1 diff --git a/nixos/modules/installer/ssh-nixos.nix b/nixos/modules/installer/ssh-nixos.nix
3 index 00000000000..2822c8814c0
5 +++ b/nixos/modules/installer/ssh-nixos.nix
7 +{ pkgs, lib, config, ... }:
10 + inherit (config) networking;
11 + cfg = config.installer.ssh-nixos;
12 + nixRunDefaultCommand = "bash";
13 + ssh = pkgs.writeShellScriptBin "ssh" ''
17 + ssh -l '${cfg.login}' \
18 + ${lib.escapeShellArgs cfg.sshFlags} ''${SSH_FLAGS:-} "$@"
22 +options.installer.ssh-nixos = {
23 + PATH = lib.mkOption {
24 + type = types.listOf types.package;
26 + apply = lib.makeBinPath;
27 + description = "Packages to be appended to the <literal>PATH<literal> of the script.";
29 + script = lib.mkOption {
34 + gpg --decrypt initrd/ssh.key.gpg |
35 + ssh root@''${config.installer.ssh-nixos.target} \
36 + install -D -m 400 -o root -g root /dev/stdin /root/initrd/ssh.key
40 + Install script copying the configured NixOS via SSH
41 + to the <link linkend="opt-install.ssh-nixos.target">target</link>
42 + and switching to the new configuration.
43 + It is made available here for prepending or appending commands
44 + with the usual <literal>mkBefore</literal> and <literal>mkAfter</literal>.
45 + In case you run it often or add multiple ssh calls to it,
46 + consider configuring the OpenSSH client with <literal>ControlMaster auto</literal>
47 + to keep the SSH connexion alive between calls to <literal>literal</literal>.
49 + This script is usually run with:
51 + <prompt>$ </prompt> nix run system.config.installer.ssh-nixos -f nixos.nix
53 + where <literal>nixos.nix</literal> can be:
55 + import <nixpkgs/nixos> {
56 + system = "x86_64-linux";
57 + configuration = { config, lib, pkgs }: {
58 + # Your usual configuration.nix content can go here
63 + apply = script: pkgs.writeShellScriptBin nixRunDefaultCommand ''
66 + export OLDPATH=$PATH:${cfg.PATH}
67 + PATH="${ssh}/bin:$OLDPATH"
72 + login = lib.mkOption {
76 + description = "Login name passed to ssh.";
78 + target = lib.mkOption {
80 + default = "${networking.hostName}.${networking.domain}";
81 + example = "192.168.1.10";
82 + description = "Destination where to install NixOS passed to ssh.";
84 + sshFlags = lib.mkOption {
85 + type = types.listOf types.str;
86 + default = ["-o" "ControlMaster=auto"];
88 + Extra flags passed to <literal>ssh</literal>.
89 + Environment variable <literal>SSH_FLAGS</literal> can also be used at runtime.
92 + nixCopyFlags = lib.mkOption {
93 + type = types.listOf types.str;
94 + default = ["--substitute-on-destination"];
96 + Extra flags passed to <literal>nix copy</literal>.
97 + Environment variable <literal>NIX_COPY_FLAGS</literal> can also be used at runtime.
100 + profile = lib.mkOption {
102 + default = "/nix/var/nix/profiles/system";
106 + installer.ssh-nixos.PATH = with pkgs; [nix openssh];
107 + installer.ssh-nixos.script =
108 + let nixos = config.system.build.toplevel; in ''
109 + nix ''${NIX_FLAGS:-} copy \
110 + --to ssh://'${cfg.target}' \
111 + ${lib.escapeShellArgs cfg.nixCopyFlags} ''${NIX_COPY_FLAGS:-} \
113 + ssh '${cfg.target}' \
114 + nix-env --profile '${cfg.profile}' --set '${nixos}' '&&' \
115 + '${cfg.profile}'/bin/switch-to-configuration "''${NIXOS_SWITCH:-switch}"
118 +meta.maintainers = [ lib.maintainers.julm ];
120 diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
121 index f361163ca63..15659fde11b 100644
122 --- a/nixos/modules/module-list.nix
123 +++ b/nixos/modules/module-list.nix
125 ./i18n/input-method/ibus.nix
126 ./i18n/input-method/nabi.nix
127 ./i18n/input-method/uim.nix
128 + ./installer/ssh-nixos.nix
129 ./installer/tools/tools.nix
130 ./misc/assertions.nix