Module for auto-updating packages

infinisil · Mar 5, 2021 · 73528df · 73528df
1 parent c1b9b2e
commit 73528df
Show file tree

Hide file tree

Showing 4 changed files with 79 additions and 2 deletions.
diff --git a/config/machines/vario/default.nix b/config/machines/vario/default.nix
@@ -74,6 +74,12 @@ in {
     }];
   };
 
+  environment.autoUpdate.packages.youtube-dl = {
+    attrPath = [ "youtube-dl" ];
+    url = "channel:nixpkgs-unstable";
+    period = "hourly";
+  };
+
   services.vault.enable = true;
 
   systemd.services.zfs-import-main.before = lib.mkForce [ "betty.mount" ];

diff --git a/config/new-modules/auto-updated-pkgs.nix b/config/new-modules/auto-updated-pkgs.nix
@@ -0,0 +1,72 @@
+{ lib, pkgs, config, ... }:
+let
+  types = lib.types;
+
+  cfg = config.environment.autoUpdate;
+
+  packageType = types.submodule {
+    options.attrPath = lib.mkOption {
+      type = types.uniq (types.listOf types.str);
+    };
+
+    options.url = lib.mkOption {
+      type = types.str;
+      default = "channel:nixpkgs-unstable";
+    };
+
+    options.period = lib.mkOption {
+      type = types.str;
+      default = "daily";
+      description = "See man systemd.time";
+    };
+  };
+
+in {
+  options.environment.autoUpdate.packages = lib.mkOption {
+    type = types.attrsOf packageType;
+    default = {};
+  };
+
+  config = {
+
+    environment.profiles = [ "/var/lib/auto-update/profile" ];
+
+    users.users.auto-update = {
+      isSystemUser = true;
+    };
+
+    # Necessary for --tarball-ttl
+    nix.trustedUsers = [ "auto-update" ];
+
+    systemd.services = lib.mapAttrs' (name: value: lib.nameValuePair "update-${name}" {
+      script = ''
+        set -x
+        out=$(nix-build --tarball-ttl 0 --no-out-link ${lib.escapeShellArg value.url} \
+          -A ${lib.escapeShellArg (lib.concatMapStringsSep "." lib.strings.escapeNixString value.attrPath)})
+        mkdir -p packages
+        flock -s lock ln -sfT "$out" packages/${lib.escapeShellArg name}
+        flock -x lock nix-env -p profile -ir packages/*
+        flock -x lock nix-env -p profile --delete-generations old
+      '';
+      path = [ config.nix.package pkgs.utillinux ];
+      environment.HOME = "%T/home";
+      serviceConfig = {
+        Type = "oneshot";
+        User = "auto-update";
+        PrivateTmp = true;
+        StateDirectory = "auto-update";
+        WorkingDirectory = "%S/auto-update";
+      };
+    }) cfg.packages;
+
+    systemd.timers = lib.mapAttrs' (name: value: lib.nameValuePair "update-${name}" {
+      wantedBy = [ "timers.target" ];
+      timerConfig = {
+        OnCalendar = value.period;
+        Persistent = true;
+      };
+    }) cfg.packages;
+
+  };
+
+}
diff --git a/config/new-modules/profiles/desktop.nix b/config/new-modules/profiles/desktop.nix
@@ -48,7 +48,6 @@ with lib;
 
     environment.systemPackages = with pkgs; [
       neofetch
-      youtube-dl
       ffmpeg-full
       stack
       imagemagick7Big

diff --git a/config/new-modules/x/default.nix b/config/new-modules/x/default.nix
@@ -90,7 +90,7 @@ with lib;
       xsession.enable = true;
 
       home.packages = with pkgs; [
-        mpv
+        (mpv.override { youtubeSupport = false; })
         mine.pics
         thunderbird
         helvetica-neue-lt-std