sam
/
nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

modify nixos update script to add remote build

This commit is contained in:
Sam 2025-01-24 00:14:51 +00:00
parent f1e58a9285
commit d131fe3cc2
4 changed files with 96 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

144
bin/auto-update-nixos
View File

@ -9,103 +9,113 @@ update=false # Whether to update flake.lock (
user=$(/run/current-system/sw/bin/whoami) # Which user account to use for git commands (defaults to whoever called the script)
reboot=false
remote=false
remainingArgs="" # All remaining arguments that haven't yet been processed (will be passed to nixos-rebuild)
remainingArgs="" # All remaining arguments that haven't yet been processed (will be passed to nixos-rebuild)
function usage() {
echo "nixos-rebuild Operations Script (NOS) updates your system and your flake.lock file by pulling the latest versions."
echo ""
echo "Running the script with no parameters performs the following operations:"
echo " 1. Pull the latest version of the config"
echo " 2. Update your flake.lock file"
echo " 3. Commit any changes back to the repository"
echo " 4. Run 'nixos-rebuild switch'."
echo ""
echo "Advanced usage: nixos-upgrade-script.sh [-o|--operation operation] [-f|--flake path-to-flake] [extra nixos-rebuild parameters]"
echo "Options:"
echo " -h, --help Show this help screen."
echo " -o, --operation The nixos-rebuild operation to perform."
echo " -f, --flake <path> The path to your flake.nix file (and optionally, the hostname to build)."
echo " -U, --update Update and commit flake.lock."
echo " -R, --build-host <user@host> Build on remote host."
echo " -r, --reboot Reboots system is there is a kernel or init update"
echo " -u, --user Which user account to run git commands under."
echo ""
exit 2
echo "nixos-rebuild Operations Script (NOS) updates your system and your flake.lock file by pulling the latest versions."
echo ""
echo "Running the script with no parameters performs the following operations:"
echo " 1. Pull the latest version of the config"
echo " 2. Update your flake.lock file"
echo " 3. Commit any changes back to the repository"
echo " 4. Run 'nixos-rebuild switch'."
echo ""
echo "Advanced usage: nixos-upgrade-script.sh [-o|--operation operation] [-f|--flake path-to-flake] [extra nixos-rebuild parameters]"
echo "Options:"
echo " -h, --help Show this help screen."
echo " -o, --operation The nixos-rebuild operation to perform."
echo " -f, --flake <path> The path to your flake.nix file (and optionally, the hostname to build)."
echo " -U, --update Update and commit flake.lock."
echo " -R, --build-host <user@host> Attempt build on remote host."
echo " -r, --reboot Reboots system is there is a kernel or init update"
echo " -u, --user Which user account to run git commands under."
echo ""
exit 2
}
# Argument processing logic shamelessly stolen from https://stackoverflow.com/questions/192249/how-do-i-parse-command-line-arguments-in-bash
POSITIONAL_ARGS=()
while [[ $# -gt 0 ]]; do
case "$1" in
--flake|-f)
flakeDir="$2"
shift
shift
;;
--update|--upgrade|-U)
update=true
shift
;;
--reboot|-r)
reboot=true
shift
;;
--build-host|-R)
remote=true
host="$2"
shift
shift
;;
--operation|-o)
operation="$2"
shift
shift
;;
--user|-u)
user="$2"
shift
shift
;;
--help|-h)
usage
exit 0
;;
*)
POSITIONAL_ARGS+=("$1") # save positional arg
shift
;;
esac
--flake | -f)
flakeDir="$2"
shift
shift
;;
--operation | -o)
operation="$2"
shift
shift
;;
--user | -u)
user="$2"
shift
shift
;;
--build-host | -R)
remote=true
host="$2"
shift
shift
;;
--update | --upgrade | -U)
update=true
shift
;;
--reboot | -r)
reboot=true
shift
;;
--help | -h)
usage
exit 0
;;
*)
POSITIONAL_ARGS+=("$1") # save positional arg
shift
;;
esac
done
remainingArgs=${POSITIONAL_ARGS[@]}
set -- "${POSITIONAL_ARGS[@]}" # restore positional parameters
if [ -z "${flakeDir}" ]; then
echo "Flake directory not specified. Use '--flake <path>' or set \$FLAKE_DIR."
exit 1
echo "Flake directory not specified. Use '--flake <path>' or set \$FLAKE_DIR."
exit 1
fi
cd $flakeDir
current_branch=$(git branch --show-current)
[ "$current_branch" != "master" ] && echo "Not on master branch. Aborting auto-update" && exit 0
# [ "$current_branch" != "master" ] && echo "Not on master branch. Aborting auto-update" && exit 0
echo "Pulling the latest version of the repository..."
/run/wrappers/bin/sudo -u $user git stash
/run/wrappers/bin/sudo -u $user git pull
# /run/wrappers/bin/sudo -u $user git stash
# /run/wrappers/bin/sudo -u $user git pull
/run/wrappers/bin/sudo -u $user nix flake update --commit-lock-file && /run/wrappers/bin/sudo -u $user git push
if [ $update = true ]; then
echo "Updating flake.lock..."
# /run/wrappers/bin/sudo -u $user nix flake update --commit-lock-file && /run/wrappers/bin/sudo -u $user git push
else
echo "Skipping 'nix flake update'..."
fi
options="--flake $flakeDir $remainingArgs --use-remote-sudo"
echo "Running this operation: nixos-rebuild $operation $options"
/run/wrappers/bin/sudo -u root /run/current-system/sw/bin/nixos-rebuild $operation $options
if [ $remote = true ]; then
echo "Attempting remote build..."
/run/wrappers/bin/sudo -u root /run/current-system/sw/bin/nixos-rebuild $operation $options --build-host "$host"
else
/run/wrappers/bin/sudo -u root /run/current-system/sw/bin/nixos-rebuild $operation $options
fi
echo "Checking if reboot is necessary"
reboot_diff=$(diff <(readlink /run/booted-system/{initrd,kernel,kernel-modules}) <(readlink /nix/var/nix/profiles/system/{initrd,kernel,kernel-modules}))
if [ -n "$reboot_diff" ] && [ $reboot == true ]; then
echo "System requires a reboot. Rebooting now..."
reboot
# reboot
else
echo "No reboot necessary."
echo "Update complete."

23
hosts/citadel/default.nix
View File

@ -15,6 +15,7 @@
user = "sam";
impermanence = true;
piholeIp = configVars.networking.addresses.pihole.ip;
merlinIp = configVars.networking.addresses.merlin.ip;
gatewayIp = configVars.networking.addresses.gateway.ip;
in {
imports = [
@ -93,6 +94,7 @@ in {
enable = true;
persistent = true;
reboot = false;
remote = "remotebuild@${merlinIp}";
pushUpdates = false;
configDir = "/etc/nixos";
onCalendar = "*-*-* 08:00:00";
@ -105,15 +107,8 @@ in {
xkb.options = "caps:swapescape";
dpi = 196;
upscaleDefaultCursor = true;
# FIXME this doesnt work for some reason
# displayManager.sessionCommands = pkgs.writeShellScriptBin "key-remaps" ''
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 64 = Mode_switch"
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 43 = h H Left H"
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 44 = j J Down J"
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 45 = k K Up K"
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 46 = l L Right L"
# '';
};
# enable oom killer when system ram drops below 5% free
earlyoom = {
enable = true;
@ -166,18 +161,6 @@ in {
powerManagement.finegrained = true;
open = false;
nvidiaSettings = true;
# # FIXME issue with stable nvidia driver and latest linux kernel
# # use mkDriver to specify newer nvidia driver that is compatible
# # see: https://github.com/NixOS/nixpkgs/issues/341844#issuecomment-2351075413
# # and https://discourse.nixos.org/t/builder-for-nvidia-x11-550-78-6-10-drv-failed-with-exit-code-2/49360/32
# package = config.boot.kernelPackages.nvidiaPackages.mkDriver {
# version = "555.58.02";
# sha256_64bit = "sha256-xctt4TPRlOJ6r5S54h5W6PT6/3Zy2R4ASNFPu8TSHKM=";
# sha256_aarch64 = "sha256-wb20isMrRg8PeQBU96lWJzBMkjfySAUaqt4EgZnhyF8=";
# openSha256 = "sha256-8hyRiGB+m2hL3c9MDA/Pon+Xl6E788MZ50WrrAGUVuY=";
# settingsSha256 = "sha256-ZpuVZybW6CFN/gz9rx+UJvQ715FZnAOYfHn5jt5Z2C8=";
# persistencedSha256 = "sha256-a1D7ZZmcKFWfPjjH1REqPM5j/YLWKnbkP9qfRyIyxAw=";
# };
};
# https://bbs.archlinux.org/viewtopic.php?id=297276 for NVreg_EnableGpuFirmware fix
# https://discourse.nixos.org/t/how-to-use-nvidia-prime-offload-to-run-the-x-server-on-the-integrated-board/9091/15

20
hosts/semita/default.nix
View File

@ -18,6 +18,7 @@
impermanence = true;
piholeIp = configVars.networking.addresses.pihole.ip;
gatewayIp = configVars.networking.addresses.gateway.ip;
merlinIp = configVars.networking.addresses.merlin.ip;
semitaIp = configVars.networking.addresses.semita.ip;
in {
imports = [
@ -83,15 +84,16 @@ in {
};
};
# system.services.nixosAutoUpgrade = {
# enable = true;
# persistent = true;
# reboot = false;
# pushUpdates = false;
# configDir = "/etc/nixos";
# onCalendar = "*-*-* 06:00:00";
# user = "sam";
# };
system.services.nixosAutoUpgrade = {
enable = true;
persistent = true;
remote = "remotebuild@${merlinIp}";
reboot = false;
pushUpdates = false;
configDir = "/etc/nixos";
onCalendar = "*-*-* 06:00:00";
user = "sam";
};
environment.variables = {
GDK_SCALE = "1";

5
modules/nixos/nixosAutoUpgrade.nix
View File

@ -25,6 +25,10 @@ in
description = "Automatically reboots the system if there is a kernel or systemd update.";
default = false;
};
remote = lib.mkOption {
type = lib.types.str;
description = "Attempts build on remote host <user@host>.";
};
onCalendar = lib.mkOption {
default = "daily";
type = lib.types.str;
@ -76,6 +80,7 @@ in
(if cfg.user != "" then "--user ${cfg.user} " else "")
(if cfg.pushUpdates then "--update " else "")
(if cfg.reboot then "--reboot " else "")
(if cfg.remote != "" then "--build-host ${cfg.remote} " else "")
cfg.extraFlags
];
};