114 lines
3.2 KiB
Nix
114 lines
3.2 KiB
Nix
{ config, pkgs, lib, ...}:
|
|
let
|
|
autoCfg = config.autoCfg;
|
|
in
|
|
{
|
|
|
|
options.autoCfg= {
|
|
userName = lib.mkOption {
|
|
type = lib.types.str;
|
|
description = "username for enabling sudo-less system updates";
|
|
};
|
|
};
|
|
|
|
config = {
|
|
# Make sure the user can use sudo for nixos-rebuild without password
|
|
security.sudo.extraRules = [
|
|
{
|
|
users = [ autoCfg.userName ];
|
|
commands = [
|
|
{
|
|
command = "${pkgs.nixos-rebuild}/bin/nixos-rebuild";
|
|
options = [ "NOPASSWD" ];
|
|
}
|
|
];
|
|
}
|
|
];
|
|
|
|
# Disable builtin auto-update because we hand-rollin
|
|
system.autoUpgrade.enable = false;
|
|
|
|
# Define user services and timers
|
|
systemd.user.services.nixos-flake-update = {
|
|
description = "Update NixOS Flake Inputs";
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
ExecStart = pkgs.writeShellScript "nixos-flake-update.sh" ''
|
|
set -e
|
|
cd ~/nixos
|
|
|
|
echo "Updating flake inputs..."
|
|
${pkgs.nix}/bin/nix flake lock \
|
|
--update-input nixpkgs \
|
|
--update-input nixpkgs-unstable
|
|
|
|
echo "Flake inputs updated successfully"
|
|
'';
|
|
};
|
|
environment = {
|
|
NIX_CONFIG = "experimental-features = nix-command flakes";
|
|
};
|
|
};
|
|
|
|
systemd.user.services.nixos-rebuild = {
|
|
description = "Rebuild NixOS";
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
ExecStart = pkgs.writeShellScript "nixos-rebuild.sh" ''
|
|
set -e
|
|
|
|
echo "Rebuilding NixOS..."
|
|
${pkgs.nixos-rebuild}/bin/nixos-rebuild switch \
|
|
-L \
|
|
--flake ~/nixos#nate-work
|
|
|
|
echo "NixOS rebuild completed successfully"
|
|
'';
|
|
};
|
|
};
|
|
|
|
# Combined service that runs both update and rebuild in sequence
|
|
systemd.user.services.nixos-upgrade = {
|
|
description = "Update and Rebuild NixOS";
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
# Use a shell script to run both operations in sequence
|
|
ExecStart = pkgs.writeShellScript "nixos-complete-upgrade.sh" ''
|
|
set -e
|
|
|
|
echo "Starting complete NixOS upgrade process..."
|
|
|
|
# First update the flake inputs
|
|
systemctl --user start nixos-flake-update.service
|
|
systemctl --user status nixos-flake-update.service --no-pager
|
|
|
|
# Then rebuild if the update was successful
|
|
if [ $? -eq 0 ]; then
|
|
systemctl --user start nixos-rebuild.service
|
|
systemctl --user status nixos-rebuild.service --no-pager
|
|
else
|
|
echo "Flake update failed, skipping rebuild"
|
|
exit 1
|
|
fi
|
|
|
|
echo "Complete NixOS upgrade process finished"
|
|
'';
|
|
};
|
|
environment = {
|
|
NIX_CONFIG = "experimental-features = nix-command flakes";
|
|
};
|
|
};
|
|
|
|
# Timer to run the upgrade service
|
|
systemd.user.timers.nixos-upgrade = {
|
|
description = "Timer for NixOS Upgrade";
|
|
wantedBy = [ "timers.target" ];
|
|
timerConfig = {
|
|
OnCalendar = "12:00";
|
|
RandomizedDelaySec = "45min";
|
|
Persistent = true; # Run immediately if last run was missed
|
|
};
|
|
};
|
|
};
|
|
}
|