From 8b467f071f58a35ccb78301b1a3bad2ece9a6f6d Mon Sep 17 00:00:00 2001 From: steffen Date: Sat, 14 Mar 2026 14:26:51 +0100 Subject: [PATCH] fix deploy-rs: set sshUser=root explicitly, fix host key verification deploy-rs was using 'gitea-runner' as ssh_user because the runner process runs as that user. Set sshUser=root at the node level. Also add StrictHostKeyChecking=accept-new as fallback for host key. --- .forgejo/workflows/deploy.yml | 3 ++- flake.nix | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.forgejo/workflows/deploy.yml b/.forgejo/workflows/deploy.yml index 9ae1e1e..a08e312 100644 --- a/.forgejo/workflows/deploy.yml +++ b/.forgejo/workflows/deploy.yml @@ -30,9 +30,10 @@ jobs: echo "$DEPLOY_KEY" > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 ssh-keyscan -p 2299 -H cryodev.xyz >> ~/.ssh/known_hosts + chmod 644 ~/.ssh/known_hosts - name: Deploy with deploy-rs - run: nix run github:serokell/deploy-rs -- -s .#cryodev-main + run: NIX_SSHOPTS="-p 2299 -o StrictHostKeyChecking=accept-new" nix run github:serokell/deploy-rs -- -s .#cryodev-main build-pi-images: needs: flake-check diff --git a/flake.nix b/flake.nix index 1e759b1..d55310f 100644 --- a/flake.nix +++ b/flake.nix @@ -123,6 +123,7 @@ nodes = { cryodev-main = { hostname = constants.domain; + sshUser = "root"; sshOpts = [ "-p" "2299"