Merge pull request #256 from DarkKirb/use-stock-updater

Use stock updater

config/instance-20221213-1915.nix

@@ -151,4 +151,5 @@
   };
 
   services.restic.backups.sysbackup.paths = ["/persist"];
+  system.autoUpgrade.allowReboot = true;
 }

config/nas.nix

@@ -200,4 +200,5 @@
       device = "/dev/sdc3";
     }
   ];
+  system.autoUpgrade.allowReboot = true;
 }

config/nix.nix

@@ -133,69 +133,14 @@
     distributedBuilds = true;
   };
   systemd.services.nix-daemon.environment.TMPDIR = "/build";
-  systemd.services.nixos-upgrade = {
+  system.autoUpgrade = {
-    description = "NixOS Upgrade";
+    enable = true;
-
+    flake = "git+https://git.chir.rs/darkkirb/nixos-config?ref=main";
-    restartIfChanged = false;
+    flags = [
-    unitConfig.X-StopOnRemoval = false;
+      "--no-write-lock-file"
-
+      "-L" # print build logs
-    serviceConfig.Type = "oneshot";
+      ];
-
+    dates = "hourly";
-    path = with pkgs; [
+    randomizedDelaySec = "1h";
-      coreutils
-      gnutar
-      xz.bin
-      gzip
-      gitMinimal
-      config.nix.package.out
-      config.programs.ssh.package
-      jq
-      curl
-    ];
-
-    script = lib.mkDefault ''
-      #!${pkgs.bash}/bin/bash
-
-      set -ex
-
-      builds=$(${pkgs.curl}/bin/curl -H 'accept: application/json' https://hydra.int.chir.rs/jobset/flakes/nixos-config/evals | ${pkgs.jq}/bin/jq -r '.evals[0].builds[]')
-
-      for build in $builds; do
-          doc=$(${pkgs.curl}/bin/curl -H 'accept: application/json' https://hydra.int.chir.rs/build/$build)
-          jobname=$(echo $doc | ${pkgs.jq}/bin/jq -r '.job')
-          if [ "$jobname" = "${config.networking.hostName}.${system}" ]; then
-              drvname=$(echo $doc | ${pkgs.jq}/bin/jq -r '.drvpath')
-              output=$(${pkgs.nix}/bin/nix-store -r $drvname)
-              $output/bin/switch-to-configuration boot
-              booted="$(${pkgs.coreutils}/bin/readlink /run/booted-system/{initrd,kernel,kernel-modules})"
-              built="$(${pkgs.coreutils}/bin/readlink /nix/var/nix/profiles/system/{initrd,kernel,kernel-modules})"
-              if [ "$booted" = "$built" ]; then
-                  $output/bin/switch-to-configuration switch
-              else
-                  ${pkgs.systemd}/bin/shutdown -r +1
-              fi
-              exit
-          fi
-      done
-
-    '';
-    after = ["network-online.target"];
-    wants = ["network-online.target"];
-  };
-  systemd.timers.nixos-upgrade = {
-    timerConfig = {
-      OnBootSec = 300;
-      RandomizedDelaySec = 3600;
-      OnUnitActiveSec = 3600;
-    };
-    requires = ["nixos-upgrade.service"];
-    wantedBy = ["multi-user.target"];
-  };
-  systemd.sockets.nixos-upgrade = {
-    socketConfig = {
-      Service = "nixos-upgrade.service";
-      BindIPv6Only = true;
-      ListenDatagram = "[::]:15553";
-    };
   };
 }

config/nixos-8gb-fsn1-1.nix

@@ -208,23 +208,4 @@
   services.resolved.enable = false;
   services.bind.forwarders = lib.mkForce [];
   services.tailscale.useRoutingFeatures = "server";
-  systemd.services.nixos-upgrade.script = lib.mkForce ''
-    #!${pkgs.bash}/bin/bash
-
-    set -ex
-
-    builds=$(${pkgs.curl}/bin/curl -H 'accept: application/json' https://hydra.int.chir.rs/jobset/flakes/nixos-config/evals | ${pkgs.jq}/bin/jq -r '.evals[0].builds[]')
-
-    for build in $builds; do
-        doc=$(${pkgs.curl}/bin/curl -H 'accept: application/json' https://hydra.int.chir.rs/build/$build)
-        jobname=$(echo $doc | ${pkgs.jq}/bin/jq -r '.job')
-        if [ "$jobname" = "${config.networking.hostName}.${system}" ]; then
-            drvname=$(echo $doc | ${pkgs.jq}/bin/jq -r '.drvpath')
-            output=$(${pkgs.nix}/bin/nix-store -r $drvname)
-            $output/bin/switch-to-configuration switch
-            exit
-        fi
-    done
-
-  '';
 }

config/nutty-noon.nix

@@ -155,4 +155,5 @@
   '';
   services.tailscale.useRoutingFeatures = "client";
   home-manager.users.darkkirb._module.args.withNSFW = lib.mkForce true;
+  system.autoUpgrade.allowReboot = true;
 }

config/services/hydra.nix

@@ -173,32 +173,4 @@ in {
       OnUnitActiveSec = 604800;
     };
   };
-  systemd.services."upload-hydra-results" = {
-    description = "Upload hydra build results";
-    serviceConfig = {
-      Type = "oneshot";
-      User = "hydra-queue-runner";
-      Group = "hydra";
-    };
-    script = ''
-      set -ex
-      if [ -e /var/lib/hydra/queue-runner/uploading ]; then
-        cat /var/lib/hydra/queue-runner/uploading | xargs ${pkgs.nix}/bin/nix copy --to 's3://cache-chir-rs?scheme=https&endpoint=ams1.vultrobjects.com&secret-key=${config.sops.secrets."services/hydra/cache-key".path}&multipart-upload=true&compression=zstd&compression-level=15' -vv
-        rm /var/lib/hydra/queue-runner/uploading
-      fi
-      mv /var/lib/hydra/queue-runner/upload-queue /var/lib/hydra/queue-runner/uploading
-      cat /var/lib/hydra/queue-runner/uploading | xargs ${pkgs.nix}/bin/nix copy --to 's3://cache-chir-rs?scheme=https&endpoint=ams1.vultrobjects.com&secret-key=${config.sops.secrets."services/hydra/cache-key".path}&multipart-upload=true&compression=zstd&compression-level=15' -vv
-      rm /var/lib/hydra/queue-runner/uploading
-    '';
-  };
-  systemd.timers.upload-hydra-results = {
-    enable = true;
-    description = "Upload hydra build results";
-    requires = ["upload-hydra-results.service"];
-    wantedBy = ["multi-user.target"];
-    timerConfig = {
-      OnBootSec = 300;
-      OnUnitActiveSec = 300;
-    };
-  };
 }

config/thinkrac.nix

@@ -179,4 +179,5 @@
   hardware.bluetooth.enable = true;
   services.blueman.enable = true;
   services.tailscale.useRoutingFeatures = "client";
+  system.autoUpgrade.allowReboot = true;
 }

config/vf2.nix

@@ -121,4 +121,5 @@
   ];
   boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
   system.requiredKernelConfig = lib.mkForce [];
+  system.autoUpgrade.allowReboot = true;
 }