1
0
Fork 0

General: custom NixOS upgrade helper script

This commit is contained in:
Aires 2024-09-28 00:47:38 -04:00
parent 7f2c5c5bff
commit 8dbd4b4b69
5 changed files with 129 additions and 6 deletions

95
bin/nixos-upgrade-script.sh Executable file
View file

@ -0,0 +1,95 @@
#!/usr/bin/env bash
# Wrapper script for nixos-rebuild
#set -e
# Configuration parameters
operation="switch" # The nixos-rebuild operation to use
hostname=$(hostname) # The name of the host to build
flakeDir="." # Path to the flake file (and optionally the hostname)
remainingArgs="" # All remaining arguments that haven't been processed
commit=true # Whether to update git (true by default)
buildHost="" # Which host to build the system on.
function usage() {
echo "Usage: nixos-upgrade-script.sh [-o|--operation operation] [-f|--flake path-to-flake-file] [extra nixos-rebuild parameters]"
echo "Options:"
echo " -h | --help Show this help screen."
echo " -o | --operation The nixos-rebuild operation to perform."
echo " -H | --host The host to build."
echo " -f | --flake <path> The path to the flake file (and optionally the hostname)."
echo " -n | --no-commit Don't update and commit the lock file."
echo " --build-host <hostname> The SSH name of the host to build the system on."
exit 2
}
function run_operation {
echo "Full operation: nixos-rebuild $1 --flake $flakeDir#$hostname $( [ "$buildHost" != "" ] && echo "--build-host $buildHost" ) $remainingArgs"
# Only request super-user permission if we're switching
if [[ "$1" =~ ^(switch|boot|test)$ ]]; then
sudo nixos-rebuild $operation --flake .#$hostname $remainingArgs
else
nixos-rebuild $operation --flake .#$hostname $remainingArgs
fi
}
# Argument processing logic shamelessly stolen from https://stackoverflow.com/questions/192249/how-do-i-parse-command-line-arguments-in-bash
POSITIONAL_ARGS=()
while [[ $# -gt 0 ]]; do
case "$1" in
--build-host|-b)
buildHost="$2"
shift
shift
;;
--host|--hostname|-H)
hostname="$2"
shift
shift
;;
--flake|-f)
flakeDir="$2"
shift
shift
;;
--no-commit|-n)
commit=false
shift
shift
;;
--operation|-o)
operation="$2"
shift
shift
;;
--help|-h)
usage
shift
;;
*)
POSITIONAL_ARGS+=("$1") # save positional arg
shift # past argument
;;
esac
done
remainingArgs=${POSITIONAL_ARGS[@]}
set -- "${POSITIONAL_ARGS[@]}" # restore positional parameters
cd $flakeDir
git pull
if [ $commit = true ]; then
echo "Update and push lock file"
nix flake update --commit-lock-file
git push
fi
# If this is a remote build, run the build as non-sudo first
if [[ "$buildHost" != "" ]]; then
run_operation "build"
fi
run_operation $operation
exit 0

View file

@ -52,6 +52,12 @@ in
# Enable GPU support. # Enable GPU support.
gpu.amd.enable = true; gpu.amd.enable = true;
nixos-upgrade-script = {
enable = true;
configDir = config.secrets.nixConfigFolder;
user = config.users.users.aires.name;
};
packages = with pkgs; [ packages = with pkgs; [
boinc # Boinc client boinc # Boinc client
keepassxc # Use native instead of Flatpak due to weird performance issues keepassxc # Use native instead of Flatpak due to weird performance issues

View file

@ -82,6 +82,7 @@ in
OnCalendar = cfg.onCalendar; OnCalendar = cfg.onCalendar;
Persistent = cfg.persistent; Persistent = cfg.persistent;
Unit = "nixos-upgrade.service"; Unit = "nixos-upgrade.service";
RandomizedDelaySec = "30m";
}; };
}; };
}) })

View file

@ -1,13 +1,18 @@
# Core Nix configuration # Core Nix configuration
{ {
config, config,
lib,
inputs, inputs,
lib,
pkgs,
... ...
}: }:
let let
cfg = config.aux.system; cfg = config.aux.system;
nixos-upgrade-script = pkgs.writeShellScriptBin "nixos-upgrade-script" (
builtins.readFile ../../bin/nixos-upgrade-script.sh
);
in in
{ {
options = { options = {
@ -18,6 +23,17 @@ in
type = lib.types.str; type = lib.types.str;
default = "monthly"; default = "monthly";
}; };
nixos-upgrade-script = {
enable = lib.mkEnableOption "Installs the nos (nixos-upgrade-script) helper script.";
configDir = lib.mkOption {
type = lib.types.str;
description = "Path to your NixOS configuration files.";
};
user = lib.mkOption {
type = lib.types.str;
description = "The user to run the upgrade script as.";
};
};
}; };
}; };
config = { config = {
@ -37,13 +53,14 @@ in
# Only allow these users to use Nix # Only allow these users to use Nix
allowed-users = with config.users.users; [ allowed-users = with config.users.users; [
root.name root.name
aires.name (lib.mkIf config.aux.system.users.aires.enable aires.name)
]; ];
# Avoid signature verification messages when doing remote builds # Avoid signature verification messages when doing remote builds
trusted-users = trusted-users = with config.users.users; [
with config.users.users; root.name
[ aires.name ] ++ lib.optionals (config.aux.system.users.gremlin.enable) [ gremlin.name ]; (lib.mkIf config.aux.system.users.aires.enable aires.name)
];
}; };
# Optimize the Nix store on each build # Optimize the Nix store on each build
@ -88,5 +105,7 @@ in
# Support for standard, dynamically-linked executables # Support for standard, dynamically-linked executables
programs.nix-ld.enable = true; programs.nix-ld.enable = true;
aux.system.packages = [ (lib.mkIf cfg.nixos-upgrade-script.enable nixos-upgrade-script) ];
}; };
} }

View file

@ -48,7 +48,9 @@ in
] ]
} }
''; '';
extraGSettingsOverridePackages = lib.mkIf (cfg.experimental.fractionalScaling.enable || cfg.experimental.vrr.enable) [ pkgs.gnome.mutter ]; extraGSettingsOverridePackages = lib.mkIf (
cfg.experimental.fractionalScaling.enable || cfg.experimental.vrr.enable
) [ pkgs.gnome.mutter ];
}; };
displayManager.gdm.enable = true; displayManager.gdm.enable = true;
}; };