Remote Deployment Support¶
Checks if the system has the required configuration to safely perform remote deployments. This avoids a lock-out after the deployment.
Checks¶
ssh_enabled
- SSH service must be enabledsudo_enabled
- Sudo must be availablewheel_passwordless
- Wheel group should not require password for sudonix_trusts_wheel
- Wheel group must be trusted by Nixuser_access
- Current user must have SSH accessuser_in_wheel
- Current user must be in wheel group
Details¶
ssh_enabled
¶
Description: SSH service must be enabled
How to fix:
Set services.openssh.enable = true
sudo_enabled
¶
Description: Sudo must be available
How to fix:
Set security.sudo.enable = true
wheel_passwordless
¶
Description: Wheel group should not require password for sudo
How to fix:
Set security.sudo.wheelNeedsPassword = false
nix_trusts_wheel
¶
Description: Wheel group must be trusted by Nix
How to fix:
Add @wheel
to nix.settings.trusted-users
user_access
¶
Description: Current user must have SSH access
How to fix: Add your SSH key to the user's authorized_keys
user_in_wheel
¶
Description: Current user must be in wheel group
How to fix: Add your user to the wheel group