fix sudo support and add test

2024-07-14 19:40:42 +03:00 · 2022-12-30 18:51:46 +01:00 · 2022-12-30 18:51:46 +01:00 · 69353c0b59
commit 69353c0b59
parent 74741d593d
4 changed files with 35 additions and 1 deletions
--- a/flake.nix
+++ b/flake.nix
@ -37,6 +37,7 @@
        in
        {
          from-nixos = import ./tests/from-nixos.nix inputs;
+          from-nixos-with-sudo = import ./tests/from-nixos-with-sudo.nix inputs;
        };
    };
 }
--- a/7
+++ b/7
@ -134,6 +134,8 @@ fi

 # wait for machine to become reachable (possibly forever)
 # TODO we probably need an architecture detection here
+# TODO if we have specified a user here but we are already booted into the
+# installer, than the user might not work anymore
 until facts=$(ssh_ -o ConnectTimeout=10 -- <<SSH
 set -efu ${enable_debug}
 has(){
@ -178,7 +180,7 @@ set -efu ${enable_debug}
 SSH

  if [[ -f "$kexec_url" ]]; then
-    ssh_ 'tar -C /root/kexec -xvzf-' < "$kexec_url"
+    ssh_ "${maybesudo} tar -C /root/kexec -xvzf-" < "$kexec_url"
  elif [[ ${has_curl-n} == "y" ]]; then
    ssh_ "curl --fail -Ss -L '${kexec_url}' | ${maybesudo} tar -C /root/kexec -xvzf-"
  elif [[ ${has_wget-n} == "y" ]]; then
@ -194,6 +196,9 @@ SSH
  # wait for machine to become unreachable
  while timeout_ssh_ -- exit 0; do sleep 1; done

+  # After kexec we explicitly set the user to root@
+  ssh_connection="root@${ssh_connection#*@}"
+
  # watiting for machine to become available again
  until ssh_ -o ConnectTimeout=10 -- exit 0; do sleep 5; done
 fi
--- a/tests/from-nixos-with-sudo.nix
+++ b/tests/from-nixos-with-sudo.nix
@ -0,0 +1,21 @@
+(import ./lib/test-base.nix) {
+  name = "nixos-remote";
+  nodes = {
+    installer = ./modules/installer.nix;
+    installed = ./modules/installed.nix;
+  };
+  testScript = ''
+    start_all()
+    installer.succeed("""
+      eval $(ssh-agent)
+      ssh-add /etc/sshKey
+      ${../nixos-remote} \
+        --no-ssh-copy-id \
+        --debug \
+        --kexec /etc/nixos-remote/kexec-installer \
+        --stop-after-disko \
+        --store-paths /etc/nixos-remote/disko /etc/nixos-remote/system-to-install \
+        nixos@installed >&2
+    """)
+  '';
+}
--- a/tests/modules/installed.nix
+++ b/tests/modules/installed.nix
@ -2,4 +2,11 @@
  virtualisation.memorySize = 4096;
  services.openssh.enable = true;
  users.users.root.openssh.authorizedKeys.keyFiles = [ ./ssh-keys/ssh.pub ];
+  users.users.nixos = {
+    isNormalUser = true;
+    openssh.authorizedKeys.keyFiles = [ ./ssh-keys/ssh.pub ];
+    extraGroups = [ "wheel" ];
+  };
+  security.sudo.enable = true;
+  security.sudo.wheelNeedsPassword = false;
 }