julian/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity

auto-upgrade: commit flake.lock if upgrading worked

Browse Source
This commit is contained in:
Julian Mutter
2025-12-06 09:22:21 +01:00
parent 8b6ba76848
commit b9cdb9299e
1 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
modules/nixos/frajul-auto-upgrade.nix
View File

@@ -27,6 +27,10 @@ in {
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
security.sudo.extraConfig = ''
root ALL=(julian) NOPASSWD: ${pkgs.git}/bin/git -C "${cfg.flakePath}" commit -m *
'';
# Ensure the flag directory exists # Ensure the flag directory exists
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d /var/lib/frajul-auto-upgrade 0755 root root -" "d /var/lib/frajul-auto-upgrade 0755 root root -"
@@ -67,11 +71,16 @@ in {
echo $$ > "$LOCK_FILE" echo $$ > "$LOCK_FILE"
trap 'rm -f "$LOCK_FILE"' EXIT trap 'rm -f "$LOCK_FILE"' EXIT
if /run/current-system/sw/bin/nix flake update --flake "${cfg.flakePath}" && /run/current-system/sw/bin/nixos-rebuild switch --flake "${cfg.flakePath}"; then # Back up flake.lock
cp -f "${cfg.flakePath}/flake.lock" /var/lib/frajul-auto-upgrade/flake.lock.bak
# Try updating
if /run/current-system/sw/bin/nix flake update --flake "${cfg.flakePath}" && /run/current-system/sw/bin/nixos-rebuild switch --flake "${cfg.flakePath}" && ${pkgs.sudo}/bin/sudo -u julian git -C "${cfg.flakePath}" commit -m "Auto-update flake.lock" -- flake.lock; then
echo "success" > "$LAST_STATUS_FILE" echo "success" > "$LAST_STATUS_FILE"
else else
echo "failure" > "$LAST_STATUS_FILE" echo "failure" > "$LAST_STATUS_FILE"
git -C "${cfg.flakePath}" restore flake.lock # Restore flake.lock
cp -f /var/lib/frajul-auto-upgrade/flake.lock.bak "${cfg.flakePath}/flake.lock"
fi fi
# Write full timestamp # Write full timestamp