Revert "don’t eval nixos-config for updates"

This reverts commit 04dc6eedb6.
2024-05-06 09:44:19 +01:00 · 2024-05-06 09:44:19 +01:00 · 8e04fe6bd5
commit 8e04fe6bd5
parent 57051e9dee
7 changed files with 13 additions and 65 deletions
--- a/config/instance-20221213-1915.nix
+++ b/config/instance-20221213-1915.nix
@ -143,4 +143,5 @@
  };

  services.restic.backups.sysbackup.paths = ["/persist"];
+  system.autoUpgrade.allowReboot = true;
 }
--- a/config/nas.nix
+++ b/config/nas.nix
@ -198,4 +198,5 @@
    nvidiaSettings = true;
    package = config.boot.kernelPackages.nvidiaPackages.stable;
  };
+  system.autoUpgrade.allowReboot = true;
 }
--- a/config/nix.nix
+++ b/config/nix.nix
@ -140,56 +140,14 @@
    distributedBuilds = true;
  };
  systemd.services.nix-daemon.environment.TMPDIR = "/build";
-  systemd.services.nixos-upgrade = {
-    description = "NixOS Upgrade";
-
-    restartIfChanged = false;
-    unitConfig.X-StopOnRemoval = false;
-
-    serviceConfig.Type = "oneshot";
-
-    path = with pkgs; [
-      coreutils
-      gnutar
-      xz.bin
-      gzip
-      gitMinimal
-      config.nix.package.out
-      config.programs.ssh.package
-      jq
-      curl
+  system.autoUpgrade = {
+    enable = true;
+    flake = "github:DarkKirb/nixos-config";
+    flags = [
+      "--no-write-lock-file"
+      "-L" # print build logs
    ];
-
-    script = lib.mkDefault ''
-      #!${pkgs.bash}/bin/bash
-      set -ex
-      builds=$(${pkgs.curl}/bin/curl -H 'accept: application/json' https://hydra.int.chir.rs/jobset/flakes/nixos-config/evals | ${pkgs.jq}/bin/jq -r '.evals[0].builds[]')
-      for build in $builds; do
-          doc=$(${pkgs.curl}/bin/curl -H 'accept: application/json' https://hydra.int.chir.rs/build/$build)
-          jobname=$(echo $doc | ${pkgs.jq}/bin/jq -r '.job')
-          if [ "$jobname" = "${config.networking.hostName}.${system}" ]; then
-              drvname=$(echo $doc | ${pkgs.jq}/bin/jq -r '.drvpath')
-              output=$(${pkgs.nix}/bin/nix-store -r $drvname)
-              $output/bin/switch-to-configuration boot
-              booted="$(${pkgs.coreutils}/bin/readlink /run/booted-system/{initrd,kernel,kernel-modules})"
-              built="$(${pkgs.coreutils}/bin/readlink /nix/var/nix/profiles/system/{initrd,kernel,kernel-modules})"
-              if [ "$booted" = "$built" ]; then
-                  $output/bin/switch-to-configuration switch
-              else
-                  ${pkgs.systemd}/bin/shutdown -r +1
-              fi
-              exit
-          fi
-      done
-    '';
-    after = ["network-online.target"];
-    wants = ["network-online.target"];
-  };
-  systemd.sockets.nixos-upgrade = {
-    socketConfig = {
-      Service = "nixos-upgrade.service";
-      BindIPv6Only = true;
-      ListenDatagram = "[::]:15553";
-    };
+    dates = "hourly";
+    randomizedDelaySec = "1h";
  };
 }
--- a/config/nixos-8gb-fsn1-1.nix
+++ b/config/nixos-8gb-fsn1-1.nix
@ -207,19 +207,4 @@
  services.resolved.enable = false;
  services.bind.forwarders = lib.mkForce [];
  services.tailscale.useRoutingFeatures = "server";
-  systemd.services.nixos-upgrade.script = lib.mkForce ''
-    #!${pkgs.bash}/bin/bash
-    set -ex
-    builds=$(${pkgs.curl}/bin/curl -H 'accept: application/json' https://hydra.int.chir.rs/jobset/flakes/nixos-config/evals | ${pkgs.jq}/bin/jq -r '.evals[0].builds[]')
-    for build in $builds; do
-        doc=$(${pkgs.curl}/bin/curl -H 'accept: application/json' https://hydra.int.chir.rs/build/$build)
-        jobname=$(echo $doc | ${pkgs.jq}/bin/jq -r '.job')
-        if [ "$jobname" = "${config.networking.hostName}.${system}" ]; then
-            drvname=$(echo $doc | ${pkgs.jq}/bin/jq -r '.drvpath')
-            output=$(${pkgs.nix}/bin/nix-store -r $drvname)
-            $output/bin/switch-to-configuration switch
-            exit
-        fi
-    done
-  '';
 }
--- a/config/rainbow-resort.nix
+++ b/config/rainbow-resort.nix
@ -100,5 +100,6 @@

  services.tailscale.useRoutingFeatures = "client";
  home-manager.users.darkkirb._module.args.withNSFW = lib.mkForce true;
+  system.autoUpgrade.allowReboot = true;
  services.prometheus.exporters.node.enabledCollectors = ["drm"];
 }
--- a/config/thinkrac.nix
+++ b/config/thinkrac.nix
@ -120,5 +120,6 @@
  hardware.bluetooth.enable = true;
  services.blueman.enable = true;
  services.tailscale.useRoutingFeatures = "client";
+  system.autoUpgrade.allowReboot = true;
  services.prometheus.exporters.node.enabledCollectors = ["wifi"];
 }
--- a/config/vf2.nix
+++ b/config/vf2.nix
@ -120,4 +120,5 @@
  ];
  boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
  system.requiredKernelConfig = lib.mkForce [];
+  system.autoUpgrade.allowReboot = true;
 }