From 2fc4b9c0a562038217c9e9b562644722601f04bf Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Tue, 16 Nov 2021 19:00:15 +0100 Subject: Custom ssh config, passwordless sudo --- configuration.nix | 9 ++++++--- deploy.sh | 19 +++++++++++++++---- inventory | 3 --- ssh_config | 10 ++++++++++ ssh_known_hosts | 3 +++ 5 files changed, 34 insertions(+), 10 deletions(-) delete mode 100644 inventory create mode 100644 ssh_config create mode 100644 ssh_known_hosts diff --git a/configuration.nix b/configuration.nix index 88fae6e..608a08f 100644 --- a/configuration.nix +++ b/configuration.nix @@ -187,9 +187,12 @@ in ]; }; - users.extraUsers.root.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJpaBZdYxHqMxhv2RExAOa7nkKhPBOHupMP3mYaZ73w9 lx@lindy" - ]; + # Passwordless sudo + security.sudo.wheelNeedsPassword = false; + + # users.extraUsers.root.openssh.authorizedKeys.keys = [ + # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJpaBZdYxHqMxhv2RExAOa7nkKhPBOHupMP3mYaZ73w9 lx@lindy" + # ]; # List packages installed in system profile. To search, run: # $ nix search wget diff --git a/deploy.sh b/deploy.sh index a9a9261..e7384d8 100755 --- a/deploy.sh +++ b/deploy.sh @@ -1,8 +1,19 @@ #!/usr/bin/env bash -for NIXHOST in $(cat inventory); do +cd $(dirname $0) + +for NIXHOST in $(ls node); do + NIXHOST=${NIXHOST%.*} + + if [ -z "$SSH_USER" ]; then + SSH_DEST=$NIXHOST + else + SSH_DEST=$SSH_USER@$NIXHOST + fi + echo "==== DOING $NIXHOST ====" - cat configuration.nix | ssh root@$NIXHOST tee /etc/nixos/configuration.nix > /dev/null - cat node/$NIXHOST.nix | ssh root@$NIXHOST tee /etc/nixos/node.nix > /dev/null - ssh root@$NIXHOST nixos-rebuild switch + + cat configuration.nix | ssh -F ssh_config $SSH_DEST sudo tee /etc/nixos/configuration.nix > /dev/null + cat node/$NIXHOST.nix | ssh -F ssh_config $SSH_DEST sudo tee /etc/nixos/node.nix > /dev/null + ssh -F ssh_config $SSH_DEST sudo nixos-rebuild switch done diff --git a/inventory b/inventory deleted file mode 100644 index 2a207b8..0000000 --- a/inventory +++ /dev/null @@ -1,3 +0,0 @@ -caribou -carcajou -cariacou diff --git a/ssh_config b/ssh_config new file mode 100644 index 0000000..c685411 --- /dev/null +++ b/ssh_config @@ -0,0 +1,10 @@ +UserKnownHostsFile ./ssh_known_hosts + +Host caribou + HostName 10.42.0.23 + +Host carcajou + HostName 10.42.0.22 + +Host cariacou + HostName 10.42.0.21 diff --git a/ssh_known_hosts b/ssh_known_hosts new file mode 100644 index 0000000..b0de4db --- /dev/null +++ b/ssh_known_hosts @@ -0,0 +1,3 @@ +10.42.0.22 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXyY9yZdq/VYpg3K1plBzFvim41tWlu+Dmov3BNSm39 +10.42.0.21 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILYIRbHPU1w1xWRpm2+u3QsXOKfMjv1EXrpYbHT+epds +10.42.0.23 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICNRilSqrgqdZlLdhN2eOY5ZMbzqpeqAdIf6QuChhXU+ -- cgit v1.2.3