aires/nix-configuration
aires/nix-configuration
1
0
Fork 0
Code Actions Activity

Think I figured out an automatic update process that also supports fresh installs

Browse source
This commit is contained in:
Aires 2024-05-30 10:31:11 -04:00
parent 9b4cd1d0a0
commit 1580586883
5 changed files with 60 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
.forgejo/workflows/update.yaml
View file

@ -1,15 +1,32 @@
on: [push]
jobs:
# format:
# Source: https://github.com/isabelroses/dotfiles/tree/main/.github/workflows
update-lockfile:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@main
with:
logger: pretty
# - name: Update Lockfile
# uses: DeterminateSystems/update-flake-lock@main
# id: update
# with:
# pr-title: "chore(deps): flake inputs"
# commit-msg: "chore(deps): flake inputs"
# token: ${{ secrets.GITHUB_TOKEN }}
# build:
# runs-on: nix
# steps:
# - run: nix-env -iA nixpkgs.nodejs_20
# - uses: actions/checkout@v4
# - run: nix --experimental-features 'nix-command flakes' fmt
build:
runs-on: nix
steps:
- run: nix-env -iA nixpkgs.nodejs_20
- uses: actions/checkout@v4
- run: nix --experimental-features 'nix-command flakes' flake update
- run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Haven
- run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Khanda
# - run: nix --experimental-features 'nix-command flakes' flake update
# - run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Haven
# - run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Khanda

18
flake.lock
View file

@ -218,11 +218,11 @@
]
},
"locked": {
"lastModified": 1716856858,
"narHash": "sha256-dfNGs2AW/V31nMVeEBSUJCMfT6bZAKJ5qsWgFHWhvUc=",
"lastModified": 1717036776,
"narHash": "sha256-joKTxvywYlKspGGKOIXho6oRbggOPyayEqAyuZCavO0=",
"ref": "refs/heads/main",
"rev": "38f31ee7c1a60adae58833789dd855c128b056c6",
"revCount": 85,
"rev": "b4b38e6b5fe18da9464f291ae5fbf2ea9acb9ccb",
"revCount": 86,
"type": "git",
"url": "https://git.lix.systems/lix-project/nixos-module"
},
@ -250,11 +250,11 @@
"nix-secrets": {
"flake": false,
"locked": {
"lastModified": 1716827240,
"narHash": "sha256-0LHXNvx7KEsn3j9w/4VtQiEWKrqJmmWn1k/169x/N04=",
"ref": "f8a243d7e9db4689bcfc7726df75d5725daf4b60",
"rev": "f8a243d7e9db4689bcfc7726df75d5725daf4b60",
"revCount": 40,
"lastModified": 1716929428,
"narHash": "sha256-MRMQqR0lXM8ZA92QACu0VjFIcWtxZ0nvEU94VFFuKTo=",
"ref": "refs/heads/main",
"rev": "4db84b723bb2eb21a2c58de565ed89ddb34e6166",
"revCount": 41,
"type": "git",
"url": "file:///home/aires/Development/nix-configuration/nix-secrets"
},

2
hosts/Haven/default.nix
View file

@ -123,7 +123,7 @@ in
script = ''
set -eu
cd ${config.users.users.aires.home}/Development/nix-configuration
git pull
git pull --recurse-submodules
nix flake update
git add flake.lock
git commit -m "Update flake.lock"

31
modules/base/system.nix
View file

@ -26,15 +26,28 @@
};
};
# Configure automatic updates
system.autoUpgrade = {
enable = true;
flake = "git+https://${config.secrets.services.forgejo.url}/aires/nix-configuration";
dates = "daily";
randomizedDelaySec = "30m";
allowReboot = false;
operation = "switch";
persistent = true;
# Configure automatic updates. Replaces system.autoUpgrade.
systemd.services."nixos-update" = {
serviceConfig = {
Type = "oneshot";
User = "root";
};
script = ''
set -eu
cd ${config.users.users.aires.home}/Development/nix-configuration
sudo -u aires git pull --recurse-submodules
nh os switch
'';
};
systemd.timers."nixos-update-timer" = {
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "daily";
Persistent = "true";
Unit = "nixos-update.service";
};
};
services = {

2
nix-secrets

@ -1 +1 @@
Subproject commit f8a243d7e9db4689bcfc7726df75d5725daf4b60
Subproject commit 4db84b723bb2eb21a2c58de565ed89ddb34e6166