If you don’t mind actually typing out a password occasionally, you can use export NIX_SSHOPTS="-t" (ideally in a devShell so you don’t forget) to work around the bug that --use-remote-sudo doesn’t launch a proper TTY to type your password into.
Thank The scripts looks like a good starting point.
I already have the NIX_SSHOPTS in my script which requires two password inputs per host which gets a bit annoying with the amount of servers I’m currently running.
I’m going to start small maybe I over-engineer it at a later point ;).
This is the code snippet I found on github from @cole-h has served me well. You only need /nix/store/*/bin/switch-to-configuration, /run/current-system/sw/bin/nix-env and /run/current-system/sw/bin/nix-store for a
passwordless remote deploy, others in that snippet are just for something else I guess.