Allow skipping system.preSwitchChecks... #478
Conversation
phaer
force-pushed
the
skip-pre-switch-checks
branch
from
59764d8 to
8998e0d
Compare
There was a problem hiding this comment.
I don’t mind having another flag, but if you pass NIXOS_NO_CHECK=1 to nixos-anywhere it should skip the checks just like nixos-install I believe
I think the root cause of why people have even had issues is because the error message for the pre-switch checks doesn’t mention NIXOS_NO_CHECK
I thought no because SSH doesn't pass env vars through and nixos-install runs on the remote side ofc. |
src/nixos-anywhere.sh
Outdated
| @@ -719,6 +725,9 @@ if [ ${copyHostKeys-n} = "y" ]; then | |||
| cp -a "\$p" "/mnt/\$p" | |||
| done | |||
| fi | |||
| if [ ${skipPreSwitchChecks-n} = y ]; then | |||
| export NIXOS_NO_CHECK=1 | |||
There was a problem hiding this comment.
if ssh doesn't allow to pass the environment flag, we can just forward it manually here instead of yet another cli flag.
There was a problem hiding this comment.
Works for me, so just did that.
Originally thought that's a bit too obscure - but that's something that would need upstream changes.
There was a problem hiding this comment.
Just to confirm if you just pass NIXOS_NO_CHECK it doesn’t get passed through?
I think you can just check if it’s set with -z and then export it:
| export NIXOS_NO_CHECK=1 | |
| export NIXOS_NO_CHECK |
There was a problem hiding this comment.
You can verify that behavior with any SSH server. Maintainer edits are open :)
There was a problem hiding this comment.
I’m on my phone now I’ll update this PR soon when I have a chance
There was a problem hiding this comment.
Just looked this again, because I didn't want to leave this around for too long:
Upstream (both the classic nixos-rebuild as well as the -ng variant) does check if it equals 1, not just if it's set. So using -z would diverge from upstream here.
There was a problem hiding this comment.
I've updated this to just check if NIXOS_NO_CHECK is set, if it is set then just pass that variable by exporting it to nixos-install, that way we don't need to care what the value of this variable is
There was a problem hiding this comment.
the old code was trivial and didn't need a stackoverflow link about it's semantics... but if it works, it works and I am not here to argue about aesthetics.
phaer
force-pushed
the
skip-pre-switch-checks
branch
from
8998e0d to
c53599e
Compare
As they might be written for switching from one generation to another, without initial installation in mind and failing checks would prevent successful installation. Note that the first line is just string substition, as SSH doesn't pass through arbitrary env variables as that would have far-reaching security implications. Co-Authored-By: Michael Hoang <[email protected]>
Enzime
force-pushed
the
skip-pre-switch-checks
branch
from
c53599e to
ab5d00f
Compare
as they might be written for switching from one generation to another, without initial installation in mind and failing checks would prevent successful installations.
This is a follow up on both #447 and #475, after a bit of discussion on matrix.
I still think that skipping those checks in nixos-install by default would have been a better default, but am not sure whether it's worth arguing about that upstream now.
The main reason is that it's at least possible to opt-out of preSwitchChecks with nixos-install in case a check is broken. This isn't possible with nixos-anywhere (before #447 and since #475), but will be after this PR. This is sufficient in order not to block installations in the presence of broken checks.
Trade-off is yet another obscure flag ;)