feat: add --remote-bin-path option (#298)

Author: wvffle

src/bin/activate.rs

@@ -90,6 +90,10 @@ struct ActivateOpts {
     /// Path for any temporary files that may be needed during activation
     #[arg(long)]
     temp_path: PathBuf,
+
+    /// Path to where the nix-store and nix-env binaries are stored
+    #[arg(long)]
+    bin_path: Option<PathBuf>,
 }
 
 /// Wait for profile activation
@@ -119,6 +123,10 @@ struct RevokeOpts {
     /// The profile name
     #[arg(long, requires = "profile_user")]
     profile_name: Option<String>,
+
+    /// Path to where the nix-store and nix-env binaries are stored
+    #[arg(long)]
+    bin_path: Option<PathBuf>,
 }
 
 #[derive(Error, Debug)]
@@ -143,10 +151,17 @@ pub enum DeactivateError {
     ReactivateExit(Option<i32>),
 }
 
-pub async fn deactivate(profile_path: &str) -> Result<(), DeactivateError> {
+pub async fn deactivate(
+    profile_path: &str,
+    bin_path: Option<PathBuf>,
+) -> Result<(), DeactivateError> {
     warn!("De-activating due to error");
 
-    let nix_env_rollback_exit_status = Command::new("nix-env")
+    let program = match bin_path {
+        Some(path) => path.join("nix-env"),
+        None => PathBuf::from("nix-env"),
+    };
+    let nix_env_rollback_exit_status = Command::new(&program)
         .arg("-p")
         .arg(&profile_path)
         .arg("--rollback")
@@ -161,7 +176,7 @@ pub async fn deactivate(profile_path: &str) -> Result<(), DeactivateError> {
 
     debug!("Listing generations");
 
-    let nix_env_list_generations_out = Command::new("nix-env")
+    let nix_env_list_generations_out = Command::new(&program)
         .arg("-p")
         .arg(&profile_path)
         .arg("--list-generations")
@@ -190,7 +205,7 @@ pub async fn deactivate(profile_path: &str) -> Result<(), DeactivateError> {
     debug!("Removing generation entry {}", last_generation_line);
     warn!("Removing generation by ID {}", last_generation_id);
 
-    let nix_env_delete_generation_exit_status = Command::new("nix-env")
+    let nix_env_delete_generation_exit_status = Command::new(program)
         .arg("-p")
         .arg(&profile_path)
         .arg("--delete-generations")
@@ -315,7 +330,11 @@ pub enum WaitError {
     #[error("Error waiting for activation: {0}")]
     Waiting(#[from] DangerZoneError),
 }
-pub async fn wait(temp_path: PathBuf, closure: String, activation_timeout: Option<u16>) -> Result<(), WaitError> {
+pub async fn wait(
+    temp_path: PathBuf,
+    closure: String,
+    activation_timeout: Option<u16>,
+) -> Result<(), WaitError> {
     let lock_path = deploy::make_lock_path(&temp_path, &closure);
 
     let (created, done) = mpsc::channel(1);
@@ -386,14 +405,20 @@ pub async fn activate(
     closure: String,
     auto_rollback: bool,
     temp_path: PathBuf,
+    bin_path: Option<PathBuf>,
     confirm_timeout: u16,
     magic_rollback: bool,
     dry_activate: bool,
     boot: bool,
 ) -> Result<(), ActivateError> {
     if !dry_activate {
         info!("Activating profile");
-        let nix_env_set_exit_status = Command::new("nix-env")
+        let program = match &bin_path {
+            Some(path) => path.join("nix-env"),
+            None => PathBuf::from("nix-env"),
+        };
+
+        let nix_env_set_exit_status = Command::new(program)
             .arg("-p")
             .arg(&profile_path)
             .arg("--set")
@@ -405,7 +430,7 @@ pub async fn activate(
             Some(0) => (),
             a => {
                 if auto_rollback && !dry_activate {
-                    deactivate(&profile_path).await?;
+                    deactivate(&profile_path, bin_path).await?;
                 }
                 return Err(ActivateError::SetProfileExit(a));
             }
@@ -432,7 +457,7 @@ pub async fn activate(
         Ok(x) => x,
         Err(e) => {
             if auto_rollback && !dry_activate {
-                deactivate(&profile_path).await?;
+                deactivate(&profile_path, bin_path).await?;
             }
             return Err(e);
         }
@@ -443,7 +468,7 @@ pub async fn activate(
             Some(0) => (),
             a => {
                 if auto_rollback {
-                    deactivate(&profile_path).await?;
+                    deactivate(&profile_path, bin_path).await?;
                 }
                 return Err(ActivateError::RunActivateExit(a));
             }
@@ -456,7 +481,7 @@ pub async fn activate(
         if magic_rollback && !boot {
             info!("Magic rollback is enabled, setting up confirmation hook...");
             if let Err(err) = activation_confirmation(temp_path, confirm_timeout, closure).await {
-                deactivate(&profile_path).await?;
+                deactivate(&profile_path, bin_path).await?;
                 return Err(ActivateError::ActivationConfirmation(err));
             }
         }
@@ -465,8 +490,8 @@ pub async fn activate(
     Ok(())
 }
 
-async fn revoke(profile_path: String) -> Result<(), DeactivateError> {
-    deactivate(profile_path.as_str()).await?;
+async fn revoke(profile_path: String, bin_path: Option<PathBuf>) -> Result<(), DeactivateError> {
+    deactivate(profile_path.as_str(), bin_path).await?;
     Ok(())
 }
 
@@ -557,6 +582,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
             activate_opts.closure,
             activate_opts.auto_rollback,
             activate_opts.temp_path,
+            activate_opts.bin_path,
             activate_opts.confirm_timeout,
             activate_opts.magic_rollback,
             activate_opts.dry_activate,
@@ -565,15 +591,22 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
         .await
         .map_err(|x| Box::new(x) as Box<dyn std::error::Error>),
 
-        SubCommand::Wait(wait_opts) => wait(wait_opts.temp_path, wait_opts.closure, wait_opts.activation_timeout)
-            .await
-            .map_err(|x| Box::new(x) as Box<dyn std::error::Error>),
+        SubCommand::Wait(wait_opts) => wait(
+            wait_opts.temp_path,
+            wait_opts.closure,
+            wait_opts.activation_timeout,
+        )
+        .await
+        .map_err(|x| Box::new(x) as Box<dyn std::error::Error>),
 
-        SubCommand::Revoke(revoke_opts) => revoke(get_profile_path(
-            revoke_opts.profile_path,
-            revoke_opts.profile_user,
-            revoke_opts.profile_name,
-        )?)
+        SubCommand::Revoke(revoke_opts) => revoke(
+            get_profile_path(
+                revoke_opts.profile_path,
+                revoke_opts.profile_user,
+                revoke_opts.profile_name,
+            )?,
+            revoke_opts.bin_path,
+        )
         .await
         .map_err(|x| Box::new(x) as Box<dyn std::error::Error>),
     };

src/cli.rs

@@ -6,7 +6,7 @@
 use std::collections::HashMap;
 use std::io::{stdin, stdout, Write};
 
-use clap::{ArgMatches, Parser, FromArgMatches};
+use clap::{ArgMatches, FromArgMatches, Parser};
 
 use crate as deploy;
 
@@ -109,6 +109,9 @@ pub struct Opts {
     /// Prompt for sudo password during activation.
     #[arg(long)]
     interactive_sudo: Option<bool>,
+    /// Path to where the nix-store and nix-env binaries are stored on the remote host
+    #[arg(long)]
+    remote_bin_path: Option<PathBuf>,
 }
 
 /// Returns if the available Nix installation supports flakes
@@ -386,9 +389,9 @@ pub enum RunDeployError {
     #[error("Failed to deploy profile to node {0}: {1}")]
     DeployProfile(String, deploy::deploy::DeployProfileError),
     #[error("Failed to build profile on node {0}: {0}")]
-    BuildProfile(String,  deploy::push::PushProfileError),
+    BuildProfile(String, deploy::push::PushProfileError),
     #[error("Failed to push profile to node {0}: {0}")]
-    PushProfile(String,  deploy::push::PushProfileError),
+    PushProfile(String, deploy::push::PushProfileError),
     #[error("No profile named `{0}` was found")]
     ProfileNotFound(String),
     #[error("No node named `{0}` was found")]
@@ -404,7 +407,7 @@ pub enum RunDeployError {
     #[error("Failed to revoke profile for node {0}: {1}")]
     RevokeProfile(String, deploy::deploy::RevokeProfileError),
     #[error("Deployment to node {0} failed, rolled back to previous generation")]
-    Rollback(String)
+    Rollback(String),
 }
 
 type ToDeploy<'a> = Vec<(
@@ -548,7 +551,11 @@ async fn run_deploy(
 
         let mut deploy_defs = deploy_data.defs()?;
 
-        if deploy_data.merged_settings.interactive_sudo.unwrap_or(false) {
+        if deploy_data
+            .merged_settings
+            .interactive_sudo
+            .unwrap_or(false)
+        {
             warn!("Interactive sudo is enabled! Using a sudo password is less secure than correctly configured SSH keys.\nPlease use keys in production environments.");
 
             if deploy_data.merged_settings.sudo.is_some() {
@@ -560,8 +567,15 @@ async fn run_deploy(
                 deploy_defs.sudo = Some(format!("{} -S -p \"\"", original));
             }
 
-            info!("You will now be prompted for the sudo password for {}.", node.node_settings.hostname);
-            let sudo_password = rpassword::prompt_password(format!("(sudo for {}) Password: ", node.node_settings.hostname)).unwrap_or("".to_string());
+            info!(
+                "You will now be prompted for the sudo password for {}.",
+                node.node_settings.hostname
+            );
+            let sudo_password = rpassword::prompt_password(format!(
+                "(sudo for {}) Password: ",
+                node.node_settings.hostname
+            ))
+            .unwrap_or("".to_string());
 
             deploy_defs.sudo_password = Some(sudo_password);
         }
@@ -592,16 +606,16 @@ async fn run_deploy(
 
     for data in data_iter() {
         let node_name: String = data.deploy_data.node_name.to_string();
-        deploy::push::build_profile(data).await.map_err(|e| {
-            RunDeployError::BuildProfile(node_name, e)
-        })?;
+        deploy::push::build_profile(data)
+            .await
+            .map_err(|e| RunDeployError::BuildProfile(node_name, e))?;
     }
 
     for data in data_iter() {
         let node_name: String = data.deploy_data.node_name.to_string();
-        deploy::push::push_profile(data).await.map_err(|e| {
-            RunDeployError::PushProfile(node_name, e)
-        })?;
+        deploy::push::push_profile(data)
+            .await
+            .map_err(|e| RunDeployError::PushProfile(node_name, e))?;
     }
 
     let mut succeeded: Vec<(&deploy::DeployData, &deploy::DeployDefs)> = vec![];
@@ -611,7 +625,8 @@ async fn run_deploy(
     // Rollbacks adhere to the global seeting to auto_rollback and secondary
     // the profile's configuration
     for (_, deploy_data, deploy_defs) in &parts {
-        if let Err(e) = deploy::deploy::deploy_profile(deploy_data, deploy_defs, dry_activate, boot).await
+        if let Err(e) =
+            deploy::deploy::deploy_profile(deploy_data, deploy_defs, dry_activate, boot).await
         {
             error!("{}", e);
             if dry_activate {
@@ -624,14 +639,19 @@ async fn run_deploy(
                 //  the command line)
                 for (deploy_data, deploy_defs) in &succeeded {
                     if deploy_data.merged_settings.auto_rollback.unwrap_or(true) {
-                        deploy::deploy::revoke(*deploy_data, *deploy_defs).await.map_err(|e| {
-                            RunDeployError::RevokeProfile(deploy_data.node_name.to_string(), e)
-                        })?;
+                        deploy::deploy::revoke(*deploy_data, *deploy_defs)
+                            .await
+                            .map_err(|e| {
+                                RunDeployError::RevokeProfile(deploy_data.node_name.to_string(), e)
+                            })?;
                     }
                 }
                 return Err(RunDeployError::Rollback(deploy_data.node_name.to_string()));
             }
-            return Err(RunDeployError::DeployProfile(deploy_data.node_name.to_string(), e))
+            return Err(RunDeployError::DeployProfile(
+                deploy_data.node_name.to_string(),
+                e,
+            ));
         }
         succeeded.push((deploy_data, deploy_defs))
     }
@@ -682,18 +702,16 @@ pub async fn run(args: Option<&ArgMatches>) -> Result<(), RunError> {
         .targets
         .unwrap_or_else(|| vec![opts.clone().target.unwrap_or_else(|| ".".to_string())]);
 
-    let deploy_flakes: Vec<DeployFlake> =
-        if let Some(file) = &opts.file {
-            deploys
-                .iter()
-                .map(|f| deploy::parse_file(file.as_str(), f.as_str()))
-                .collect::<Result<Vec<DeployFlake>, ParseFlakeError>>()?
-        }
-    else {
+    let deploy_flakes: Vec<DeployFlake> = if let Some(file) = &opts.file {
         deploys
-        .iter()
-        .map(|f| deploy::parse_flake(f.as_str()))
-          .collect::<Result<Vec<DeployFlake>, ParseFlakeError>>()?
+            .iter()
+            .map(|f| deploy::parse_file(file.as_str(), f.as_str()))
+            .collect::<Result<Vec<DeployFlake>, ParseFlakeError>>()?
+    } else {
+        deploys
+            .iter()
+            .map(|f| deploy::parse_flake(f.as_str()))
+            .collect::<Result<Vec<DeployFlake>, ParseFlakeError>>()?
     };
 
     let cmd_overrides = deploy::CmdOverrides {
@@ -710,7 +728,8 @@ pub async fn run(args: Option<&ArgMatches>) -> Result<(), RunError> {
         dry_activate: opts.dry_activate,
         remote_build: opts.remote_build,
         sudo: opts.sudo,
-        interactive_sudo: opts.interactive_sudo
+        interactive_sudo: opts.interactive_sudo,
+        remote_bin_path: opts.remote_bin_path,
     };
 
     let supports_flakes = test_flake_support().await.map_err(RunError::FlakeTest)?;

src/data.rs

@@ -33,10 +33,12 @@ pub struct GenericSettings {
     pub magic_rollback: Option<bool>,
     #[serde(rename(deserialize = "sudo"))]
     pub sudo: Option<String>,
-    #[serde(default,rename(deserialize = "remoteBuild"))]
+    #[serde(default, rename(deserialize = "remoteBuild"))]
     pub remote_build: Option<bool>,
     #[serde(rename(deserialize = "interactiveSudo"))]
     pub interactive_sudo: Option<bool>,
+    #[serde(default, rename(deserialize = "remotePath"))]
+    pub remote_bin_path: Option<PathBuf>,
 }
 
 #[derive(Deserialize, Debug, Clone)]