nixos: nix: auto update flake and restart auto upgrade

1 files changed, 83 insertions, 36 deletions

diff --git a/modules/nixos/personal/nix.nix b/modules/nixos/personal/nix.nix
index a79e35b..268c330 100644
--- a/modules/nixos/personal/nix.nix
+++ b/modules/nixos/personal/nix.nix
@@ -8,7 +8,13 @@
 in {
   options.personal.nix = {
     enable = lib.mkEnableOption "nix configuration";
-    autoUpgrade = lib.mkEnableOption "automatic system and nixpkgs upgrade";
+    autoUpgrade = {
+      enable = lib.mkEnableOption "automatic system and nixpkgs upgrade";
+      autoUpdateInputs = lib.mkOption {
+        type = with lib.types; listOf str;
+        default = ["nixpkgs"];
+      };
+    };
     flake = lib.mkOption {
       type = with lib.types; nullOr str;
       default = null;
@@ -17,7 +23,13 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
-    nixpkgs = {config.allowUnfree = true; flake = lib.mkDefault { setNixPath = false; setFlakeRegistry = false;};};
+    nixpkgs = {
+      config.allowUnfree = true;
+      flake = lib.mkDefault {
+        setNixPath = false;
+        setFlakeRegistry = false;
+      };
+    };
     nix = {
       package =
         lib.getAttr (
@@ -41,43 +53,78 @@ in {
         options = "--delete-old";
       };
     };
-    system.autoUpgrade = lib.mkIf cfg.autoUpgrade {
+
+    system.autoUpgrade = lib.mkIf cfg.autoUpgrade.enable {
       enable = true;
       flake = cfg.flake;
-      flags =
-        if (cfg.flake == null)
-        then ["--upgrade-all"]
-        else ["--commit-lock-file"] ++ pkgs.personal.lib.updateInputFlag "nixpkgs";
-    };
-    systemd.services = {
-      nixos-upgrade.personal.monitor = true;
-      nix-gc = {
-        after =
-          lib.optional (cfg.autoUpgrade && cfg.gc.enable)
-          "nixos-upgrade.service";
-        personal.monitor = true;
-      };
-      nix-gc-remove-dead-roots = {
-        enable = cfg.gc.enable;
-        description = "Remove dead symlinks in /nix/var/nix/gcroots";
-        serviceConfig.Type = "oneshot";
-        script = "find /nix/var/nix/gcroots -xtype l -delete";
-        before = lib.mkIf config.nix.gc.automatic ["nix-gc.service"];
-        wantedBy = lib.mkIf config.nix.gc.automatic ["nix-gc.service"];
-        personal.monitor = true;
-      };
-      nix-gc-remove-old-hm-gens = let
-        user = config.personal.user;
-      in {
-        enable = cfg.gc.enable && user.enable && user.homeManager.enable;
-        description = "Remove old Home Manager generations for user ${user.name}";
-        serviceConfig.Type = "oneshot";
-        script = "${pkgs.nix}/bin/nix-env --profile /home/${user.name}/.local/state/nix/profiles/home-manager --delete-generations old";
-        before = lib.mkIf config.nix.gc.automatic ["nix-gc.service"];
-        wantedBy = lib.mkIf config.nix.gc.automatic ["nix-gc.service"];
-        personal.monitor = true;
-      };
+      flags = lib.optional (cfg.flake == null) "--upgrade-all";
     };
+    systemd.services = lib.mkMerge [
+      (lib.mkIf cfg.autoUpgrade.enable {
+        # upgrading
+        flake-update = lib.mkIf (cfg.flake != null && cfg.autoUpgrade.autoUpdateInputs != []) {
+          preStart = "${pkgs.host}/bin/host firecat53.net"; # Check network connectivity
+          unitConfig = {
+            Description = "Update flake inputs";
+            StartLimitIntervalSec = 300;
+            StartLimitBurst = 5;
+          };
+          serviceConfig = {
+            ExecStart = "${config.nix.package}/bin/nix flake update --commit-lock-file --flake ${cfg.flake} " + lib.concatStringsSep " " cfg.autoUpgrade.autoUpdateInputs;
+            Restart = "on-failure";
+            RestartSec = "30";
+            Type = "oneshot"; # Ensure that it finishes before starting nixos-upgrade
+          };
+          before = ["nixos-upgrade.service"];
+          path = [pkgs.git];
+          personal.monitor = true;
+        };
+        nixos-upgrade = {
+          preStart = "${pkgs.host}/bin/host firecat53.net"; # Check network connectivity
+          serviceConfig = {
+            Restart = "on-failure";
+            RestartSec = "120";
+          };
+          unitConfig = {
+            StartLimitIntervalSec = 600;
+            StartLimitBurst = 2;
+          };
+          after = ["flake-update.service"];
+          wants = ["flake-update.service"];
+          personal.monitor = true;
+        };
+      })
+      {
+        # cleaning
+        nix-gc = {
+          after =
+            lib.optional (cfg.autoUpgrade.enable && cfg.gc.enable)
+            "nixos-upgrade.service";
+          personal.monitor = true;
+        };
+        nix-gc-remove-dead-roots = {
+          enable = cfg.gc.enable;
+          description = "Remove dead symlinks in /nix/var/nix/gcroots";
+          serviceConfig.Type = "oneshot";
+          script = "find /nix/var/nix/gcroots -xtype l -delete";
+          before = lib.mkIf config.nix.gc.automatic ["nix-gc.service"];
+          wantedBy = lib.mkIf config.nix.gc.automatic ["nix-gc.service"];
+          personal.monitor = true;
+        };
+        nix-gc-remove-old-hm-gens = let
+          user = config.personal.user;
+        in {
+          enable = cfg.gc.enable && user.enable && user.homeManager.enable;
+          description = "Remove old Home Manager generations for user ${user.name}";
+          serviceConfig.Type = "oneshot";
+          script = "${pkgs.nix}/bin/nix-env --profile /home/${user.name}/.local/state/nix/profiles/home-manager --delete-generations old";
+          before = lib.mkIf config.nix.gc.automatic ["nix-gc.service"];
+          wantedBy = lib.mkIf config.nix.gc.automatic ["nix-gc.service"];
+          personal.monitor = true;
+        };
+      }
+    ];
+
     programs.git = lib.mkIf (cfg.flake != null && lib.hasPrefix "git+file" cfg.flake) {
       enable = true;
       config.user = {