From 059aaa760ba5b275dc632c371bca903de42edeb2 Mon Sep 17 00:00:00 2001 From: clerie Date: Sun, 17 Mar 2024 15:42:14 +0100 Subject: [PATCH 1/4] pkgs/nixfiles: nixfiles-updated-inputs check if update changes anything --- pkgs/nixfiles/nixfiles-updated-inputs.sh | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/pkgs/nixfiles/nixfiles-updated-inputs.sh b/pkgs/nixfiles/nixfiles-updated-inputs.sh index de6503a..eac8487 100755 --- a/pkgs/nixfiles/nixfiles-updated-inputs.sh +++ b/pkgs/nixfiles/nixfiles-updated-inputs.sh @@ -3,7 +3,7 @@ set -euo pipefail xgit() { - git -c "user.name=Flake Update Bot" -c "user.email=flake-update-bot@clerie.de" "$@" + git -c "user.name=Flake Update Bot" -c "user.email=flake-update-bot@clerie.de" -c "core.pager=cat" "$@" } NOW="$(date --utc +%Y-%m-%d-%H-%M)" @@ -25,8 +25,19 @@ nix flake lock --update-input nixpkgs echo "[!] Commit changes" xgit add flake.lock + xgit commit -m "Update nixpkgs ${NOW}" || true +xgit diff --name-status origin/updated-inputs "${UPDATE_BRANCH}" + +echo "[!] biep" +if xgit diff --quiet origin/updated-inputs "${UPDATE_BRANCH}" +then + echo "[!] Nothing changed, removing branch" + xgit branch -D "${UPDATE_BRANCH}" + exit 0 +fi + echo "[!] Publish ${UPDATE_BRANCH}" xgit push --set-upstream origin "${UPDATE_BRANCH}" From 23d05a3e5d5aa04f0066da35549578c08e72faaa Mon Sep 17 00:00:00 2001 From: clerie Date: Sun, 17 Mar 2024 15:50:49 +0100 Subject: [PATCH 2/4] pkgs/nixfiles: rename nixfiles-system-upgrade to clerie-system-upgrade --- flake.nix | 2 +- modules/clerie-system-upgrade/default.nix | 4 ++-- .../clerie-system-upgrade.nix} | 4 ++-- .../clerie-system-upgrade.sh} | 2 +- pkgs/overlay.nix | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) rename pkgs/{nixfiles/nixfiles-system-upgrade.nix => clerie-system-upgrade/clerie-system-upgrade.nix} (53%) rename pkgs/{nixfiles/nixfiles-system-upgrade.sh => clerie-system-upgrade/clerie-system-upgrade.sh} (95%) diff --git a/flake.nix b/flake.nix index b1dd8e2..00f5920 100644 --- a/flake.nix +++ b/flake.nix @@ -112,6 +112,7 @@ }; in { inherit (pkgs) + clerie-system-upgrade chromium-incognito iot-data nix-remove-result-links @@ -119,7 +120,6 @@ nixfiles-auto-install nixfiles-generate-backup-secrets nixfiles-generate-config - nixfiles-system-upgrade nixfiles-updated-inputs nixfiles-update-ssh-host-keys update-from-hydra diff --git a/modules/clerie-system-upgrade/default.nix b/modules/clerie-system-upgrade/default.nix index 6c3a212..2a83a11 100644 --- a/modules/clerie-system-upgrade/default.nix +++ b/modules/clerie-system-upgrade/default.nix @@ -35,7 +35,7 @@ in serviceConfig = { Type = "oneshot"; - ExecStart = pkgs.nixfiles-system-upgrade + "/bin/nixfiles-system-upgrade --no-confirm${optionalString cfg.allowReboot " --allow-reboot"}${optionalString (config.clerie.monitoring.enable) " --node-exporter-metrics-path /var/lib/prometheus-node-exporter/textfiles/nixfiles-system-upgrade.prom"}"; + ExecStart = pkgs.clerie-system-upgrade + "/bin/clerie-system-upgrade --no-confirm${optionalString cfg.allowReboot " --allow-reboot"}${optionalString (config.clerie.monitoring.enable) " --node-exporter-metrics-path /var/lib/prometheus-node-exporter/textfiles/clerie-system-upgrade.prom"}"; }; }; systemd.timers.clerie-system-auto-upgrade = mkIf cfg.autoUpgrade { @@ -47,7 +47,7 @@ in after = [ "network-online.target" ]; }; environment.systemPackages = with pkgs; [ - nixfiles-system-upgrade + clerie-system-upgrade ]; }; } diff --git a/pkgs/nixfiles/nixfiles-system-upgrade.nix b/pkgs/clerie-system-upgrade/clerie-system-upgrade.nix similarity index 53% rename from pkgs/nixfiles/nixfiles-system-upgrade.nix rename to pkgs/clerie-system-upgrade/clerie-system-upgrade.nix index 9d494f4..5088be4 100644 --- a/pkgs/nixfiles/nixfiles-system-upgrade.nix +++ b/pkgs/clerie-system-upgrade/clerie-system-upgrade.nix @@ -1,8 +1,8 @@ { pkgs, ... }: pkgs.writeShellApplication { - name = "nixfiles-system-upgrade"; - text = builtins.readFile ./nixfiles-system-upgrade.sh; + name = "clerie-system-upgrade"; + text = builtins.readFile ./clerie-system-upgrade.sh; runtimeInputs = with pkgs; [ curl jq diff --git a/pkgs/nixfiles/nixfiles-system-upgrade.sh b/pkgs/clerie-system-upgrade/clerie-system-upgrade.sh similarity index 95% rename from pkgs/nixfiles/nixfiles-system-upgrade.sh rename to pkgs/clerie-system-upgrade/clerie-system-upgrade.sh index 18e8e6b..7e2ad11 100755 --- a/pkgs/nixfiles/nixfiles-system-upgrade.sh +++ b/pkgs/clerie-system-upgrade/clerie-system-upgrade.sh @@ -55,7 +55,7 @@ echo "Set as boot target" if [[ -n "$NODE_EXPORTER_METRICS_PATH" ]]; then echo "Write monitoring check data" - echo "nixfiles_system_upgrade_last_check $(date +%s)" > "$NODE_EXPORTER_METRICS_PATH" + echo "clerie_system_upgrade_last_check $(date +%s)" > "$NODE_EXPORTER_METRICS_PATH" fi BOOTED_SYSTEM_KERNEL="$(readlink /run/booted-system/{initrd,kernel,kernel-modules})" diff --git a/pkgs/overlay.nix b/pkgs/overlay.nix index 530c957..5a0267f 100644 --- a/pkgs/overlay.nix +++ b/pkgs/overlay.nix @@ -1,4 +1,5 @@ final: prev: { + clerie-system-upgrade = final.callPackage ./clerie-system-upgrade/clerie-system-upgrade.nix {}; chromium-incognito = final.callPackage ./chromium-incognito {}; iot-data = final.python3.pkgs.callPackage ./iot-data {}; nix-remove-result-links = final.callPackage ./nix-remove-result-links {}; @@ -6,7 +7,6 @@ final: prev: { nixfiles-auto-install = final.callPackage ./nixfiles/nixfiles-auto-install.nix {}; nixfiles-generate-backup-secrets = final.callPackage ./nixfiles/nixfiles-generate-backup-secrets.nix {}; nixfiles-generate-config = final.callPackage ./nixfiles/nixfiles-generate-config.nix {}; - nixfiles-system-upgrade = final.callPackage ./nixfiles/nixfiles-system-upgrade.nix {}; nixfiles-updated-inputs = final.callPackage ./nixfiles/nixfiles-updated-inputs.nix {}; nixfiles-update-ssh-host-keys = final.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {}; update-from-hydra = final.callPackage ./update-from-hydra {}; From 7a4177f36027b2edec43f9517cdb39137361fa13 Mon Sep 17 00:00:00 2001 From: clerie Date: Sun, 17 Mar 2024 16:14:54 +0100 Subject: [PATCH 3/4] pkgs/nixfiles: rename nixfiles-updated-inputs to clerie-update-nixfiles --- flake.nix | 2 +- hosts/osmium/nixfiles-updated-inputs.nix | 14 +++++++------- ...uts-ssh.age => clerie-update-nixfiles-ssh.age} | Bin .../clerie-update-nixfiles.nix} | 4 ++-- .../clerie-update-nixfiles.sh} | 0 pkgs/overlay.nix | 2 +- 6 files changed, 11 insertions(+), 11 deletions(-) rename hosts/osmium/secrets/{nixfiles-updated-inputs-ssh.age => clerie-update-nixfiles-ssh.age} (100%) rename pkgs/{nixfiles/nixfiles-updated-inputs.nix => clerie-update-nixfiles/clerie-update-nixfiles.nix} (54%) rename pkgs/{nixfiles/nixfiles-updated-inputs.sh => clerie-update-nixfiles/clerie-update-nixfiles.sh} (100%) diff --git a/flake.nix b/flake.nix index 00f5920..192ddd4 100644 --- a/flake.nix +++ b/flake.nix @@ -113,6 +113,7 @@ in { inherit (pkgs) clerie-system-upgrade + clerie-update-nixfiles chromium-incognito iot-data nix-remove-result-links @@ -120,7 +121,6 @@ nixfiles-auto-install nixfiles-generate-backup-secrets nixfiles-generate-config - nixfiles-updated-inputs nixfiles-update-ssh-host-keys update-from-hydra uptimestatus; diff --git a/hosts/osmium/nixfiles-updated-inputs.nix b/hosts/osmium/nixfiles-updated-inputs.nix index cff6766..3327e80 100644 --- a/hosts/osmium/nixfiles-updated-inputs.nix +++ b/hosts/osmium/nixfiles-updated-inputs.nix @@ -1,20 +1,20 @@ { config, pkgs, ... }: { - systemd.services.nixfiles-updated-inputs = { + systemd.services.clerie-update-nixfiles = { environment = { - GIT_SSH_COMMAND = "ssh -o UserKnownHostsFile=${pkgs.writeText "known_hosts" "git.clerie.de ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIHQDwfRlw6L+pkLjXDgW2BUWlY1zNEDtVhNEsClgqaL"} -i %d/nixfiles-updated-inputs-ssh"; + GIT_SSH_COMMAND = "ssh -o UserKnownHostsFile=${pkgs.writeText "known_hosts" "git.clerie.de ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIHQDwfRlw6L+pkLjXDgW2BUWlY1zNEDtVhNEsClgqaL"} -i %d/clerie-update-nixfiles-ssh"; # nix likes a home directory to place the cache there - HOME = "/var/lib/nixfiles-updated-inputs"; + HOME = "/var/lib/clerie-update-nixfiles"; }; serviceConfig = { Type = "oneshot"; - ExecStart = pkgs.nixfiles-updated-inputs + "/bin/nixfiles-updated-inputs"; - StateDirectory = "nixfiles-updated-inputs"; - WorkingDirectory = "/var/lib/nixfiles-updated-inputs"; + ExecStart = pkgs.clerie-update-nixfiles + "/bin/clerie-update-nixfiles"; + StateDirectory = "clerie-update-nixfiles"; + WorkingDirectory = "/var/lib/clerie-update-nixfiles"; DynamicUser = true; # this sets the correct file permissions for the ssh key because we use DynamicUser - LoadCredential = "nixfiles-updated-inputs-ssh:${config.age.secrets."nixfiles-updated-inputs-ssh".path}"; + LoadCredential = "clerie-update-nixfiles-ssh:${config.age.secrets."clerie-update-nixfiles-ssh".path}"; }; startAt = "*-*-* 03:03:00"; }; diff --git a/hosts/osmium/secrets/nixfiles-updated-inputs-ssh.age b/hosts/osmium/secrets/clerie-update-nixfiles-ssh.age similarity index 100% rename from hosts/osmium/secrets/nixfiles-updated-inputs-ssh.age rename to hosts/osmium/secrets/clerie-update-nixfiles-ssh.age diff --git a/pkgs/nixfiles/nixfiles-updated-inputs.nix b/pkgs/clerie-update-nixfiles/clerie-update-nixfiles.nix similarity index 54% rename from pkgs/nixfiles/nixfiles-updated-inputs.nix rename to pkgs/clerie-update-nixfiles/clerie-update-nixfiles.nix index bab538a..bed20c8 100644 --- a/pkgs/nixfiles/nixfiles-updated-inputs.nix +++ b/pkgs/clerie-update-nixfiles/clerie-update-nixfiles.nix @@ -1,8 +1,8 @@ { pkgs, ... }: pkgs.writeShellApplication { - name = "nixfiles-updated-inputs"; - text = builtins.readFile ./nixfiles-updated-inputs.sh; + name = "clerie-update-nixfiles"; + text = builtins.readFile ./clerie-update-nixfiles.sh; runtimeInputs = with pkgs; [ git nix diff --git a/pkgs/nixfiles/nixfiles-updated-inputs.sh b/pkgs/clerie-update-nixfiles/clerie-update-nixfiles.sh similarity index 100% rename from pkgs/nixfiles/nixfiles-updated-inputs.sh rename to pkgs/clerie-update-nixfiles/clerie-update-nixfiles.sh diff --git a/pkgs/overlay.nix b/pkgs/overlay.nix index 5a0267f..5a6c751 100644 --- a/pkgs/overlay.nix +++ b/pkgs/overlay.nix @@ -1,5 +1,6 @@ final: prev: { clerie-system-upgrade = final.callPackage ./clerie-system-upgrade/clerie-system-upgrade.nix {}; + clerie-update-nixfiles = final.callPackage ./clerie-update-nixfiles/clerie-update-nixfiles.nix {}; chromium-incognito = final.callPackage ./chromium-incognito {}; iot-data = final.python3.pkgs.callPackage ./iot-data {}; nix-remove-result-links = final.callPackage ./nix-remove-result-links {}; @@ -7,7 +8,6 @@ final: prev: { nixfiles-auto-install = final.callPackage ./nixfiles/nixfiles-auto-install.nix {}; nixfiles-generate-backup-secrets = final.callPackage ./nixfiles/nixfiles-generate-backup-secrets.nix {}; nixfiles-generate-config = final.callPackage ./nixfiles/nixfiles-generate-config.nix {}; - nixfiles-updated-inputs = final.callPackage ./nixfiles/nixfiles-updated-inputs.nix {}; nixfiles-update-ssh-host-keys = final.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {}; update-from-hydra = final.callPackage ./update-from-hydra {}; uptimestatus = final.python3.pkgs.callPackage ./uptimestatus {}; From a9e4cc976029de436a86fa6974f2c6889cf2ac49 Mon Sep 17 00:00:00 2001 From: Flake Update Bot Date: Sun, 17 Mar 2024 16:56:01 +0100 Subject: [PATCH 4/4] Update nixpkgs 2024-03-17-15-55 --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ccc4e02..06ea950 100644 --- a/flake.lock +++ b/flake.lock @@ -212,11 +212,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1708118438, - "narHash": "sha256-kk9/0nuVgA220FcqH/D2xaN6uGyHp/zoxPNUmPCMmEE=", + "lastModified": 1710631334, + "narHash": "sha256-rL5LSYd85kplL5othxK5lmAtjyMOBg390sGBTb3LRMM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5863c27340ba4de8f83e7e3c023b9599c3cb3c80", + "rev": "c75037bbf9093a2acb617804ee46320d6d1fea5a", "type": "github" }, "original": {