From e62f6e9dce6f034b1719fcba19e1f6d67deac324 Mon Sep 17 00:00:00 2001
From: Julian Mutter <julian.mutter@comumail.de>
Date: Sat, 26 Jul 2025 08:12:43 +0200
Subject: [PATCH] Fix frajul-auto-upgrade git permission issue

---
 modules/nixos/frajul-auto-upgrade.nix | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/modules/nixos/frajul-auto-upgrade.nix b/modules/nixos/frajul-auto-upgrade.nix
index feda4ef..89456f2 100644
--- a/modules/nixos/frajul-auto-upgrade.nix
+++ b/modules/nixos/frajul-auto-upgrade.nix
@@ -64,10 +64,7 @@ in {
           exit 1
         fi
 
-        echo $$ > "$LOCK_FILE"
-        trap 'rm -f "$LOCK_FILE"' EXIT
-
-        if nix flake update --flake "${cfg.flakePath}" && nixos-rebuild switch --flake "${cfg.flakePath}"; then
+        if /run/current-system/sw/bin/nix flake update --flake "${cfg.flakePath}" && /run/current-system/sw/bin/nixos-rebuild switch --flake "${cfg.flakePath}"; then
             echo "success" > "$LAST_STATUS_FILE"
         else
             echo "failure" > "$LAST_STATUS_FILE"
@@ -131,10 +128,28 @@ in {
       '')
     ];
 
+    # Fixes error: repository path '...' is not owned by current user
+    environment.etc."root/.gitconfig".text = ''
+      [safe]
+        directory = ${cfg.flakePath}
+    '';
+
     systemd.services.frajul-auto-upgrade = {
       description = "Frajul's NixOS Auto Upgrade";
       after = ["network-online.target"];
+      wants = ["network-online.target"];
       restartIfChanged = false; # Do not start service on nixos switch
+
+      path = with pkgs; [
+        coreutils
+        gnutar
+        xz.bin
+        gzip
+        gitMinimal
+        config.nix.package.out
+        config.programs.ssh.package
+      ];
+
       serviceConfig = {
         Type = "oneshot";
         User = cfg.user;