machine: ssh: Add 'safety-checks?' field.

Fixes <https://issues.guix.gnu.org/52766>.
Reported by Michael Rohleder <mike@rohleder.de>.

* gnu/machine/ssh.scm (<machine-ssh-configuration>)[safety-checks?]: New
field.
(machine-check-file-system-availability): Return the empty list when
'safety-checks?' is false.
(machine-check-initrd-modules): Likewise.
* doc/guix.texi (Invoking guix deploy): Document it.

doc/guix.texi

@@ -35682,6 +35682,16 @@ returned by @command{guix describe}) to determine whether commits
 currently in use are descendants of those deployed.  When this is not
 the case and @code{allow-downgrades?} is false, it raises an error.
 This ensures you do not accidentally downgrade remote machines.
+
+@item @code{safety-checks?} (default: @code{#t})
+Whether to perform ``safety checks'' before deployment.  This includes
+verifying that devices and file systems referred to in the operating
+system configuration actually exist on the target machine, and making
+sure that Linux modules required to access storage devices at boot time
+are listed in the @code{initrd-modules} field of the operating system.
+
+These safety checks ensure that you do not inadvertently deploy a system
+that would fail to boot.  Be careful before turning them off!
 @end table
 @end deftp
 

gnu/machine/ssh.scm

@@ -93,6 +93,8 @@
                   (default #t))
   (allow-downgrades? machine-ssh-configuration-allow-downgrades? ; boolean
                      (default #f))
+  (safety-checks?    machine-ssh-configuration-safety-checks? ;boolean
+                     (default #t))
   (port           machine-ssh-configuration-port           ; integer
                   (default 22))
   (user           machine-ssh-configuration-user           ; string
@@ -240,18 +242,21 @@ exist on the machine."
         (raise (formatted-message (G_ "no file system with UUID '~a'")
                                   (uuid->string (file-system-device fs)))))))
 
-  (append (map check-literal-file-system
+  (if (machine-ssh-configuration-safety-checks?
-               (filter (lambda (fs)
+       (machine-configuration machine))
-                         (string? (file-system-device fs)))
+      (append (map check-literal-file-system
-                       file-systems))
+                   (filter (lambda (fs)
-          (map check-labeled-file-system
+                             (string? (file-system-device fs)))
-               (filter (lambda (fs)
+                           file-systems))
-                         (file-system-label? (file-system-device fs)))
+              (map check-labeled-file-system
-                       file-systems))
+                   (filter (lambda (fs)
-          (map check-uuid-file-system
+                             (file-system-label? (file-system-device fs)))
-               (filter (lambda (fs)
+                           file-systems))
-                         (uuid? (file-system-device fs)))
+              (map check-uuid-file-system
-                       file-systems))))
+                   (filter (lambda (fs)
+                             (uuid? (file-system-device fs)))
+                           file-systems)))
+      '()))
 
 (define (machine-check-initrd-modules machine)
   "Return a list of <remote-assertion> that raise a '&message' error condition
@@ -291,7 +296,10 @@ not available in the initrd."
                                   (file-system-device fs)
                                   missing)))))
 
-  (map missing-modules file-systems))
+  (if (machine-ssh-configuration-safety-checks?
+       (machine-configuration machine))
+      (map missing-modules file-systems)
+      '()))
 
 (define* (machine-check-forward-update machine)
   "Check whether we are making a forward update for MACHINE.  Depending on its