload extra-files
]; ];
in in

35
src/nixos-anywhere.sh
View File

@ -17,6 +17,9 @@ Options:
set an ssh option set an ssh option
* -L, --print-build-logs * -L, --print-build-logs
print full build logs print full build logs
* --env-password
set a password used by ssh-copy-id, the password should be set by
the environment variable SSH_PASS
* -s, --store-paths <disko-script> <nixos-system> * -s, --store-paths <disko-script> <nixos-system>
set the store paths to the disko-script and nixos-system directly set the store paths to the disko-script and nixos-system directly
if this is given, flake is not needed if this is given, flake is not needed
@ -162,6 +165,9 @@ while [[ $# -gt 0 ]]; do
--build-on-remote) --build-on-remote)
build_on_remote=y build_on_remote=y
;; ;;
--env-password)
env_password=y
;;
--vm-test) --vm-test)
vm_test=y vm_test=y
;; ;;
@ -288,14 +294,27 @@ ssh_port=$(echo "$ssh_settings" | awk '/^port / { print $2 }')
step Uploading install SSH keys step Uploading install SSH keys
until until
ssh-copy-id \ if [[ -n ${env_password-} ]]; then
-i "$ssh_key_dir"/nixos-anywhere.pub \ sshpass -e \
-o ConnectTimeout=10 \ ssh-copy-id \
-o UserKnownHostsFile=/dev/null \ -i "$ssh_key_dir"/nixos-anywhere.pub \
-o StrictHostKeyChecking=no \ -o ConnectTimeout=10 \
"${ssh_copy_id_args[@]}" \ -o UserKnownHostsFile=/dev/null \
"${ssh_args[@]}" \ -o IdentitiesOnly=yes \
"$ssh_connection" -o StrictHostKeyChecking=no \
"${ssh_copy_id_args[@]}" \
"${ssh_args[@]}" \
"$ssh_connection"
else
ssh-copy-id \
-i "$ssh_key_dir"/nixos-anywhere.pub \
-o ConnectTimeout=10 \
-o UserKnownHostsFile=/dev/null \
-o StrictHostKeyChecking=no \
"${ssh_copy_id_args[@]}" \
"${ssh_args[@]}" \
"$ssh_connection"
fi
do do
sleep 3 sleep 3
done done