fix: auto-detect SSH login user for node operations

nixos/kubeadm/scripts/rebuild-and-bootstrap.sh

@@ -17,6 +17,7 @@ source "$INVENTORY_FILE"
 SSH_USER="${SSH_USER:-micqdf}"
 SSH_KEY_PATH="${SSH_KEY_PATH:-$HOME/.ssh/id_ed25519}"
 SSH_OPTS="${SSH_OPTS:--o BatchMode=yes -o IdentitiesOnly=yes -o StrictHostKeyChecking=accept-new -i $SSH_KEY_PATH}"
+SSH_USER_CANDIDATES="${SSH_USER_CANDIDATES:-$SSH_USER root}"
 
 declare -A NODE_IPS=()
 declare -a CP_NAMES=()
@@ -78,7 +79,23 @@ populate_nodes() {
 remote() {
   local host_ip="$1"
   local cmd="$2"
-  ssh $SSH_OPTS "$SSH_USER@$host_ip" "$cmd"
+  ssh $SSH_OPTS "$ACTIVE_SSH_USER@$host_ip" "$cmd"
+}
+
+detect_ssh_user() {
+  local probe_ip="$1"
+  local candidate
+
+  for candidate in $SSH_USER_CANDIDATES; do
+    if ssh $SSH_OPTS "$candidate@$probe_ip" "true" >/dev/null 2>&1; then
+      ACTIVE_SSH_USER="$candidate"
+      echo "==> Using SSH user '$ACTIVE_SSH_USER'"
+      return 0
+    fi
+  done
+
+  echo "Unable to authenticate to $probe_ip with candidates: $SSH_USER_CANDIDATES"
+  return 1
 }
 
 prepare_known_hosts() {
@@ -109,7 +126,7 @@ rebuild_node() {
   echo "==> Rebuilding $node_name on $node_ip"
   nixos-rebuild switch \
     --flake "$FLAKE_DIR#$node_name" \
-    --target-host "$SSH_USER@$node_ip" \
+    --target-host "$ACTIVE_SSH_USER@$node_ip" \
     --use-remote-sudo
 }
 
@@ -122,6 +139,8 @@ if [ -z "${NODE_IPS[$PRIMARY_CONTROL_PLANE]:-}" ]; then
   PRIMARY_CONTROL_PLANE="${CP_NAMES[0]}"
 fi
 PRIMARY_CP_IP="${NODE_IPS[$PRIMARY_CONTROL_PLANE]}"
+ACTIVE_SSH_USER="$SSH_USER"
+detect_ssh_user "$PRIMARY_CP_IP"
 
 for node in "${CP_NAMES[@]}"; do
   rebuild_node "$node" "${NODE_IPS[$node]}"