Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow usage of generated SSH key even when there is no previous activation #1500

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

ethnt
Copy link

@ethnt ethnt commented Jan 15, 2022

I re-implemented the code in #1157 after bringing it up to date with master. I think this would solve the issue mentioned at #904. If I need to add typing, please let me know 🙏

To add a bit of color: I had an initial deployment that failed (mostly related to usage of sops-nix, but that feels unrelated). Subsequent deploys weren't able to be performed because it would never use the generated SSH key. This seems like it could be a semi-common condition — however, I'm not sure about the reasoning behind the original conditional.

@roberth
Copy link
Member

roberth commented Mar 1, 2023

Hi @ethnt,

According to the git blame, we switched to setting the authorized_keys via the NixOS configuration at some point 8ad1138

The original issue describes a situation where an activation did happen, in which case this change doesn't seem useful, unless NixOps is unaware that the activation succeeded. Maybe it isn't quite sure and the cur_toplevel is only set when it's absolutely sure that the activation succeeded? In that case --force-reboot does indeed explain it.

It seems like this is something we could write a regression test for, based on, or in: https://github.com/NixOS/nixops/blob/master/integration-tests/default.nix

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants