cryodev

History

steffen ed806bf5fb fix CI deploy: use global SSH config for deploy-rs The nix-daemon runs as root and cannot access the gitea-runner user's ~/.ssh directory. Solution: write the deploy key and SSH config to /etc/deploy/ and /etc/ssh/ssh_config.d/ which are readable by all users including the nix-daemon. - Deploy key is written to /etc/deploy/key (cleaned up after deploy) - SSH config in /etc/ssh/ssh_config.d/deploy.conf (cleaned up after) - Minimal NOPASSWD sudo rules for gitea-runner to manage these files - Reverts local deploy approach, back to deploy-rs over SSH	2026-03-14 14:35:56 +01:00
..
default.nix	fix CI deploy: use global SSH config for deploy-rs	2026-03-14 14:35:56 +01:00

steffen ed806bf5fb fix CI deploy: use global SSH config for deploy-rs

The nix-daemon runs as root and cannot access the gitea-runner user's
~/.ssh directory. Solution: write the deploy key and SSH config to
/etc/deploy/ and /etc/ssh/ssh_config.d/ which are readable by all
users including the nix-daemon.

- Deploy key is written to /etc/deploy/key (cleaned up after deploy)
- SSH config in /etc/ssh/ssh_config.d/deploy.conf (cleaned up after)
- Minimal NOPASSWD sudo rules for gitea-runner to manage these files
- Reverts local deploy approach, back to deploy-rs over SSH

2026-03-14 14:35:56 +01:00

default.nix

fix CI deploy: use global SSH config for deploy-rs

2026-03-14 14:35:56 +01:00