74 lines
1.7 KiB
Nix
74 lines
1.7 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
let
|
|
gitUpdateScript = pkgs.writeShellScript "nix-git-auto-update" ''
|
|
set -euo pipefail
|
|
|
|
LOCAL_PATH="/var/lib/nixos-config"
|
|
REPO_URL="https://git.skarockoi.de/ska/nixos-production.git"
|
|
|
|
if [ ! -d "$LOCAL_PATH/.git" ]; then
|
|
mkdir -p "$LOCAL_PATH"
|
|
chmod 700 "$LOCAL_PATH"
|
|
${pkgs.git}/bin/git clone "$REPO_URL" "$LOCAL_PATH"
|
|
exit 0
|
|
fi
|
|
|
|
cd "$LOCAL_PATH"
|
|
|
|
${pkgs.git}/bin/git fetch origin
|
|
|
|
LOCAL_HEAD=$(${pkgs.git}/bin/git rev-parse HEAD)
|
|
REMOTE_HEAD=$(${pkgs.git}/bin/git rev-parse origin/main)
|
|
|
|
if [ "$LOCAL_HEAD" != "$REMOTE_HEAD" ]; then
|
|
${pkgs.git}/bin/git reset --hard origin/main
|
|
${pkgs.nixos-rebuild}/bin/nixos-rebuild boot \
|
|
-I nixos-config="$LOCAL_PATH/configuration.nix"
|
|
fi
|
|
'';
|
|
in
|
|
{
|
|
##############################
|
|
# Git Auto Update Script
|
|
##############################
|
|
|
|
environment.etc."nix-git-auto-update.sh" = {
|
|
mode = "0700";
|
|
source = gitUpdateScript;
|
|
};
|
|
|
|
##############################
|
|
# systemd service
|
|
##############################
|
|
|
|
systemd.services.nix-git-auto-update = {
|
|
description = "Automatically update NixOS from Git";
|
|
|
|
wants = [ "network-online.target" ];
|
|
after = [ "network-online.target" ];
|
|
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
ExecStart = "/etc/nix-git-auto-update.sh";
|
|
TimeoutStartSec = "10min";
|
|
Restart = "on-failure";
|
|
};
|
|
};
|
|
|
|
##############################
|
|
# systemd timer
|
|
##############################
|
|
|
|
systemd.timers.nix-git-auto-update = {
|
|
description = "Periodic NixOS Git update check";
|
|
|
|
wantedBy = [ "timers.target" ];
|
|
|
|
timerConfig = {
|
|
OnBootSec = "2min";
|
|
OnUnitActiveSec = "5min";
|
|
Persistent = true;
|
|
};
|
|
};
|
|
} |