numbus/numbus
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improved the SSH error handling.

Browse Source
This commit is contained in:
Raphaël Numbus
2026-05-29 20:55:50 +02:00
parent d0e08c0f76
commit f186ac502a
1 changed files with 27 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files
script/deploy.sh
+27 -19
View File
@@ -111,47 +111,53 @@ hierarchy_preparation() {
setup_ssh() { setup_ssh() {
edit_var() { edit_var() {
EXIT_CODE=${1} local ERROR_CODE=${1}
if [[ EXIT_CODE -eq 225 ]]; then if [[ "${ERROR_CODE}" == "225" ]]; then
echo -e "\n ❌ Invalid password for ${TARGET_USER}@${LIVE_TARGET_IP}." echo -e "\n ❌ Invalid password for ${TARGET_USER}@${LIVE_TARGET_IP}."
elif [[ EXIT_CODE -eq 226 ]]; then elif [[ "${ERROR_CODE}" == "226" ]]; then
echo -e "\n ❌ The IP address you specified cannot be reached." echo -e "\n ❌ The IP address you specified cannot be reached."
else
echo -e "\n ❌ An unexpected SSH error occurred (Code: ${ERROR_CODE})."
fi fi
echo -e " Please check the credentials provided in the configuration." echo -e " Please check the credentials provided in the configuration."
echo -e "\n Here are the current settings : echo -e "\n Here are the current settings :
Target IP address : $(gum style --italic \"${LIVE_TARGET_IP}\") Target IP address : $(gum style --italic \"${LIVE_TARGET_IP}\")
Target password : $(gum style --italic \"${LIVE_TARGET_PASSWORD}\")" Target password : $(gum style --italic \"${LIVE_TARGET_PASSWORD}\")"
gum confirm "Are these correct ?" || {
get_valid_input "LIVE_TARGET_IP" "\n ➡️ Provide the IP address of your machine in a NixOS live environment :" "192.168.1.100" "IP_REGEX"; if ! gum confirm "Are these correct ?"; then
get_valid_input "LIVE_TARGET_IP" "\n ➡️ Provide the password of your machine in a NixOS live environment :" "password" "IP_REGEX" "true" "true"; get_valid_input "LIVE_TARGET_IP" "\n ➡️ Provide the IP address of your machine in a NixOS live environment :" "192.168.1.100" "${IP_REGEX}"
continue; get_valid_input "LIVE_TARGET_PASSWORD" "\n ➡️ Provide the password of your machine in a NixOS live environment :" "password" "" "true" "true"
} fi
gum confirm "Retry connection ?" || {
echo -e "\n ❌ Host unreachable or connection refused."; if ! gum confirm "Retry connection ?"; then
exit 226; echo -e "\n ❌ Aborted by user."
} exit 1
continue fi
} }
local KNOWN_HOSTS="${HOME}/.ssh/known_hosts"
echod "\n ➡️ Generating new SSH key for numbus-admin..." echod "\n ➡️ Generating new SSH key for numbus-admin..."
chmod 700 "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/" mkdir -p "$(dirname "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519")"
chmod 700 "$(dirname "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519")"
ssh-keygen -t "ed25519" -C "numbus-admin@numbus-${DEVICE_TYPE}" -f "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" -N "" -q ssh-keygen -t "ed25519" -C "numbus-admin@numbus-${DEVICE_TYPE}" -f "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" -N "" -q
echod "\n ➡️ Copying SSH key to target host '${TARGET_USER}@${LIVE_TARGET_IP}'..." echod "\n ➡️ Copying SSH key to target host '${TARGET_USER}@${LIVE_TARGET_IP}'..."
while true; do while true; do
if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -o ConnectTimeout=10 -i "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -o ConnectTimeout=5 -i "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then
echod "\n ✅ SSH key copied successfully" echod "\n ✅ SSH key copied successfully"
return 0 return 0
else else
local EXIT_CODE=$? local EXIT_CODE=$?
if [[ ${EXIT_CODE} -eq 5 ]]; then if [[ ${EXIT_CODE} -eq 5 ]]; then
edit_var "225" edit_var "225"
elif ! ping -c 2 "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then elif ! ping -c 1 -W 2 "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then
edit_var "226" edit_var "226"
elif ssh-keygen -F "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then elif [[ -f "${KNOWN_HOSTS}" ]] && ssh-keygen -F "${LIVE_TARGET_IP}" -f "${KNOWN_HOSTS}" > /dev/null 2>&1; then
echo -e "\n ⚠️ The SSH fingerprint for the selected IP address $(gum style --italic "\"${LIVE_TARGET_IP}\"") is not the same as the one in $(gum style --italic "\".ssh/known_hosts\""). echo -e "\n ⚠️ The SSH fingerprint for the selected IP address $(gum style --italic "\"${LIVE_TARGET_IP}\"") is not the same as the one in $(gum style --italic "\".ssh/known_hosts\"").
This could occur for multiple reasons : This could occur for multiple reasons :
@@ -167,8 +173,10 @@ setup_ssh() {
echo -e "\n ❌ SSH fingerprints don't match."; echo -e "\n ❌ SSH fingerprints don't match.";
exit 22; exit 22;
} }
ssh-keygen -R "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}" ssh-keygen -f "${KNOWN_HOSTS}" -R "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"
continue else
# Catch-all for other SSH failures (Permission denied, Connection refused, etc)
edit_var "${EXIT_CODE}"
fi fi
fi fi
done done