aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2021-11-16 19:00:15 +0100
committerAlex Auvolat <alex@adnab.me>2021-11-16 19:00:15 +0100
commit2fc4b9c0a562038217c9e9b562644722601f04bf (patch)
tree4951556712f833e7003d2a3ed147ad4f7e66b44e
parent77db1c714ced3b5cfa0a0852cc25d8bc7b1e6738 (diff)
downloadnixcfg-2fc4b9c0a562038217c9e9b562644722601f04bf.tar.gz
nixcfg-2fc4b9c0a562038217c9e9b562644722601f04bf.zip
Custom ssh config, passwordless sudo
-rw-r--r--configuration.nix9
-rwxr-xr-xdeploy.sh19
-rw-r--r--inventory3
-rw-r--r--ssh_config10
-rw-r--r--ssh_known_hosts3
5 files changed, 34 insertions, 10 deletions
diff --git a/configuration.nix b/configuration.nix
index 88fae6e..608a08f 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -187,9 +187,12 @@ in
];
};
- users.extraUsers.root.openssh.authorizedKeys.keys = [
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJpaBZdYxHqMxhv2RExAOa7nkKhPBOHupMP3mYaZ73w9 lx@lindy"
- ];
+ # Passwordless sudo
+ security.sudo.wheelNeedsPassword = false;
+
+ # users.extraUsers.root.openssh.authorizedKeys.keys = [
+ # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJpaBZdYxHqMxhv2RExAOa7nkKhPBOHupMP3mYaZ73w9 lx@lindy"
+ # ];
# List packages installed in system profile. To search, run:
# $ nix search wget
diff --git a/deploy.sh b/deploy.sh
index a9a9261..e7384d8 100755
--- a/deploy.sh
+++ b/deploy.sh
@@ -1,8 +1,19 @@
#!/usr/bin/env bash
-for NIXHOST in $(cat inventory); do
+cd $(dirname $0)
+
+for NIXHOST in $(ls node); do
+ NIXHOST=${NIXHOST%.*}
+
+ if [ -z "$SSH_USER" ]; then
+ SSH_DEST=$NIXHOST
+ else
+ SSH_DEST=$SSH_USER@$NIXHOST
+ fi
+
echo "==== DOING $NIXHOST ===="
- cat configuration.nix | ssh root@$NIXHOST tee /etc/nixos/configuration.nix > /dev/null
- cat node/$NIXHOST.nix | ssh root@$NIXHOST tee /etc/nixos/node.nix > /dev/null
- ssh root@$NIXHOST nixos-rebuild switch
+
+ cat configuration.nix | ssh -F ssh_config $SSH_DEST sudo tee /etc/nixos/configuration.nix > /dev/null
+ cat node/$NIXHOST.nix | ssh -F ssh_config $SSH_DEST sudo tee /etc/nixos/node.nix > /dev/null
+ ssh -F ssh_config $SSH_DEST sudo nixos-rebuild switch
done
diff --git a/inventory b/inventory
deleted file mode 100644
index 2a207b8..0000000
--- a/inventory
+++ /dev/null
@@ -1,3 +0,0 @@
-caribou
-carcajou
-cariacou
diff --git a/ssh_config b/ssh_config
new file mode 100644
index 0000000..c685411
--- /dev/null
+++ b/ssh_config
@@ -0,0 +1,10 @@
+UserKnownHostsFile ./ssh_known_hosts
+
+Host caribou
+ HostName 10.42.0.23
+
+Host carcajou
+ HostName 10.42.0.22
+
+Host cariacou
+ HostName 10.42.0.21
diff --git a/ssh_known_hosts b/ssh_known_hosts
new file mode 100644
index 0000000..b0de4db
--- /dev/null
+++ b/ssh_known_hosts
@@ -0,0 +1,3 @@
+10.42.0.22 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXyY9yZdq/VYpg3K1plBzFvim41tWlu+Dmov3BNSm39
+10.42.0.21 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILYIRbHPU1w1xWRpm2+u3QsXOKfMjv1EXrpYbHT+epds
+10.42.0.23 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICNRilSqrgqdZlLdhN2eOY5ZMbzqpeqAdIf6QuChhXU+