nixos-config/common/services/autoupgrade.nix

{pkgs, ...}: {
  # Sets a timer that will pull a new version
  # of the flake and rebuild each week.
  systemd.timers."nix-auto-upgrade" = {
    enable = true;
    wantedBy = ["timers.target"];
    timerConfig = {
      FixedRandomDelay = false;
      RandomizedDelaySec = 0;
      OnCalendar = "weekly";
      Persistent = true;
      Unit = "nix-auto-upgrade";
    };
  };

  systemd.services."nix-auto-upgrade" = {
    enable = true;

    description = "Unattended Upgrade";

    restartIfChanged = false;
    unitConfig.X-StopOnRemoval = false;

    after = ["network-online.target"];
    wants = ["network-online.target"];

    serviceConfig = {
      Type = "oneshot";
      User = "root";
      WorkingDirectory = /etc/nixos/nixos-config;
    };

    path = with pkgs; [
      coreutils
      gnutar
      xz.bin
      gzip
      gitMinimal
      curl
    ];

    script = ''
      set -eu

      ${pkgs.nixos-rebuild}/bin/nixos-rebuild boot -L --flake git+https://git.vulpecula.zone/tasiaiso/nixos-config

      ${pkgs.curl}/bin/curl \
        -H "Title: NixOS upgrade done" \
        -H "Priority: low" \
        -H "Tags: low" \
        -d "$(cat /etc/hostname): upgrade script done" \
        ntfy.sh/tasiaiso_upgrades &> /dev/null # Please don't make me learn how to manage secrets
    '';
  };
}
a 2024-05-24 12:57:53 +02:00			`{pkgs, ...}: {`
move secrets to its own file 2024-08-10 19:23:59 +02:00			`# Sets a timer that will pull a new version`
			`# of the flake and rebuild each week.`
lol 2024-06-07 18:06:59 +02:00			`systemd.timers."nix-auto-upgrade" = {`
a 2024-06-07 18:16:19 +02:00			`enable = true;`
lol 2024-06-07 18:06:59 +02:00			`wantedBy = ["timers.target"];`
			`timerConfig = {`
			`FixedRandomDelay = false;`
			`RandomizedDelaySec = 0;`
			`OnCalendar = "weekly";`
			`Persistent = true;`
			`Unit = "nix-auto-upgrade";`
			`};`
			`};`
new 2024-05-24 13:43:30 +02:00
lol 2024-06-07 18:06:59 +02:00			`systemd.services."nix-auto-upgrade" = {`
a 2024-06-07 18:16:19 +02:00			`enable = true;`
autoupgrade ok ? 2024-06-07 18:27:05 +02:00
move secrets to its own file 2024-08-10 19:23:59 +02:00			`description = "Unattended Upgrade";`
autoupgrade ok ? 2024-06-07 18:27:05 +02:00
			`restartIfChanged = false;`
			`unitConfig.X-StopOnRemoval = false;`

			`after = ["network-online.target"];`
			`wants = ["network-online.target"];`

lol 2024-06-07 18:06:59 +02:00			`serviceConfig = {`
			`Type = "oneshot";`
			`User = "root";`
			`WorkingDirectory = /etc/nixos/nixos-config;`
			`};`
autoupgrade 2024-05-24 12:51:50 +02:00
autoupgrade ok ? 2024-06-07 18:27:05 +02:00			`path = with pkgs; [`
			`coreutils`
			`gnutar`
			`xz.bin`
			`gzip`
			`gitMinimal`
move secrets to its own file 2024-08-10 19:23:59 +02:00			`curl`
autoupgrade ok ? 2024-06-07 18:27:05 +02:00			`];`

lol 2024-06-07 18:06:59 +02:00			`script = ''`
			`set -eu`
autoupgrade 2024-05-24 12:51:50 +02:00
dear lord almighty i can't believe this 2025-02-03 00:02:16 +01:00			`${pkgs.nixos-rebuild}/bin/nixos-rebuild boot -L --flake git+https://git.vulpecula.zone/tasiaiso/nixos-config`
autoupgrade ok ? 2024-06-07 18:27:05 +02:00
lol 2024-06-07 18:06:59 +02:00			`${pkgs.curl}/bin/curl \`
			`-H "Title: NixOS upgrade done" \`
			`-H "Priority: low" \`
			`-H "Tags: low" \`
			`-d "$(cat /etc/hostname): upgrade script done" \`
			`ntfy.sh/tasiaiso_upgrades &> /dev/null # Please don't make me learn how to manage secrets`
			`'';`
autoupgrade 2024-05-24 12:51:50 +02:00			`};`
a 2024-05-24 12:57:53 +02:00			`}`