diff --git a/nixos/modules/tasks/auto-upgrade.nix b/nixos/modules/tasks/auto-upgrade.nix
index e70004e643e1..69385e5f2fe0 100644
--- a/nixos/modules/tasks/auto-upgrade.nix
+++ b/nixos/modules/tasks/auto-upgrade.nix
@@ -2,9 +2,9 @@
with lib;
-let cfg = config.system.autoUpgrade; in
+let cfg = config.system.autoUpgrade;
-{
+in {
options = {
@@ -21,6 +21,16 @@ let cfg = config.system.autoUpgrade; in
'';
};
+ flake = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ example = "github:kloenk/nix";
+ description = ''
+ The Flake URI of the NixOS configuration to build.
+ Disables the option .
+ '';
+ };
+
channel = mkOption {
type = types.nullOr types.str;
default = null;
@@ -35,10 +45,20 @@ let cfg = config.system.autoUpgrade; in
flags = mkOption {
type = types.listOf types.str;
- default = [];
- example = [ "-I" "stuff=/home/alice/nixos-stuff" "--option" "extra-binary-caches" "http://my-cache.example.org/" ];
+ default = [ ];
+ example = [
+ "-I"
+ "stuff=/home/alice/nixos-stuff"
+ "--option"
+ "extra-binary-caches"
+ "http://my-cache.example.org/"
+ ];
description = ''
Any additional flags passed to nixos-rebuild.
+
+ If you are using flakes and use a local repo you can add
+ [ "--update-input" "nixpkgs" "--commit-lock-file" ]
+ to update nixpkgs.
'';
};
@@ -82,11 +102,23 @@ let cfg = config.system.autoUpgrade; in
config = lib.mkIf cfg.enable {
- system.autoUpgrade.flags =
- [ "--no-build-output" ]
- ++ (if cfg.channel == null
- then [ "--upgrade" ]
- else [ "-I" "nixpkgs=${cfg.channel}/nixexprs.tar.xz" ]);
+ assertions = [{
+ assertion = !((cfg.channel != null) && (cfg.flake != null));
+ message = ''
+ The options 'system.autoUpgrade.channels' and 'system.autoUpgrade.flake' cannot both be set.
+ '';
+ }];
+
+ system.autoUpgrade.flags = [ "--no-build-output" ]
+ ++ (if cfg.flake == null then
+ (if cfg.channel == null then
+ [ "--upgrade" ]
+ else [
+ "-I"
+ "nixpkgs=${cfg.channel}/nixexprs.tar.xz"
+ ])
+ else
+ [ "--flake ${cfg.flake}" ]);
systemd.services.nixos-upgrade = {
description = "NixOS Upgrade";
@@ -96,33 +128,41 @@ let cfg = config.system.autoUpgrade; in
serviceConfig.Type = "oneshot";
- environment = config.nix.envVars //
- { inherit (config.environment.sessionVariables) NIX_PATH;
- HOME = "/root";
- } // config.networking.proxy.envVars;
+ environment = config.nix.envVars // {
+ inherit (config.environment.sessionVariables) NIX_PATH;
+ HOME = "/root";
+ } // config.networking.proxy.envVars;
- path = with pkgs; [ coreutils gnutar xz.bin gzip gitMinimal config.nix.package.out ];
+ path = with pkgs; [
+ coreutils
+ gnutar
+ xz.bin
+ gzip
+ gitMinimal
+ config.nix.package.out
+ ];
script = let
- nixos-rebuild = "${config.system.build.nixos-rebuild}/bin/nixos-rebuild";
- in
- if cfg.allowReboot then ''
- ${nixos-rebuild} boot ${toString cfg.flags}
- booted="$(readlink /run/booted-system/{initrd,kernel,kernel-modules})"
- built="$(readlink /nix/var/nix/profiles/system/{initrd,kernel,kernel-modules})"
- if [ "$booted" = "$built" ]; then
- ${nixos-rebuild} switch ${toString cfg.flags}
- else
- /run/current-system/sw/bin/shutdown -r +1
- fi
- '' else ''
- ${nixos-rebuild} switch ${toString cfg.flags}
- '';
+ nixos-rebuild =
+ "${config.system.build.nixos-rebuild}/bin/nixos-rebuild";
+ in if cfg.allowReboot then ''
+ ${nixos-rebuild} boot ${toString cfg.flags}
+ booted="$(readlink /run/booted-system/{initrd,kernel,kernel-modules})"
+ built="$(readlink /nix/var/nix/profiles/system/{initrd,kernel,kernel-modules})"
+ if [ "$booted" = "$built" ]; then
+ ${nixos-rebuild} switch ${toString cfg.flags}
+ else
+ /run/current-system/sw/bin/shutdown -r +1
+ fi
+ '' else ''
+ ${nixos-rebuild} switch ${toString cfg.flags}
+ '';
startAt = cfg.dates;
};
- systemd.timers.nixos-upgrade.timerConfig.RandomizedDelaySec = cfg.randomizedDelaySec;
+ systemd.timers.nixos-upgrade.timerConfig.RandomizedDelaySec =
+ cfg.randomizedDelaySec;
};