clerie/nixfiles
1
0
Fork 0
Code Activity

pkgs/bijwerken-*,modules/bijwerken: Consolidate system update management and refactor under the same name

Browse Source
This commit is contained in:
clerie
2025-08-17 21:49:24 +02:00
parent 72cdef91d9
commit dd76691f7d
18 changed files with 40 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
hosts/dn42-il-gw1/configuration.nix
View File

@@ -237,7 +237,7 @@
];
};
clerie.system-auto-upgrade = {
services.bijwerken = {
autoUpgrade = true;
};

2
hosts/dn42-il-gw5/configuration.nix
View File

@@ -111,7 +111,7 @@
'';
};
clerie.system-auto-upgrade = {
services.bijwerken = {
autoUpgrade = true;
startAt = "*-*-* 06:22:00";
};

2
hosts/dn42-il-gw6/configuration.nix
View File

@@ -105,7 +105,7 @@
'';
};
clerie.system-auto-upgrade = {
services.bijwerken = {
autoUpgrade = true;
startAt = "*-*-* 07:22:00";
};

2
hosts/dn42-ildix-clerie/configuration.nix
View File

@@ -161,7 +161,7 @@
}
'';
clerie.system-auto-upgrade = {
services.bijwerken = {
autoUpgrade = true;
};

2
hosts/dn42-ildix-service/configuration.nix
View File

@@ -70,7 +70,7 @@
networking.firewall.allowedTCPPorts = [ 80 443 ];
clerie.system-auto-upgrade = {
services.bijwerken = {
autoUpgrade = true;
};

2
hosts/nonat/configuration.nix
View File

@@ -41,7 +41,7 @@
networking.firewall.allowedUDPPorts = [];
clerie.system-auto-upgrade = {
services.bijwerken = {
autoUpgrade = true;
};

2
hosts/porter/configuration.nix
View File

@@ -58,7 +58,7 @@
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedUDPPorts = [];
clerie.system-auto-upgrade = {
services.bijwerken = {
autoUpgrade = true;
};

2
hosts/storage-2/configuration.nix
View File

@@ -52,7 +52,7 @@
};
};
clerie.system-auto-upgrade = {
services.bijwerken = {
autoUpgrade = true;
};

19
modules/clerie-system-upgrade/default.nix → modules/bijwerken/default.nix
View File

@@ -3,13 +3,13 @@
with lib;
let
cfg = config.clerie.system-auto-upgrade;
cfg = config.services.bijwerken;
in
{
options = {
clerie.system-auto-upgrade = {
enable = mkEnableOption "clerie system upgrade";
services.bijwerken = {
enable = mkEnableOption "Automatic system upgrades";
autoUpgrade = mkOption {
type = types.bool;
default = false;
@@ -20,10 +20,15 @@ in
default = null;
description = "Systemd time string for starting the unit";
};
nodeExporterTextfilePath = mkOption {
type = with types; nullOr str;
default = null;
description = "Path to node exporter textfile for putting metrics";
};
};
};
config = mkIf cfg.enable {
systemd.services.clerie-system-auto-upgrade = {
systemd.services.bijwerken-system-upgrade = {
requires = [ "network-online.target" ];
after = [ "network-online.target" ];
@@ -33,10 +38,10 @@ in
serviceConfig = {
Type = "oneshot";
ExecStart = pkgs.clerie-system-upgrade + "/bin/clerie-system-upgrade --no-confirm${optionalString (config.clerie.monitoring.enable) " --node-exporter-metrics-path /var/lib/prometheus-node-exporter/textfiles/clerie-system-upgrade.prom"}";
ExecStart = (getExe pkgs.bijwerken-system-upgrade) + " --no-confirm${optionalString (cfg.nodeExporterTextfilePath != null) " --node-exporter-metrics-path ${cfg.nodeExporterTextfilePath}"}";
};
};
systemd.timers.clerie-system-auto-upgrade = mkIf cfg.autoUpgrade {
systemd.timers.bijwerken-system-upgrade = mkIf cfg.autoUpgrade {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = if cfg.startAt == null then "*-*-* 05:37:00" else cfg.startAt;
@@ -46,7 +51,7 @@ in
after = [ "network-online.target" ];
};
environment.systemPackages = with pkgs; [
clerie-system-upgrade
bijwerken-system-upgrade
];
};
}

2
modules/default.nix
View File

@@ -5,9 +5,9 @@
./policyrouting
./akne
./backup
./bijwerken
./clerie-firewall
./clerie-gc-dir
./clerie-system-upgrade
./dhcpcd-prefixdelegation
./minecraft-server
./monitoring

2
modules/monitoring/default.nix
View File

@@ -75,6 +75,8 @@ in
systemd.services."prometheus-node-exporter".serviceConfig.RestrictAddressFamilies = [ "AF_NETLINK" ];
services.bijwerken.nodeExporterTextfilePath = "/var/lib/prometheus-node-exporter/textfiles/bijwerken-system-upgrade.prom";
services.prometheus.exporters.bird = mkIf cfg.bird {
enable = true;
};

2
pkgs/nixfiles/nixfiles-trigger-system-upgrade.sh → pkgs/bijwerken-poke/bijwerken-poke.sh
View File

@@ -2,4 +2,4 @@
TARGETS="$(nix --extra-experimental-features "nix-command flakes" eval --raw ".#nixosConfigurations" --apply "nixosConfigurations: builtins.concatStringsSep \"\\n\" (builtins.attrValues (builtins.mapAttrs (name: host: host.config.networking.fqdn) nixosConfigurations))")"
pssh -h <(echo "${TARGETS}") -i -- sudo systemctl start clerie-system-auto-upgrade.service --no-block
pssh -h <(echo "${TARGETS}") -i -- sudo systemctl start bijwerken-system-upgrade.service --no-block

10
pkgs/bijwerken-poke/default.nix Normal file
View File

@@ -0,0 +1,10 @@
{ pkgs, ... }:
pkgs.writeShellApplication {
name = "bijwerken-poke";
text = builtins.readFile ./bijwerken-poke.sh;
runtimeInputs = with pkgs; [
pssh
];
}

2
pkgs/clerie-system-upgrade/clerie-system-upgrade.sh → pkgs/bijwerken-system-upgrade/bijwerken-system-upgrade.sh
View File

@@ -50,7 +50,7 @@ echo "Set as boot target"
if [[ -n "$NODE_EXPORTER_METRICS_PATH" ]]; then
echo "Write monitoring check data"
echo "clerie_system_upgrade_last_check $(date +%s)" > "$NODE_EXPORTER_METRICS_PATH"
echo "bijwerken_system_upgrade_last_check $(date +%s)" > "$NODE_EXPORTER_METRICS_PATH"
fi
BOOTED_SYSTEM_KERNEL="$(readlink /run/booted-system/{initrd,kernel,kernel-modules})"

4
pkgs/clerie-system-upgrade/clerie-system-upgrade.nix → pkgs/bijwerken-system-upgrade/default.nix
View File

@@ -1,8 +1,8 @@
{ pkgs, ... }:
pkgs.writeShellApplication {
name = "clerie-system-upgrade";
text = builtins.readFile ./clerie-system-upgrade.sh;
name = "bijwerken-system-upgrade";
text = builtins.readFile ./bijwerken-system-upgrade.sh;
runtimeInputs = with pkgs; [
curl
jq

10
pkgs/nixfiles/nixfiles-trigger-system-upgrade.nix
View File

@@ -1,10 +0,0 @@
{ pkgs, ... }:
pkgs.writeShellApplication {
name = "nixfiles-trigger-system-upgrade";
text = builtins.readFile ./nixfiles-trigger-system-upgrade.sh;
runtimeInputs = with pkgs; [
pssh
];
}

4
pkgs/overlay.nix
View File

@@ -1,10 +1,11 @@
final: prev: {
bijwerken-poke = final.callPackage ./bijwerken-poke {};
bijwerken-system-upgrade = final.callPackage ./bijwerken-system-upgrade {};
clerie-backup = final.callPackage ./clerie-backup {};
clerie-cleanup-branches = final.callPackage ./clerie-update-nixfiles/clerie-cleanup-branches.nix {};
clerie-keys = final.callPackage ./clerie-keys {};
clerie-ssh-known-hosts = final.callPackage ./clerie-ssh-known-hosts {};
clerie-system-remote-install = final.callPackage ./clerie-system-remote-install {};
clerie-system-upgrade = final.callPackage ./clerie-system-upgrade/clerie-system-upgrade.nix {};
clerie-merge-nixfiles-update = final.callPackage ./clerie-update-nixfiles/clerie-merge-nixfiles-update.nix {};
clerie-sops = final.callPackage ./clerie-sops/clerie-sops.nix {};
clerie-sops-config = final.callPackage ./clerie-sops/clerie-sops-config.nix {};
@@ -22,7 +23,6 @@ final: prev: {
nixfiles-auto-install = final.callPackage ./nixfiles/nixfiles-auto-install.nix {};
nixfiles-generate-config = final.callPackage ./nixfiles/nixfiles-generate-config.nix {};
nixfiles-generate-backup-secrets = final.callPackage ./nixfiles/nixfiles-generate-backup-secrets.nix {};
nixfiles-trigger-system-upgrade = final.callPackage ./nixfiles/nixfiles-trigger-system-upgrade.nix {};
nixfiles-update-ssh-host-keys = final.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {};
pipewire-all-bluetooth = final.callPackage ./pipewire-all-bluetooth {};
print-afra = final.callPackage ./print-afra {};

2
profiles/common-nix/default.nix
View File

@@ -19,7 +19,7 @@ in {
clerie.nixfiles.enable = true;
clerie.system-auto-upgrade.enable = true;
services.bijwerken.enable = true;
nix.settings = {
trusted-users = [ "@wheel" ];