nixos-upgrade.serviceConfig.ExecCondition on /etc/nixos changes

2024-11-05 16:33:12 +00:00 · 2023-12-28 12:14:58 +04:00 · 2023-12-28 12:14:58 +04:00 · a32613ece4
parent 0c895e4015
commit a32613ece4
1 changed files with 18 additions and 4 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -88,13 +88,27 @@
    allowReboot = config.selfprivacy.autoUpgrade.allowReboot;
    # TODO get attribute name from selfprivacy options
    flake = "/etc/nixos#default";
+    flags = [ "--verbose" "--print-build-logs" ];
  };
  systemd.services.nixos-upgrade.serviceConfig.WorkingDirectory = "/etc/nixos";
  # TODO parameterize URL somehow; run nix flake update as non-root user
-  systemd.services.nixos-upgrade.serviceConfig.ExecStartPre = ''
-    ${config.nix.package.out}/bin/nix flake update \
-    --override-input selfprivacy-nixos-config git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git?ref=flakes
-  '';
+  systemd.services.nixos-upgrade.serviceConfig.ExecCondition =
+    pkgs.writeShellScript "flake-update-script" ''
+      set -o xtrace
+      if ${config.nix.package.out}/bin/nix flake update \
+      --override-input selfprivacy-nixos-config git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git?ref=flakes
+      then
+          if ${pkgs.diffutils}/bin/diff -u -r /etc/selfprivacy/nixos-config-source/ /etc/nixos/
+          then
+              set +o xtrace
+              echo "No configuration changes detected. Nothing to upgrade."
+              exit 1
+          fi
+      else
+          # ExecStart must not start after 255 exit code, service must fail.
+          exit 255
+      fi
+    '';
  nix = {
    channel.enable = false;