scripts/deploy: avoid ssh-based copies to self
This commit is contained in:
parent
e34a9957e3
commit
131e43e975
|
@ -1,6 +1,8 @@
|
|||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -i bash -p nettools
|
||||
|
||||
SELF=$(hostname)
|
||||
|
||||
usage() {
|
||||
echo "deploy: deploy a nix config to a remote machine, possibly activating it"
|
||||
echo ""
|
||||
|
@ -20,7 +22,7 @@ info() {
|
|||
}
|
||||
|
||||
action=switch
|
||||
host=$(hostname)
|
||||
host="$SELF"
|
||||
variant=
|
||||
nixArgs=()
|
||||
parseArgs() {
|
||||
|
@ -61,9 +63,11 @@ parseArgs() {
|
|||
runOnTarget() {
|
||||
# run the command ($@) on the machine we're deploying to.
|
||||
# if that's a remote machine, then do it via ssh, else local shell.
|
||||
if [ -n "$addr" ]; then
|
||||
ssh "$addr" "$@"
|
||||
if [ -n "$host" ] && [ "$host" != "$SELF" ]; then
|
||||
info "running on remote:" "$@"
|
||||
ssh "$host" "$@"
|
||||
else
|
||||
info "running locally:" "$@"
|
||||
"$@"
|
||||
fi
|
||||
}
|
||||
|
@ -87,7 +91,7 @@ deployOneHost() {
|
|||
# - more introspectability and debuggability
|
||||
# - sandbox friendliness (especially: `git` doesn't have to be run as root)
|
||||
|
||||
if [ -n "$host" ]; then
|
||||
if [ -n "$host" ] && [ "$host" != "$SELF" ]; then
|
||||
if [ -e /run/secrets/nix_signing_key ]; then
|
||||
info "signing store paths ..."
|
||||
sudo nix store sign -r -k /run/secrets/nix_signing_key "$storePath"
|
||||
|
|
Loading…
Reference in New Issue
Block a user