kiara/Fediversity
1
0
Fork 0
forked from fediversity/fediversity
Code Pull requests Activity

support ssh option values containing spaces

Browse source
This commit is contained in:
Kiara Grouwstra 2025-08-01 16:20:22 +02:00
parent 18ccd900b2
commit 0a344a6b3d
1 changed files with 21 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
deployment/run/ssh-single-host/run.sh
View file

@ -1,23 +1,33 @@
#! /usr/bin/env bash #! /usr/bin/env bash
set -xeuo pipefail set -xeuo pipefail
declare username host key_file ssh_opts nixos_conf declare username host key_file ssh_opts nixos_conf
IFS=" " read -r -a ssh_opts <<< "$( (echo "$ssh_opts" | jq -r '@sh') | tr -d \'\")" readarray -t ssh_opts < <(echo "$ssh_opts" | jq -r '.[]')
# DEPLOY # DEPLOY
sshOpts=( sshOptsInit=(
-o BatchMode=yes -o BatchMode=yes
-o StrictHostKeyChecking=no -o StrictHostKeyChecking=no
) )
for ssh_opt in "${ssh_opts[@]}"; do
sshOpts+=(
-o "$ssh_opt"
)
done
if [[ -n "$key_file" ]]; then if [[ -n "$key_file" ]]; then
sshOpts+=( sshOptsInit+=(
-i "$key_file" -i "$key_file"
) )
fi fi
# [@] will quote variables containing spaces itself
sshOptsAt=("${sshOptsInit[@]}")
for ssh_opt in "${ssh_opts[@]}"; do
sshOptsAt+=(
-o "${ssh_opt}"
)
done
# [*] needs manual quoting
sshOptsAsterisk=("${sshOptsInit[@]}")
for ssh_opt in "${ssh_opts[@]}"; do
sshOptsAsterisk+=(
-o "\"${ssh_opt}\""
)
done
destination="$username@$host" destination="$username@$host"
command=(nix-instantiate --show-trace "${nixos_conf}") command=(nix-instantiate --show-trace "${nixos_conf}")
@ -32,9 +42,9 @@ command=(nix-instantiate --show-trace "${nixos_conf}")
# FIXME explore import/readFile as ways to instantiate the derivation, potentially allowing to realize the store path up-front from Nix? # FIXME explore import/readFile as ways to instantiate the derivation, potentially allowing to realize the store path up-front from Nix?
outPath=$(nix-store --realize "$("${command[@]}" -A config.system.build.toplevel.drvPath --eval --strict --json | jq -r '.')") outPath=$(nix-store --realize "$("${command[@]}" -A config.system.build.toplevel.drvPath --eval --strict --json | jq -r '.')")
# deploy the config by nix-copy-closure # deploy the config by nix-copy-closure
NIX_SSHOPTS="${sshOpts[*]}" nix-copy-closure --to "$destination" "$outPath" --gzip --use-substitutes NIX_SSHOPTS="${sshOptsAsterisk[*]}" nix-copy-closure --to "$destination" "$outPath" --gzip --use-substitutes
# switch the remote host to the config # switch the remote host to the config
# shellcheck disable=SC2029 # shellcheck disable=SC2029
ssh "${sshOpts[@]}" "$destination" "nix-env --profile /nix/var/nix/profiles/system --set $outPath" ssh "${sshOptsAt[@]}" "$destination" "nix-env --profile /nix/var/nix/profiles/system --set $outPath"
# shellcheck disable=SC2029 # shellcheck disable=SC2029
ssh -o "ConnectTimeout=1" -o "ServerAliveInterval=1" "${sshOpts[@]}" "$destination" "nohup $outPath/bin/switch-to-configuration switch &" 2>&1 ssh -o "ConnectTimeout=5" -o "ServerAliveInterval=1" "${sshOptsAt[@]}" "$destination" "nohup env $outPath/bin/switch-to-configuration switch &" 2>&1