Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
nixos-rebuild: support sudo + --target-host #71143
Motivation for this change
This adds support for deploying to remote hosts without being root:
Without this change, only root@host is able to deploy.
The idea is that if the local command is run with sudo, so should the
This adds support for deploying to remote hosts without being root: sudo nixos-rebuild --target-host non-root@host Without this change, only root@host is able to deploy. The idea is that if the local command is run with sudo, so should the remote one, thus there is no need for adding any CLI options.
I just find the assumption a bit weird, why would I want to use sudo remotely because it was used locally and the other way around?
I did it because of simplicity. But I agree there are use cases for local sudo != remote sudo.
I initially wanted to have a flag like --nixos-rebuild-path="sudo nixos-rebuild" (this matches rsync and borg), but nixos-rebuild doesn't call itself on the remote side, it calls nix-build, nix-env etc.
How about --use-sudo=0/1 that is only accepted when --target-host is set?