From fbf0dda062005736d802e4357c9fd71277c7eded Mon Sep 17 00:00:00 2001 From: "quentin@aristote.fr" Date: Thu, 20 Mar 2025 07:57:02 +0100 Subject: autoUpgrade: reboot immediately --- config/nix.nix | 40 ++++++++++++++++++++++------------------ 1 file changed, 22 insertions(+), 18 deletions(-) diff --git a/config/nix.nix b/config/nix.nix index 3989c6e..a5110a6 100644 --- a/config/nix.nix +++ b/config/nix.nix @@ -38,6 +38,8 @@ in { # as remote hephaistos git push --force hephaistos master ''; + postStop = lib.mkForce ""; + serviceConfig.TimeoutStopSec = lib.mkForce (lib.mkOptionDefault ""); script = lib.mkForce (let hephaistos = "hephaistos.aristote.mesh"; in @@ -53,27 +55,29 @@ in { switch = "$RESULT/bin/switch-to-configuration"; readlink = "${pkgs.coreutils}/bin/readlink"; luksCfg = config.boot.initrd.luks.devices; + crypt = luksCfg.crypt.device; in if allowReboot - then - '' - ${switch} boot - booted="$(${readlink} /run/booted-system/{initrd,kernel,kernel-modules})" - built="$(${readlink} /nix/var/nix/profiles/system/{initrd,kernel,kernel-modules})" - if [ "$booted" = "$built" ] - then - ${switch} switch - else '' - + lib.optionalString (luksCfg ? crypt) '' - cryptsetup --verbose luksAddKey \ + then '' + ${switch} boot + booted="$(${readlink} /run/booted-system/{initrd,kernel,kernel-modules})" + built="$(${readlink} /nix/var/nix/profiles/system/{initrd,kernel,kernel-modules})" + if [ "$booted" = "$built" ] + then + ${switch} switch + else + ${lib.optionalString (luksCfg ? crypt) '' + cryptsetup luksAddKey ${crypt} /etc/luks/keys/tmp \ --key-file /etc/luks/keys/master \ - ${luksCfg.crypt.device} \ - /etc/luks/keys/tmp - '' - + '' - shutdown -r +1 - fi - '' + --verbose + ''} + shutdown -r now ${lib.optionalString (luksCfg ? crypt) '' || \ + cryptsetup luksRemoveKey ${crypt} \ + --key-file /etc/luks/keys/tmp \ + --verbose + ''} + fi + '' else '' ${switch} switch '' -- cgit v1.2.3