2020-01-15 00:15:23 -08:00
|
|
|
{ pkgs, lib, config, ... }:
|
|
|
|
|
|
|
|
|
|
let
|
|
|
|
|
userLib = import ../users/lib.nix { inherit lib; };
|
|
|
|
|
|
|
|
|
|
sources = import ../nix/sources.nix;
|
|
|
|
|
nixpkgs-update = import sources.nixpkgs-update { returnShellEnv = false; };
|
|
|
|
|
nixpkgsUpdateSystemDependencies = with pkgs; [
|
|
|
|
|
nix
|
|
|
|
|
git
|
|
|
|
|
getent
|
|
|
|
|
gitAndTools.hub
|
|
|
|
|
jq
|
|
|
|
|
tree
|
|
|
|
|
gist
|
|
|
|
|
cachix
|
2020-02-05 20:33:57 -08:00
|
|
|
curl
|
2020-01-15 00:15:23 -08:00
|
|
|
];
|
|
|
|
|
|
2020-01-25 15:05:09 -08:00
|
|
|
nixpkgs-update-github-releases = "${sources.nixpkgs-update-github-releases}/main.py";
|
|
|
|
|
|
2020-01-15 00:15:23 -08:00
|
|
|
nixpkgsUpdateServiceConfigCommon = {
|
|
|
|
|
Type = "oneshot";
|
|
|
|
|
User = "r-ryantm";
|
|
|
|
|
Group = "r-ryantm";
|
|
|
|
|
WorkingDirectory = "/var/lib/nixpkgs-update";
|
|
|
|
|
StateDirectory = "nixpkgs-update";
|
|
|
|
|
StateDirectoryMode = "700";
|
|
|
|
|
CacheDirectory = "nixpkgs-update";
|
|
|
|
|
CacheDirectoryMode = "700";
|
2020-01-21 01:55:01 -08:00
|
|
|
LogsDirectory = "nixpkgs-update";
|
|
|
|
|
LogsDirectoryMode = "700";
|
2020-01-22 12:37:13 +01:00
|
|
|
StandardOutput = "journal";
|
2020-01-15 00:15:23 -08:00
|
|
|
};
|
2020-01-22 12:37:13 +01:00
|
|
|
in
|
|
|
|
|
{
|
2020-01-15 00:15:23 -08:00
|
|
|
users.users.r-ryantm.packages = [ pkgs.cachix ];
|
2020-01-22 12:37:13 +01:00
|
|
|
users.groups.r-ryantm = {};
|
2020-01-15 00:15:23 -08:00
|
|
|
users.users.r-ryantm = {
|
|
|
|
|
useDefaultShell = true;
|
|
|
|
|
isNormalUser = true; # The hub cli seems to really want stuff to be set up like a normal user
|
|
|
|
|
uid = userLib.mkUid "rrtm";
|
|
|
|
|
extraGroups = [ "r-ryantm" ];
|
|
|
|
|
};
|
|
|
|
|
nix.trustedUsers = [
|
|
|
|
|
"r-ryantm"
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
systemd.services.nixpkgs-update = {
|
|
|
|
|
description = "nixpkgs-update service";
|
|
|
|
|
enable = true;
|
2020-01-25 18:33:04 -08:00
|
|
|
restartIfChanged = false;
|
2020-01-15 00:15:23 -08:00
|
|
|
path = nixpkgsUpdateSystemDependencies;
|
|
|
|
|
environment.XDG_CONFIG_HOME = "/var/lib/nixpkgs-update";
|
|
|
|
|
environment.XDG_CACHE_HOME = "/var/cache/nixpkgs-update";
|
2020-01-25 15:05:09 -08:00
|
|
|
# API_TOKEN is used by nixpkgs-update-github-releases
|
2020-01-25 15:15:27 -08:00
|
|
|
environment.API_TOKEN_FILE = "/var/lib/nixpkgs-update/github_token_with_username.txt";
|
2020-01-25 18:33:04 -08:00
|
|
|
# Used by nixpkgs-update-github-releases to install python dependencies
|
|
|
|
|
environment.NIX_PATH = "nixpkgs=${sources.nixpkgs}";
|
2020-01-15 00:15:23 -08:00
|
|
|
|
|
|
|
|
serviceConfig = nixpkgsUpdateServiceConfigCommon;
|
2020-01-21 01:55:01 -08:00
|
|
|
script = ''
|
2020-01-25 15:05:09 -08:00
|
|
|
${nixpkgs-update}/bin/nixpkgs-update delete-done
|
2020-01-25 18:33:04 -08:00
|
|
|
${nixpkgs-update-github-releases} > /var/lib/nixpkgs-update/packages-to-update.txt
|
2020-02-21 22:48:07 -08:00
|
|
|
${nixpkgs-update}/bin/nixpkgs-update update-list --cachix --outpaths
|
2020-01-21 01:55:01 -08:00
|
|
|
${nixpkgs-update}/bin/nixpkgs-update delete-done
|
|
|
|
|
${nixpkgs-update}/bin/nixpkgs-update fetch-repology > /var/lib/nixpkgs-update/packages-to-update.txt
|
2020-02-21 22:48:07 -08:00
|
|
|
${nixpkgs-update}/bin/nixpkgs-update update-list --cachix --outpaths
|
2020-01-21 01:55:01 -08:00
|
|
|
'';
|
2020-01-15 00:15:23 -08:00
|
|
|
};
|
|
|
|
|
|
2020-01-21 01:55:01 -08:00
|
|
|
systemd.timers.nixpkgs-update = {
|
|
|
|
|
description = "nixpkgs-update";
|
2020-01-15 00:15:23 -08:00
|
|
|
enable = true;
|
|
|
|
|
timerConfig = { OnCalendar = "daily"; };
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
}
|
