Think I figured out an automatic update process that also supports fresh installs
This commit is contained in:
parent
9b4cd1d0a0
commit
1580586883
|
|
@ -1,15 +1,32 @@
|
||||||
on: [push]
|
on: [push]
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
# format:
|
# Source: https://github.com/isabelroses/dotfiles/tree/main/.github/workflows
|
||||||
|
update-lockfile:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Install Nix
|
||||||
|
uses: DeterminateSystems/nix-installer-action@main
|
||||||
|
with:
|
||||||
|
logger: pretty
|
||||||
|
|
||||||
|
# - name: Update Lockfile
|
||||||
|
# uses: DeterminateSystems/update-flake-lock@main
|
||||||
|
# id: update
|
||||||
|
# with:
|
||||||
|
# pr-title: "chore(deps): flake inputs"
|
||||||
|
# commit-msg: "chore(deps): flake inputs"
|
||||||
|
# token: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
||||||
|
# build:
|
||||||
# runs-on: nix
|
# runs-on: nix
|
||||||
# steps:
|
# steps:
|
||||||
|
# - run: nix-env -iA nixpkgs.nodejs_20
|
||||||
# - uses: actions/checkout@v4
|
# - uses: actions/checkout@v4
|
||||||
# - run: nix --experimental-features 'nix-command flakes' fmt
|
# - run: nix --experimental-features 'nix-command flakes' flake update
|
||||||
build:
|
# - run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Haven
|
||||||
runs-on: nix
|
# - run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Khanda
|
||||||
steps:
|
|
||||||
- run: nix-env -iA nixpkgs.nodejs_20
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
- run: nix --experimental-features 'nix-command flakes' flake update
|
|
||||||
- run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Haven
|
|
||||||
- run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Khanda
|
|
||||||
|
|
|
||||||
18
flake.lock
18
flake.lock
|
|
@ -218,11 +218,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1716856858,
|
"lastModified": 1717036776,
|
||||||
"narHash": "sha256-dfNGs2AW/V31nMVeEBSUJCMfT6bZAKJ5qsWgFHWhvUc=",
|
"narHash": "sha256-joKTxvywYlKspGGKOIXho6oRbggOPyayEqAyuZCavO0=",
|
||||||
"ref": "refs/heads/main",
|
"ref": "refs/heads/main",
|
||||||
"rev": "38f31ee7c1a60adae58833789dd855c128b056c6",
|
"rev": "b4b38e6b5fe18da9464f291ae5fbf2ea9acb9ccb",
|
||||||
"revCount": 85,
|
"revCount": 86,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://git.lix.systems/lix-project/nixos-module"
|
"url": "https://git.lix.systems/lix-project/nixos-module"
|
||||||
},
|
},
|
||||||
|
|
@ -250,11 +250,11 @@
|
||||||
"nix-secrets": {
|
"nix-secrets": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1716827240,
|
"lastModified": 1716929428,
|
||||||
"narHash": "sha256-0LHXNvx7KEsn3j9w/4VtQiEWKrqJmmWn1k/169x/N04=",
|
"narHash": "sha256-MRMQqR0lXM8ZA92QACu0VjFIcWtxZ0nvEU94VFFuKTo=",
|
||||||
"ref": "f8a243d7e9db4689bcfc7726df75d5725daf4b60",
|
"ref": "refs/heads/main",
|
||||||
"rev": "f8a243d7e9db4689bcfc7726df75d5725daf4b60",
|
"rev": "4db84b723bb2eb21a2c58de565ed89ddb34e6166",
|
||||||
"revCount": 40,
|
"revCount": 41,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "file:///home/aires/Development/nix-configuration/nix-secrets"
|
"url": "file:///home/aires/Development/nix-configuration/nix-secrets"
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -123,7 +123,7 @@ in
|
||||||
script = ''
|
script = ''
|
||||||
set -eu
|
set -eu
|
||||||
cd ${config.users.users.aires.home}/Development/nix-configuration
|
cd ${config.users.users.aires.home}/Development/nix-configuration
|
||||||
git pull
|
git pull --recurse-submodules
|
||||||
nix flake update
|
nix flake update
|
||||||
git add flake.lock
|
git add flake.lock
|
||||||
git commit -m "Update flake.lock"
|
git commit -m "Update flake.lock"
|
||||||
|
|
|
||||||
|
|
@ -26,15 +26,28 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Configure automatic updates
|
# Configure automatic updates. Replaces system.autoUpgrade.
|
||||||
system.autoUpgrade = {
|
systemd.services."nixos-update" = {
|
||||||
enable = true;
|
serviceConfig = {
|
||||||
flake = "git+https://${config.secrets.services.forgejo.url}/aires/nix-configuration";
|
Type = "oneshot";
|
||||||
dates = "daily";
|
User = "root";
|
||||||
randomizedDelaySec = "30m";
|
};
|
||||||
allowReboot = false;
|
script = ''
|
||||||
operation = "switch";
|
set -eu
|
||||||
persistent = true;
|
cd ${config.users.users.aires.home}/Development/nix-configuration
|
||||||
|
sudo -u aires git pull --recurse-submodules
|
||||||
|
nh os switch
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
systemd.timers."nixos-update-timer" = {
|
||||||
|
wants = [ "network-online.target" ];
|
||||||
|
after = [ "network-online.target" ];
|
||||||
|
wantedBy = [ "timers.target" ];
|
||||||
|
timerConfig = {
|
||||||
|
OnCalendar = "daily";
|
||||||
|
Persistent = "true";
|
||||||
|
Unit = "nixos-update.service";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
|
|
|
||||||
|
|
@ -1 +1 @@
|
||||||
Subproject commit f8a243d7e9db4689bcfc7726df75d5725daf4b60
|
Subproject commit 4db84b723bb2eb21a2c58de565ed89ddb34e6166
|
||||||
Loading…
Reference in a new issue