Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to perform unattended system upgrades? #842

Open
jokogr opened this issue Jan 21, 2018 · 10 comments
Open

How to perform unattended system upgrades? #842

jokogr opened this issue Jan 21, 2018 · 10 comments

Comments

@jokogr
Copy link

jokogr commented Jan 21, 2018

In conventional NixOS deployments there is the system.autoUpgrade option which setups a systemd timer and service which perform periodically channel upgrades and nixos-rebuild switch.

Given that nixops does not deploy the configuration to /etc/nixos (so system.autoUpgrade cannot be effectively used), is there anything else that people are using for the same purpose?

@jazmit
Copy link

jazmit commented Jun 23, 2018

+1 There are blog posts suggesting to manually copy the configuration which seems to work, but I would appreciate some opinions from the maintainers on this..

@craigem
Copy link

craigem commented Jul 12, 2019

The only blog post I've been able to find on this issue is:

Auto-upgrade with NixOS and NixOps by Pascal Wittmann.

@asymmetric
Copy link
Contributor

Why doesn’t NixOps copy the configuration.nix to /etc?

@pSub
Copy link
Member

pSub commented Dec 10, 2019

@craigem Does my approach work for you? My configuration has changes slightly since the post. You can find the current version here. However my auto-upgrade is currently was broken, because I use deployment in a module that is required. The filterAttrs has no chance of sorting that out. By the way the issue NixOS/nixpkgs#28527 I mention in my config seems to be resolved in nixpkgs master.

@asymmetric I guess because there is more to it than just copying that file. Look at my configuration for a tast. My approach serves most of my needs but I doubt that it works for everyone.

@MelleB
Copy link

MelleB commented Jan 12, 2020

My hacky work-around is the following 2 lines in my configuration.nix:

environment.etc."nixos/configuration.nix".text = builtins.readFile "/full/path/to/configuration.nix";
environment.etc."nixos/hardware-configuration.nix".text = builtins.readFile "/full/path/to/hardware-configuration.nix";

Hope that helps someone.

@pSub
Copy link
Member

pSub commented Jan 13, 2020

@MelleB Do you copy configuration.nix manually to the server? Or how is full/path/to/configuration.nix realized? The nice thing about my approach is that no manual intervention is needed.

@asymmetric
Copy link
Contributor

asymmetric commented Jan 13, 2020

@pSub which specific parts of your config are you referring to? Is it this one?

@pSub
Copy link
Member

pSub commented Jan 13, 2020

@asymmetric Yes, but you need the activation script and nixos-upgrade-path too. This should be all you need besides the standard nixos-upgrade options.
This copies all configuration files (except the keys and passwords) into /etc/nixos/current. The configuration.nix uses the server attribute from the nixops deployment configuration and removes deployment attributes and requires that have deployment in their filename. This is needed because nixos-rebuild does not know about the deployment attribute.
I hope this makes sense.

@aanderse
Copy link
Member

Maybe I'm missing something... but if you want automatic upgrades on nixops why wouldn't you just make a job that runs nixops deploy on the nixops master server? 🤷‍♂️

@benley
Copy link
Member

benley commented Feb 18, 2020

Maybe I'm missing something... but if you want automatic upgrades on nixops why wouldn't you just make a job that runs nixops deploy on the nixops master server?

That doesn't really work if you run nixops from a laptop, or a workstation that's not always online. It's not a workflow I'd recommend for Real World Business Use, but I suspect it's a common scenario for individual users and SOHO deployments.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

8 participants