nix-community/nixos-anywhere
1
1
Fork 0
mirror of https://github.com/nix-community/nixos-anywhere.git synced 2024-08-16 20:00:36 +03:00
Code Issues Packages Projects Releases Wiki Activity
355 Commits 18 Branches 6 Tags 3.3 MiB
staging
Commit Graph

355 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
lassulus
af10a53ab3 build-on-remote: fix check for store_paths 2023-04-27 12:30:11 +02:00
bors[bot]
28be7391b4
Merge #86 
86: add --build-on-remote flag r=Mic92 a=Lassulus



Co-authored-by: lassulus <git@lassul.us>
 2023-04-27 09:46:54 +00:00
lassulus
dc27d00293 add --build-on-remote flag 2023-04-25 15:49:24 +02:00
bors[bot]
7563cf5863
Merge #81 
81: terraform/nixos-rebuild: do not ignore deploy errors by default r=jfroche a=jfroche



Co-authored-by: Jean-François Roche <jfroche@pyxel.be>
 2023-04-05 20:48:42 +00:00
bors[bot]
78a91e94a3
Merge #83 
83: Add link to blogpost r=phaer a=phaer



Co-authored-by: Paul Haerle <hello@phaer.org>
 2023-04-05 14:11:49 +00:00
Paul Haerle
f503e9024b
Add link to blogpost 
@tfc has written a nice walk-through on his blog at: https://galowicz.de/2023/04/05/single-command-server-bootstrap/ . This links to it in README.md
 2023-04-05 14:26:39 +02:00
Jean-François Roche
a82a84da8a terraform/nixos-rebuild: do not ignore deploy errors by default 
Add option to ignore systemd errors during deployment.

Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
 2023-04-04 17:10:28 +02:00
bors[bot]
be2221a9bd
Merge #80 
80: fix(rebuild): use sudo if rebuild with another user than root r=jfroche a=jfroche



Co-authored-by: Jean-François Roche <jfroche@pyxel.be>
 2023-04-04 14:29:56 +00:00
Jean-François Roche
4371932193 fix(rebuild): use sudo if rebuild with another user than root 
In order to switch the NixOS configuration, we must have root access.
If we are connecting to the target host with a non-root user, we use the "sudo" command.

We could instead use `nixos-rebuild --use-remote-sudo --target-host` but it
would evaluate the nixos system again.
 2023-03-31 21:33:05 +02:00
bors[bot]
ac1eaaf67b
Merge #79 
79: fix small security race r=Mic92 a=zimbatm



Co-authored-by: zimbatm <zimbatm@zimbatm.com>
 2023-03-29 18:05:43 +00:00
zimbatm
eafa9cfce5
nixos-rebuild: fix double trap 
Only one callback can be installed per signal in Bash. Because the
previous `trap` removes the whole temporary workdir, the one around the
SSH key is redundant.
 2023-03-29 16:17:29 +02:00
zimbatm
1120774e38
nixos-rebuild: fix SSH key security race 
Make sure the ssh_key file is always 0700
 2023-03-29 16:17:28 +02:00
bors[bot]
ee5c39fcb1
Merge #78 
78: terraform: allow nixos-rebuild to use specified private key for deployment r=Lassulus a=jfroche



Co-authored-by: Jean-François Roche <jfroche@affinitic.be>
Co-authored-by: Samuel Rounce <srounce@users.noreply.github.com>
 2023-03-29 10:13:49 +00:00
Samuel Rounce
5adb698f51
fix(terraform/nixos-rebuild): typo in variables.sh 2023-03-29 09:09:21 +01:00
Jean-François Roche
16143cd8c0 terraform: allow nixos-rebuild to use specified private key for deployment 
`nixos-rebuild/deploy.sh` script enable ssh authentication with a given private key
through the `SSH_KEY` environment variable.

Add additional variable for the private key used for the deployment.
To encourage the use of ssh-agent and discourage the storage of deployment keys in the terraform state
we do not set the install ssh key as the default for the deployment key.

Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
 2023-03-28 00:28:48 +02:00
bors[bot]
ad954defb3
Merge #77 
77: wait for machine to be shutdown after deploy r=Lassulus a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
 2023-03-05 10:44:49 +00:00
Jörg Thalheim
5be3e00d57 wait for machine to be shutdown after deploy 2023-03-04 17:13:54 +01:00
bors[bot]
b7e335a5f8
Merge #76 
76: nixos-rebuild: allow to change deploy user r=Lassulus a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
 2023-03-04 13:33:08 +00:00
Jörg Thalheim
48fe2fa8cc nixos-rebuild: allow to change deploy user 2023-03-04 13:53:20 +01:00
bors[bot]
6d0e9235bd
Merge #75 
75: nixos-rebuild: allow to change deploy user r=Lassulus a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
 2023-03-03 14:31:47 +00:00
Jörg Thalheim
c2f70ed844 nixos-rebuild: allow to change deploy user 2023-03-03 14:47:03 +01:00
bors[bot]
63b9af6c33
Merge #74 
74: make nix find the right flake r=Mic92 a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
 2023-03-01 10:47:37 +00:00
Jörg Thalheim
c0c5fcce92 make nix find the right flake 2023-03-01 11:36:25 +01:00
bors[bot]
ff743f3183
Merge #72 
72: Terraform module fixes r=Mic92 a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
 2023-02-24 11:47:28 +00:00
bors[bot]
a1d93f94df
Merge #73 
73: quote flake attr to allow dots in nixos hostname r=Mic92 a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
 2023-02-24 07:29:31 +00:00
Jörg Thalheim
dfd9b256b1 quote flake attr to allow dots in nixos hostname 2023-02-24 08:28:30 +01:00
Jörg Thalheim
ed67349b96 terraform: improve module description 2023-02-23 17:10:09 +01:00
Jörg Thalheim
29b0f1b5f2 terraform: add instance_id to trigger reinstall 2023-02-23 16:15:52 +01:00
Jörg Thalheim
ed0ab16c58 terraform: drop dependency on the retry program 2023-02-23 16:15:52 +01:00
Jörg Thalheim
ac7f3b86a5 terraform: actually passthru kexec-url to nixos-anywhere 2023-02-22 16:42:55 +01:00
Jörg Thalheim
bedcb063cc fixup ssh key name for rsync 2023-02-22 16:42:55 +01:00
Jörg Thalheim
2abdb32c67 terraform/nix-build: fix building from non-flake 2023-02-22 16:42:55 +01:00
Jörg Thalheim
23bbd22fb2 add debug logging option 2023-02-22 16:42:55 +01:00
Jörg Thalheim
57a6ec5ffc terraform/install: fix nixos-anywhere flake attribute name 2023-02-22 16:42:49 +01:00
bors[bot]
bc0e634c95
Merge #21 
21: add terraform role and some minor changes r=Lassulus a=Lassulus



Co-authored-by: lassulus <lassulus@lassul.us>
Co-authored-by: lassulus <git@lassul.us>
 2023-02-14 07:22:16 +00:00
lassulus
9e00da86f5 add newline to ssh key provided via env 2023-02-14 07:34:24 +01:00
lassulus
411fb9bd76 terraform: init modules 2023-02-14 07:34:24 +01:00
lassulus
1b976d803c tests: fix running tests directly with nix-build 2023-02-14 07:34:24 +01:00
bors[bot]
716988d42e
Merge #70 
70: docs: clean after serve r=phaer a=zimbatm



Co-authored-by: zimbatm <zimbatm@zimbatm.com>
 2023-02-09 11:59:27 +00:00
zimbatm
90beb2b579
docs: clean after serve 
Don't pollute the tmpdir with old versions of the serve
 2023-02-09 12:17:50 +01:00
bors[bot]
5b6fd8fd5a
Merge #68 
68: Rsync permissions r=Mic92 a=Mic92



Co-authored-by: Pogobanane <aenderboy@gmx.de>
 2023-02-09 09:40:02 +00:00
Pogobanane
1d9ba4c702 nixos-remote-pxe: fix mkdir -p not setting permissions if folder already exists 2023-02-09 10:34:50 +01:00
bors[bot]
9b1ebfc3df
Merge #67 
67: nixos-remote: use installed ssh key also for rsync r=Mic92 a=Mic92



Co-authored-by: Pogobanane <aenderboy@gmx.de>
 2023-02-09 09:33:38 +00:00
Pogobanane
c1ebc5f57a nixos-remote: use installed ssh key also for rsync 2023-02-09 10:32:44 +01:00
bors[bot]
74c8547240
Merge #66 
66: prefer system's openssh r=phaer a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
 2023-02-07 09:17:43 +00:00
Jörg Thalheim
53951b7424 prefer system's openssh 
fixes https://github.com/numtide/nixos-anywhere/issues/62
 2023-02-07 09:21:54 +01:00
bors[bot]
8dd7a0e460
Merge #65 
65: .github/settings.yml: update homepage r=phaer a=zowoq



Co-authored-by: zowoq <59103226+zowoq@users.noreply.github.com>
 2023-02-07 06:53:51 +00:00
zowoq
2a470d0b4e .github/settings.yml: update homepage 2023-02-07 08:52:27 +10:00
bors[bot]
193a88b21a
Merge #64 
64: Change 'remote' -> 'anywhere' r=Mic92 a=paulmattei



Co-authored-by: paulmattei <38218340+paulmattei@users.noreply.github.com>
 2023-02-06 21:02:29 +00:00
paulmattei
776d6f7ba4
Change 'remote' -> 'anywhere' 2023-02-06 20:50:32 +00:00