@@ -30,6 +30,8 @@ Options:
3030 nix option to pass to every nix related command
3131* --from store-uri
3232 URL of the source Nix store to copy the nixos and disko closure from
33+ * --build-on-remote
34+ build the closure on the remote machine instead of locally and copy-closuring it
3335USAGE
3436}
3537
@@ -109,6 +111,9 @@ while [[ $# -gt 0 ]]; do
109111 --no-substitute-on-destination)
110112 substitute_on_destination=n
111113 ;;
114+ --build-on-remote)
115+ build_on_remote=y
116+ ;;
112117
113118 * )
114119 if [[ -z ${ssh_connection-} ]]; then
@@ -145,7 +150,7 @@ nix_copy() {
145150 " $@ "
146151}
147152nix_build () {
148- nix build \
153+ NIX_SSHOPTS= " -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i $ssh_key_dir /nixos-anywhere " nix build \
149154 --print-out-paths \
150155 --no-link \
151156 " ${nix_options[@]} "
@@ -173,8 +178,10 @@ if [[ -n ${flake-} ]]; then
173178 echo ' For example, to use the output nixosConfigurations.foo from the flake.nix, append "#foo" to the flake-uri.' >&2
174179 exit 1
175180 fi
176- disko_script=$( nix_build " ${flake} #nixosConfigurations.\" ${flakeAttr} \" .config.system.build.disko" )
177- nixos_system=$( nix_build " ${flake} #nixosConfigurations.\" ${flakeAttr} \" .config.system.build.toplevel" )
181+ if [[ ${build_on_remote-n} == " n" ; then
182+ disko_script=$( nix_build " ${flake} #nixosConfigurations.\" ${flakeAttr} \" .config.system.build.disko" )
183+ nixos_system=$( nix_build " ${flake} #nixosConfigurations.\" ${flakeAttr} \" .config.system.build.toplevel" )
184+ fi
178185elif [[ -n ${disko_script-} ]] && [[ -n ${nixos_system-} ]]; then
179186 if [[ ! -e ${disko_script} ]] || [[ ! -e ${nixos_system} ]]; then
180187 abort " ${disko_script} and ${nixos_system} must be existing store-paths"
@@ -293,6 +300,14 @@ for path in "${!disk_encryption_keys[@]}"; do
293300 ssh_ " umask 077; cat > $path " < " ${disk_encryption_keys[$path]} "
294301done
295302
303+ pubkey=$( ssh-keyscan -t ed25519 " ${ssh_connection//*@/ } " 2> /dev/null | sed -e ' s/^[^ ]* //' | base64 -w0)
304+
305+ if [[ -n ${disko_script-} ]] && [[ ${build_on_remote-n} == " y" ; then
306+ disko_script=$(
307+ nix_build " ${flake} #nixosConfigurations.\" ${flakeAttr} \" .config.system.build.disko"
308+ --builders " ssh://$ssh_connection ?base64-ssh-public-host-key=$pubkey &ssh-key=$ssh_key_dir /nixos-anywhere $is_arch -linux"
309+ )
310+ fi
296311nix_copy --to " ssh://$ssh_connection " " $disko_script "
297312ssh_ " $disko_script "
298313
@@ -303,7 +318,14 @@ if [[ ${stop_after_disko-n} == "y" ]]; then
303318 exit 0
304319fi
305320
321+ if [[ -n ${nixos_system-} ]] && [[ ${build_on_remote-n} == " y" ; then
322+ nixos_system=$(
323+ nix_build " ${flake} #nixosConfigurations.\" ${flakeAttr} \" .config.system.build.toplevel"
324+ --builders " ssh://$ssh_connection ?remote-store=local?root=/mnt&base64-ssh-public-host-key=$pubkey &ssh-key=$ssh_key_dir /nixos-anywhere $is_arch -linux"
325+ )
326+ fi
306327nix_copy --to " ssh://$ssh_connection ?remote-store=local?root=/mnt" " $nixos_system "
328+
307329if [[ -n ${extra_files-} ]]; then
308330 if [[ -d $extra_files ]]; then
309331 extra_files=" $extra_files /"
0 commit comments