fediversity/fediversity
13
2
Fork 6
Code Issues 121 Pull requests 19 Projects 1 Activity Actions

Get rid of the need for deployer.pub (#385)
All checks were successful
/ check-pre-commit (push) Successful in 10s
Details
/ check-peertube (push) Successful in 18s
Details
/ check-panel (push) Successful in 1m22s
Details
/ check-deployment-basic (push) Successful in 43s
Details
/ check-deployment-cli (push) Successful in 41s
Details

Browse source 
The tests still work because we manually write the deployer's public key in `/root/.ssh/authorized_keys` on the target machines. In itself, however, the configuration that we push does not allow the deployer to push anything on the target machines.

Context: Fediversity/Fediversity#361 (comment)
Reviewed-on: Fediversity/Fediversity#385
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
This commit is contained in:
Nicolas Jeannerod 2025-06-17 16:34:29 +02:00 committed by Nicolas Jeannerod
parent 3a3a083793
commit 4801433ae0
2 changed files with 0 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
deployment/check/cli/deployer.pub
View file

@ -1 +0,0 @@
## This is a placeholder file. It will be overwritten by the test.

1
deployment/check/common/nixosTest.nix
View file

@ -119,7 +119,6 @@ in
with subtest("Configure the deployer key"):
deployer.succeed("""mkdir -p ~/.ssh && ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa""")
deployer_key = deployer.succeed("cat ~/.ssh/id_rsa.pub").strip()
deployer.succeed(f"echo '{deployer_key}' > ${config.pathFromRoot}/deployer.pub")
${forConcat config.targetMachines (tm: ''
${tm}.succeed(f"mkdir -p /root/.ssh && echo '{deployer_key}' >> /root/.ssh/authorized_keys")
'')}