foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-01-31 04:58:01 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

profiles/server: add unattended system upgrades as a subcategory

Browse Source
This commit is contained in:
Gabriel Arazas 2023-03-11 12:20:22 +08:00
parent d4395da314
commit ef64840c58
No known key found for this signature in database
GPG Key ID: ADE0C41DAB221FCC
1 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
modules/nixos/profiles/server.nix
View File

@ -12,6 +12,7 @@ in
headless.enable = lib.mkEnableOption "configuration for headless servers";
hardened-config.enable = lib.mkEnableOption "additional hardened configuration for NixOS systems";
cleanup.enable = lib.mkEnableOption "cleanup service for the system";
auto-upgrade.enable = lib.mkEnableOption "unattended system upgrades";
};
config = lib.mkIf cfg.enable (lib.mkMerge [
@ -118,6 +119,27 @@ in
};
})
(lib.mkIf cfg.auto-upgrade.enable {
system.autoUpgrade = {
enable = true;
flake = "github:foo-dogsquared/nixos-config";
allowReboot = true;
persistent = true;
rebootWindow = {
lower = "22:00";
upper = "00:00";
};
dates = "weekly";
flags = [
"--update-input"
"nixpkgs"
"--commit-lock-file"
"--no-write-lock-file"
];
randomizedDelaySec = "1min";
};
})
(lib.mkIf cfg.cleanup.enable {
# Weekly garbage collection of Nix store. Unlike in the desktop config,
# this has looser requirements for the store items age for up to 21 days