about summary refs log tree commit diff
path: root/nixpkgs/pkgs/os-specific/linux/nixos-rebuild
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/os-specific/linux/nixos-rebuild')
-rw-r--r--nixpkgs/pkgs/os-specific/linux/nixos-rebuild/default.nix1
-rw-r--r--nixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.86
-rwxr-xr-xnixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh46
3 files changed, 39 insertions, 14 deletions
diff --git a/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/default.nix b/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/default.nix
index 6c150b1b8cdb..9a7cca68bfd7 100644
--- a/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/default.nix
+++ b/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/default.nix
@@ -38,6 +38,7 @@ substituteAll {
     install-bootloader = nixosTests.nixos-rebuild-install-bootloader;
     simple-installer = nixosTests.installer.simple;
     specialisations = nixosTests.nixos-rebuild-specialisations;
+    target-host = nixosTests.nixos-rebuild-target-host;
   };
 
   meta = {
diff --git a/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8 b/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8
index 9eca8163feda..8df05f9310f2 100644
--- a/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8
+++ b/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8
@@ -363,11 +363,9 @@ is also set. This is useful when the target-host connection to cache.nixos.org
 is faster than the connection between hosts.
 .
 .It Fl -use-remote-sudo
-When set, nixos-rebuild prefixes remote commands that run on the
-.Fl -build-host
-and
+When set, nixos-rebuild prefixes activation commands that run on the
 .Fl -target-host
-systems with
+system with
 .Ic sudo Ns
 \&. Setting this option allows deploying as a non-root user.
 .
diff --git a/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh
index f9bda1a64b62..006b5db6320c 100755
--- a/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh
+++ b/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh
@@ -157,8 +157,10 @@ while [ "$#" -gt 0 ]; do
     esac
 done
 
-if [[ -n "$SUDO_USER" || -n $remoteSudo ]]; then
-    maybeSudo=(sudo --preserve-env="$preservedSudoVars" --)
+sudoCommand=(sudo --preserve-env="$preservedSudoVars" --)
+
+if [[ -n "$SUDO_USER" ]]; then
+    useSudo=1
 fi
 
 # log the given argument to stderr if verbose mode is on
@@ -175,20 +177,44 @@ runCmd() {
 }
 
 buildHostCmd() {
+    local c
+    if [[ "${useSudo:-x}" = 1 ]]; then
+        c=("${sudoCommand[@]}")
+    else
+        c=()
+    fi
+
     if [ -z "$buildHost" ]; then
         runCmd "$@"
     elif [ -n "$remoteNix" ]; then
-        runCmd ssh $SSHOPTS "$buildHost" "${maybeSudo[@]}" env PATH="$remoteNix":'$PATH' "$@"
+        runCmd ssh $SSHOPTS "$buildHost" "${c[@]}" env PATH="$remoteNix":'$PATH' "$@"
     else
-        runCmd ssh $SSHOPTS "$buildHost" "${maybeSudo[@]}" "$@"
+        runCmd ssh $SSHOPTS "$buildHost" "${c[@]}" "$@"
     fi
 }
 
 targetHostCmd() {
+    local c
+    if [[ "${useSudo:-x}" = 1 ]]; then
+        c=("${sudoCommand[@]}")
+    else
+        c=()
+    fi
+
     if [ -z "$targetHost" ]; then
-        runCmd "${maybeSudo[@]}" "$@"
+        runCmd "${c[@]}" "$@"
+    else
+        runCmd ssh $SSHOPTS "$targetHost" "${c[@]}" "$@"
+    fi
+}
+
+targetHostSudoCmd() {
+    if [ -n "$remoteSudo" ]; then
+        useSudo=1 SSHOPTS="$SSHOPTS -t" targetHostCmd "$@"
     else
-        runCmd ssh $SSHOPTS "$targetHost" "${maybeSudo[@]}" "$@"
+        # While a tty might not be necessary, we apply it to be consistent with
+        # sudo usage, and an experience that is more consistent with local deployment.
+        SSHOPTS="$SSHOPTS -t" targetHostCmd "$@"
     fi
 }
 
@@ -667,7 +693,7 @@ if [ -z "$rollback" ]; then
             pathToConfig="$(nixFlakeBuild "$flake#$flakeAttr.config.system.build.toplevel" "${extraBuildFlags[@]}" "${lockFlags[@]}")"
         fi
         copyToTarget "$pathToConfig"
-        targetHostCmd nix-env -p "$profile" --set "$pathToConfig"
+        targetHostSudoCmd nix-env -p "$profile" --set "$pathToConfig"
     elif [[ "$action" = test || "$action" = build || "$action" = dry-build || "$action" = dry-activate ]]; then
         if [[ -z $flake ]]; then
             pathToConfig="$(nixBuild '<nixpkgs/nixos>' -A system -k "${extraBuildFlags[@]}")"
@@ -695,7 +721,7 @@ if [ -z "$rollback" ]; then
     fi
 else # [ -n "$rollback" ]
     if [[ "$action" = switch || "$action" = boot ]]; then
-        targetHostCmd nix-env --rollback -p "$profile"
+        targetHostSudoCmd nix-env --rollback -p "$profile"
         pathToConfig="$profile"
     elif [[ "$action" = test || "$action" = build ]]; then
         systemNumber=$(
@@ -740,7 +766,7 @@ if [[ "$action" = switch || "$action" = boot || "$action" = test || "$action" =
     if [[ -n "$NIXOS_SWITCH_USE_DIRTY_ENV" ]]; then
         log "warning: skipping systemd-run since NIXOS_SWITCH_USE_DIRTY_ENV is set. This environment variable will be ignored in the future"
         cmd=()
-    elif ! targetHostCmd "${cmd[@]}" true &>/dev/null; then
+    elif ! targetHostSudoCmd "${cmd[@]}" true; then
         logVerbose "Skipping systemd-run to switch configuration since it is not working in target host."
         cmd=(
             "env"
@@ -762,7 +788,7 @@ if [[ "$action" = switch || "$action" = boot || "$action" = test || "$action" =
         fi
     fi
 
-    if ! targetHostCmd "${cmd[@]}" "$action"; then
+    if ! targetHostSudoCmd "${cmd[@]}" "$action"; then
         log "warning: error(s) occurred while switching to the new configuration"
         exit 1
     fi
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-29 10:02:06 +0000