2024-05-30 18:08:19 +00:00
|
|
|
# Run automatic updates. Replaces system.autoUpgrade.
|
|
|
|
{
|
|
|
|
config,
|
|
|
|
lib,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}:
|
|
|
|
|
|
|
|
let
|
|
|
|
cfg = config.host.services.autoUpgrade;
|
2024-05-30 19:38:48 +00:00
|
|
|
|
|
|
|
# List of packages to include in each service's $PATH
|
2024-05-30 22:02:54 +00:00
|
|
|
pathPkgs = with pkgs; [
|
2024-05-30 19:38:48 +00:00
|
|
|
# Courtesy of https://discourse.nixos.org/t/how-to-use-other-packages-binary-in-systemd-service-configuration/14363
|
|
|
|
coreutils
|
2024-05-31 16:45:42 +00:00
|
|
|
git
|
2024-05-30 19:38:48 +00:00
|
|
|
gnutar
|
|
|
|
gzip
|
|
|
|
config.nix.package.out
|
|
|
|
nh
|
2024-05-31 16:45:42 +00:00
|
|
|
config.programs.ssh.package
|
2024-05-30 19:38:48 +00:00
|
|
|
sudo
|
2024-05-31 16:45:42 +00:00
|
|
|
xz.bin
|
2024-05-30 19:38:48 +00:00
|
|
|
];
|
2024-05-30 18:08:19 +00:00
|
|
|
in
|
|
|
|
{
|
|
|
|
options = {
|
|
|
|
host.services.autoUpgrade = {
|
|
|
|
enable = lib.mkOption {
|
|
|
|
default = true;
|
|
|
|
type = lib.types.bool;
|
|
|
|
description = "Enables automatic system updates.";
|
|
|
|
};
|
|
|
|
pushUpdates = lib.mkEnableOption (
|
|
|
|
lib.mdDoc "Updates the flake.lock file and pushes it back to the repo."
|
|
|
|
);
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
config = lib.mkMerge [
|
|
|
|
(lib.mkIf cfg.enable {
|
|
|
|
# Pull and apply updates.
|
2024-05-31 16:45:42 +00:00
|
|
|
systemd.services."nixos-upgrade" = {
|
2024-05-30 18:08:19 +00:00
|
|
|
serviceConfig = {
|
|
|
|
Type = "oneshot";
|
|
|
|
User = "root";
|
|
|
|
};
|
2024-05-30 19:38:48 +00:00
|
|
|
path = pathPkgs;
|
2024-05-30 18:08:19 +00:00
|
|
|
script = ''
|
2024-05-30 22:02:54 +00:00
|
|
|
cd ${config.secrets.nixConfigFolder}
|
2024-05-30 19:38:48 +00:00
|
|
|
# Check if there are changes from Git.
|
2024-05-31 16:45:42 +00:00
|
|
|
echo "Pulling latest version..."
|
2024-05-30 18:08:19 +00:00
|
|
|
sudo -u aires git fetch
|
2024-05-31 16:45:42 +00:00
|
|
|
sudo -u aires git diff --quiet --exit-code main origin/main || true
|
2024-05-30 19:38:48 +00:00
|
|
|
# If we have changes (git diff returns 1), pull changes and run the update
|
2024-05-30 18:08:19 +00:00
|
|
|
if [ $? -eq 1 ]; then
|
2024-05-31 16:45:42 +00:00
|
|
|
echo "Updates found, running nixos-rebuild..."
|
2024-05-30 18:08:19 +00:00
|
|
|
sudo -u aires git pull --recurse-submodules
|
|
|
|
nh os switch
|
2024-05-31 16:45:42 +00:00
|
|
|
else
|
|
|
|
echo "No updates found. Exiting."
|
2024-05-30 18:08:19 +00:00
|
|
|
fi
|
|
|
|
'';
|
|
|
|
};
|
2024-05-31 16:45:42 +00:00
|
|
|
systemd.timers."nixos-upgrade-timer" = {
|
2024-05-30 18:08:19 +00:00
|
|
|
wants = [ "network-online.target" ];
|
|
|
|
after = [ "network-online.target" ];
|
|
|
|
wantedBy = [ "timers.target" ];
|
|
|
|
timerConfig = {
|
|
|
|
OnCalendar = "daily";
|
|
|
|
Persistent = "true";
|
2024-05-31 16:45:42 +00:00
|
|
|
Unit = "nixos-upgrade.service";
|
2024-05-30 18:08:19 +00:00
|
|
|
};
|
|
|
|
};
|
|
|
|
})
|
|
|
|
(lib.mkIf cfg.pushUpdates {
|
|
|
|
# Automatically update Flake configuration for other hosts to use
|
2024-05-31 16:45:42 +00:00
|
|
|
systemd.services."nixos-upgrade-flake" = {
|
2024-05-30 18:08:19 +00:00
|
|
|
serviceConfig = {
|
|
|
|
Type = "oneshot";
|
|
|
|
User = config.users.users.aires.name;
|
|
|
|
};
|
2024-05-30 19:38:48 +00:00
|
|
|
path = pathPkgs;
|
|
|
|
# Git diffing strategy courtesy of https://stackoverflow.com/a/40255467
|
2024-05-30 18:08:19 +00:00
|
|
|
script = ''
|
|
|
|
set -eu
|
|
|
|
cd ${config.secrets.nixConfigFolder}
|
2024-05-30 19:38:48 +00:00
|
|
|
# Make sure we're up-to-date
|
2024-05-31 16:45:42 +00:00
|
|
|
echo "Pulling the latest version..."
|
2024-05-30 18:08:19 +00:00
|
|
|
git pull --recurse-submodules
|
2024-05-31 03:22:49 +00:00
|
|
|
nix flake update --commit-lock-file
|
|
|
|
git push
|
2024-05-30 18:08:19 +00:00
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2024-05-31 16:45:42 +00:00
|
|
|
systemd.timers."nixos-upgrade-flake-timer" = {
|
2024-05-30 18:08:19 +00:00
|
|
|
wants = [ "network-online.target" ];
|
|
|
|
after = [ "network-online.target" ];
|
|
|
|
wantedBy = [ "timers.target" ];
|
|
|
|
timerConfig = {
|
|
|
|
OnCalendar = "daily";
|
|
|
|
Persistent = "true";
|
2024-05-31 16:45:42 +00:00
|
|
|
Unit = "nixos-upgrade-flake.service";
|
2024-05-30 18:08:19 +00:00
|
|
|
};
|
|
|
|
};
|
|
|
|
})
|
|
|
|
];
|
|
|
|
}
|