summaryrefslogtreecommitdiffstats
path: root/pkgs/populate
diff options
context:
space:
mode:
authorMilan Pässler <me@pbb.lc>2019-11-29 12:34:31 +0100
committerMilan Pässler <me@pbb.lc>2019-11-29 12:56:03 +0100
commitcd215753338c9e077516deabac11735dfb624f06 (patch)
treea31a177d0c333b4144de0e6650a72ebc2a5c7101 /pkgs/populate
parent2e94e6eb24eec23075e5925f8de7468b3489d4fb (diff)
ssh, rsync: support using sudo on remote
This allows deployment of remote hosts without having ssh access to the root user. Passwordless sudo is recommended since krops will use multiple ssh sessions and the password will not be remembered. Closes https://github.com/krebs/krops/issues/3
Diffstat (limited to 'pkgs/populate')
-rw-r--r--pkgs/populate/default.nix10
1 files changed, 7 insertions, 3 deletions
diff --git a/pkgs/populate/default.nix b/pkgs/populate/default.nix
index 1367a50..8a383b1 100644
--- a/pkgs/populate/default.nix
+++ b/pkgs/populate/default.nix
@@ -157,6 +157,7 @@ let
fi
${rsync}/bin/rsync \
${optionalString (config.useChecksum or false) /* sh */ "--checksum"} \
+ ${optionalString target.sudo /* sh */ "--rsync-path=\"sudo rsync\""} \
-e ${quote (ssh' target)} \
-vFrlptD \
--delete-excluded \
@@ -172,9 +173,12 @@ let
shell' = target: script:
if isLocalTarget target
then script
- else /* sh */ ''
- ${ssh' target} ${quote target.host} ${quote script}
- '';
+ else
+ if target.sudo then /* sh */ ''
+ ${ssh' target} ${quote target.host} ${quote "sudo bash -c ${quote script}"}
+ '' else ''
+ ${ssh' target} ${quote target.host} ${quote script}
+ '';
ssh' = target: concatMapStringsSep " " quote [
"${openssh}/bin/ssh"