examples/deploy-container: fix sudo
env propagation
Env vars can't be reliably passed through `sudo`, so always call nix-shell to setup the env after running sudo.
This commit is contained in:
parent
8d476cfeaf
commit
4b5b4eac58
@ -1,17 +1,11 @@
|
|||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
|
|
||||||
if [[ ! -v NIX_BITCOIN_EXAMPLES_DIR ]]; then
|
|
||||||
echo "Running script in nix shell env..."
|
|
||||||
cd "${BASH_SOURCE[0]%/*}"
|
|
||||||
exec nix-shell --run "./${BASH_SOURCE[0]##*/} $*"
|
|
||||||
else
|
|
||||||
cd "$NIX_BITCOIN_EXAMPLES_DIR"
|
|
||||||
fi
|
|
||||||
|
|
||||||
tmpDir=$(mktemp -d /tmp/nix-bitcoin-minimal-container.XXX)
|
tmpDir=$(mktemp -d /tmp/nix-bitcoin-minimal-container.XXX)
|
||||||
trap 'rm -rf $tmpDir' EXIT
|
trap 'rm -rf $tmpDir' EXIT
|
||||||
|
|
||||||
|
cd "${BASH_SOURCE[0]%/*}"
|
||||||
|
|
||||||
# Modify importable-configuration.nix to use the local <nix-bitcoin>
|
# Modify importable-configuration.nix to use the local <nix-bitcoin>
|
||||||
# source instead of fetchTarball
|
# source instead of fetchTarball
|
||||||
<importable-configuration.nix sed '
|
<importable-configuration.nix sed '
|
||||||
@ -31,4 +25,4 @@ cat > "$tmpDir/configuration.nix" <<EOF
|
|||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
"${BASH_SOURCE[0]%/*}/deploy-container.sh" "$tmpDir/configuration.nix" "$@"
|
./deploy-container.sh "$tmpDir/configuration.nix" "$@"
|
||||||
|
@ -8,23 +8,21 @@ set -euo pipefail
|
|||||||
# Run with option `--interactive` or `-i` to start a shell for interacting with
|
# Run with option `--interactive` or `-i` to start a shell for interacting with
|
||||||
# the node.
|
# the node.
|
||||||
|
|
||||||
if [[ ! -v NIX_BITCOIN_EXAMPLES_DIR ]]; then
|
if [[ $EUID != 0 ]]; then
|
||||||
echo "Running script in nix shell env..."
|
# NixOS containers require root permissions
|
||||||
cd "${BASH_SOURCE[0]%/*}"
|
exec sudo "${BASH_SOURCE[0]}" "$@"
|
||||||
exec nix-shell --run "./${BASH_SOURCE[0]##*/} $*"
|
|
||||||
else
|
|
||||||
cd "$NIX_BITCOIN_EXAMPLES_DIR"
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ $(sysctl -n net.ipv4.ip_forward || sudo sysctl -n net.ipv4.ip_forward) != 1 ]]; then
|
if [[ $(sysctl -n net.ipv4.ip_forward) != 1 ]]; then
|
||||||
echo "Error: IP forwarding (net.ipv4.ip_forward) is not enabled."
|
echo "Error: IP forwarding (net.ipv4.ip_forward) is not enabled."
|
||||||
echo "Needed for container WAN access."
|
echo "Needed for container WAN access."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ $EUID != 0 ]]; then
|
if [[ ! -v DEPLOY_CONTAINER_NIX_SHELL ]]; then
|
||||||
# NixOS containers require root permissions
|
echo "Running script in nix shell env..."
|
||||||
exec sudo "PATH=$PATH" "NIX_PATH=$NIX_PATH" "NIX_BITCOIN_EXAMPLES_DIR=$NIX_BITCOIN_EXAMPLES_DIR" "${BASH_SOURCE[0]}" "$@"
|
cd "${BASH_SOURCE[0]%/*}"
|
||||||
|
DEPLOY_CONTAINER_NIX_SHELL=1 exec nix-shell --run "./${BASH_SOURCE[0]##*/} $*"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
interactive=
|
interactive=
|
||||||
|
Loading…
Reference in New Issue
Block a user