diff options
author | Milan Pässler <me@pbb.lc> | 2019-11-29 12:34:31 +0100 |
---|---|---|
committer | Milan Pässler <me@pbb.lc> | 2019-11-29 12:56:03 +0100 |
commit | cd215753338c9e077516deabac11735dfb624f06 (patch) | |
tree | a31a177d0c333b4144de0e6650a72ebc2a5c7101 /pkgs | |
parent | 2e94e6eb24eec23075e5925f8de7468b3489d4fb (diff) |
ssh, rsync: support using sudo on remote
This allows deployment of remote hosts without having ssh access to the
root user. Passwordless sudo is recommended since krops will use
multiple ssh sessions and the password will not be remembered.
Closes https://github.com/krebs/krops/issues/3
Diffstat (limited to 'pkgs')
-rw-r--r-- | pkgs/krops/default.nix | 2 | ||||
-rw-r--r-- | pkgs/populate/default.nix | 10 |
2 files changed, 8 insertions, 4 deletions
diff --git a/pkgs/krops/default.nix b/pkgs/krops/default.nix index 13de4ce..e72e94c 100644 --- a/pkgs/krops/default.nix +++ b/pkgs/krops/default.nix @@ -26,7 +26,7 @@ in "-p" target.port "-t" target.host - command + (if target.sudo then command else "sudo ${command}") ]; }; diff --git a/pkgs/populate/default.nix b/pkgs/populate/default.nix index 1367a50..8a383b1 100644 --- a/pkgs/populate/default.nix +++ b/pkgs/populate/default.nix @@ -157,6 +157,7 @@ let fi ${rsync}/bin/rsync \ ${optionalString (config.useChecksum or false) /* sh */ "--checksum"} \ + ${optionalString target.sudo /* sh */ "--rsync-path=\"sudo rsync\""} \ -e ${quote (ssh' target)} \ -vFrlptD \ --delete-excluded \ @@ -172,9 +173,12 @@ let shell' = target: script: if isLocalTarget target then script - else /* sh */ '' - ${ssh' target} ${quote target.host} ${quote script} - ''; + else + if target.sudo then /* sh */ '' + ${ssh' target} ${quote target.host} ${quote "sudo bash -c ${quote script}"} + '' else '' + ${ssh' target} ${quote target.host} ${quote script} + ''; ssh' = target: concatMapStringsSep " " quote [ "${openssh}/bin/ssh" |