sam
/
nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nixos/modules/nixos/nixosAutoUpgrade.nix

101 lines
3.5 KiB
Nix
Raw Blame History

# Run automatic updates. Replaces system.nixosAutoUpgrade.
{ config, lib, pkgs, ... }:
let
cfg = config.system.services.nixosAutoUpgrade;
auto-update-nixos = pkgs.writeShellScriptBin "auto-update-nixos" (
builtins.readFile ../../bin/auto-update-nixos
);
in
{
options = {
system.services.nixosAutoUpgrade = {
enable = lib.mkEnableOption "Enables automatic system updates.";
configDir = lib.mkOption {
type = lib.types.str;
description = "Path where your NixOS configuration files are stored.";
};
extraFlags = lib.mkOption {
type = lib.types.str;
description = "Extra flags to pass to nixos-rebuild.";
default = "";
};
reboot = lib.mkOption {
type = lib.types.bool;
description = "Automatically reboots the system if there is a kernel or systemd update.";
default = false;
};
remote = lib.mkOption {
type = lib.types.str;
description = "Attempts build on remote host <user@host>.";
};
onCalendar = lib.mkOption {
default = "daily";
type = lib.types.str;
description = "How frequently to run updates. See systemd.timer(5) and systemd.time(7) for configuration details.";
};
operation = lib.mkOption {
type = lib.types.enum [
"boot"
"switch"
"test"
];
default = "switch";
description = "Which `nixos-rebuild` operation to perform. Defaults to `switch`.";
};
persistent = lib.mkOption {
default = true;
type = lib.types.bool;
description = "If true, the time when the service unit was last triggered is stored on disk. When the timer is activated, the service unit is triggered immediately if it would have been triggered at least once during the time when the timer was inactive. This is useful to catch up on missed runs of the service when the system was powered down.";
};
pushUpdates = lib.mkEnableOption "Updates the flake.lock file and pushes it back to the repo.";
user = lib.mkOption {
type = lib.types.str;
description = "The user who owns the configDir.";
};
};
};
config = lib.mkIf cfg.enable {
# Assert that system.nixosAutoUpgrade is not also enabled
assertions = [
{
assertion = !config.system.autoUpgrade.enable;
message = "The system.nixosAutoUpgrade option conflicts with this module.";
}
];
# Pull and apply updates.
systemd = {
services."nixos-upgrade" = {
serviceConfig = {
Type = "oneshot";
User = "root";
};
path = ["/run/current-system/sw"];
unitConfig.RequiresMountsFor = cfg.configDir;
script = lib.strings.concatStrings [
"${auto-update-nixos}/bin/auto-update-nixos --operation ${cfg.operation} "
(if cfg.configDir != "" then "--flake ${cfg.configDir} " else "")
(if cfg.user != "" then "--user ${cfg.user} " else "")
(if cfg.pushUpdates then "--update " else "")
(if cfg.reboot then "--reboot " else "")
(if cfg.remote != "" then "--build-host ${cfg.remote} " else "")
cfg.extraFlags
];
};
timers."nixos-upgrade" = {
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = cfg.onCalendar;
Persistent = cfg.persistent;
Unit = "nixos-upgrade.service";
RandomizedDelaySec = "30m";
};
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink