added upgrade systemd service
This commit is contained in:
parent
063e13b13f
commit
d9138d415d
5 changed files with 81 additions and 11 deletions
|
@ -28,7 +28,10 @@ with lib; {
|
|||
fish.enable = true;
|
||||
};
|
||||
|
||||
kyouma.deployment.tags = [ "all" ];
|
||||
kyouma.deployment = {
|
||||
tags = [ "all" ];
|
||||
upgradeSystem.enable = true;
|
||||
};
|
||||
|
||||
security.dhparams.defaultBitSize = 4096;
|
||||
|
||||
|
|
|
@ -104,6 +104,9 @@
|
|||
|
||||
overlays = {
|
||||
kyouma = import ./pkgs/overlay.nix;
|
||||
otherPkgs = final: prev: {
|
||||
nixos-needsreboot = (inputs.nixos-needsreboot.packages.${final.system}.default);
|
||||
};
|
||||
default = self.overlays.kyouma;
|
||||
};
|
||||
hydraJobs = {
|
||||
|
@ -115,9 +118,7 @@
|
|||
inherit system;
|
||||
overlays = [
|
||||
self.overlays.kyouma
|
||||
(_: _: {
|
||||
nixos-needsreboot = (inputs.nixos-needsreboot.packages.${system}.default);
|
||||
})
|
||||
self.overlays.otherPkgs
|
||||
];
|
||||
};
|
||||
in {
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
../../config/hosts/${hostname}/configuration.nix
|
||||
inputs.sops-nix.nixosModules.sops
|
||||
({ ... }: {
|
||||
nixpkgs.overlays = [ self.overlays.kyouma ];
|
||||
nixpkgs.overlays = [ self.overlays.kyouma self.overlays.otherPkgs ];
|
||||
nixpkgs.hostPlatform.system = system;
|
||||
})
|
||||
];
|
||||
|
|
|
@ -1,14 +1,65 @@
|
|||
{ lib, ... }: with lib; {
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
let cfg = config.kyouma.deployment.upgradeSystem;
|
||||
in {
|
||||
options.kyouma.deployment = {
|
||||
tags = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
type = with types; listOf str;
|
||||
default = [ ];
|
||||
description = "colmena deployment tags";
|
||||
};
|
||||
targetHost = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
type = with types; nullOr str;
|
||||
default = null;
|
||||
description = "colmena target host override";
|
||||
};
|
||||
upgradeSystem = {
|
||||
enable = mkEnableOption "automatically apply hydra builds";
|
||||
allowReboot = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = "automatically reboot if needed";
|
||||
};
|
||||
branch = mkOption {
|
||||
type = types.str;
|
||||
default = "main";
|
||||
description = "branch to use for updates";
|
||||
};
|
||||
noDelay = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "dont use delays";
|
||||
};
|
||||
runFreq = mkOption {
|
||||
type = types.str;
|
||||
default = "*-*-* *:04:20";
|
||||
description = "How often Updates should be fetched. See {manpage}`systemd.timer(5)`";
|
||||
};
|
||||
};
|
||||
};
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.upgrade-system = {
|
||||
requires = [ "network-online.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
restartIfChanged = false;
|
||||
unitConfig.X-StopOnRemoval = false;
|
||||
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
ExecStart = "${pkgs.upgrade-system}/bin/upgrade-system${optionalString cfg.allowReboot " --allow-reboot"} --branch ${cfg.branch}${
|
||||
optionalString cfg.noDelay " --no-delay"
|
||||
}";
|
||||
};
|
||||
};
|
||||
systemd.timers.upgrade-system = {
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig = {
|
||||
OnCalendar = if cfg.noDelay then "*-*-* *:*:00" else cfg.runFreq;
|
||||
RandomizedDelaySec = if cfg.noDelay then "1s" else "1h";
|
||||
};
|
||||
requires = [ "network-online.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
};
|
||||
environment.systemPackages = [ pkgs.upgrade-system ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -3,6 +3,8 @@
|
|||
set -euo pipefail
|
||||
|
||||
ALLOW_REBOOT=
|
||||
BRANCH="main"
|
||||
NO_DELAY=
|
||||
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case $1 in
|
||||
|
@ -10,6 +12,14 @@ while [[ $# -gt 0 ]]; do
|
|||
ALLOW_REBOOT=1
|
||||
shift
|
||||
;;
|
||||
--branch)
|
||||
BRANCH=$2
|
||||
shift
|
||||
;;
|
||||
--no-delay)
|
||||
NO_DELAY=1
|
||||
shift
|
||||
;;
|
||||
*)
|
||||
echo "Unknown option $1"
|
||||
exit 1
|
||||
|
@ -17,7 +27,7 @@ while [[ $# -gt 0 ]]; do
|
|||
esac
|
||||
done
|
||||
|
||||
HYDRA_URL="https://hydra.kyouma.net/job/infra/nixfiles/nixosConfigurations.${HOSTNAME}/latest-finished"
|
||||
HYDRA_URL="https://hydra.kyouma.net/job/nixfiles/${BRANCH}/nixosConfigurations.${HOSTNAME}/latest-finished"
|
||||
|
||||
NEW_STORE_PATH="$(curl --fail -s -L -H "Accept: application/json" "${HYDRA_URL}" | jq -r ".buildoutputs.out.path")"
|
||||
|
||||
|
@ -58,9 +68,14 @@ echo "Set new profile as boot target"
|
|||
|
||||
nixos-needsreboot
|
||||
|
||||
if [[ -n "$NO_DELAY" ]]; then
|
||||
delay="1"
|
||||
else
|
||||
delay="$(echo -n $RANDOM | tail -c 2)"
|
||||
fi
|
||||
|
||||
if [[ -f "/var/run/reboot-required" ]]; then
|
||||
if [[ -n "$ALLOW_REBOOT" ]]; then
|
||||
delay=$(echo -n $RANDOM | tail -c 2)
|
||||
echo "Rebooting system in ${delay} Minutes"
|
||||
shutdown -r +"${delay}"
|
||||
else
|
||||
|
|
Loading…
Reference in a new issue