From 70454613d10e6edddbe1bbecb5db2d87bc4c06aa Mon Sep 17 00:00:00 2001 From: fruchti Date: Sun, 26 Feb 2023 18:36:18 +0100 Subject: [PATCH] Auto-upgrade: Check kernel version before switching --- options/auto-upgrade.nix | 87 ++++++++++++++++++++++------------------ 1 file changed, 48 insertions(+), 39 deletions(-) diff --git a/options/auto-upgrade.nix b/options/auto-upgrade.nix index cc6a459..4861c40 100644 --- a/options/auto-upgrade.nix +++ b/options/auto-upgrade.nix @@ -19,7 +19,7 @@ in config = mkIf cfg.enable { systemd.services.nixos-upgrade.script = mkOverride 50 ( - let + let nixos-rebuild = "${config.system.build.nixos-rebuild}/bin/nixos-rebuild"; date = "${pkgs.coreutils}/bin/date"; readlink = "${pkgs.coreutils}/bin/readlink"; @@ -29,26 +29,23 @@ in upgradeFlag = optional (cfg.channel == null) "--upgrade"; in '' set -o pipefail - - upgrade() { - ${nixos-rebuild} ${cfg.operation} ${toString (cfg.flags ++ upgradeFlag)} - } - + indent() { while read -r line ; do echo " $line" done <<< "$1" } - + start_time="$(${date})" reboot_allowed="no" + activate_configuration="yes" do_reboot="no" exit_code=0 - + ${optionalString cfg.allowReboot '' reboot_allowed="yes" - + ${optionalString (cfg.rebootWindow != null) '' current_time="$(${date} +%H:%M)" lower="${cfg.rebootWindow.lower}" @@ -74,10 +71,8 @@ in ''} output_file="$(mktemp)" - upgrade 2>&1 | tee "$output_file" || exit_code=$? - upgrade_output="$(cat "$output_file")" - rm -f "$output_file" - + ${nixos-rebuild} boot ${toString (cfg.flags ++ upgradeFlag)} 2>&1 | tee "$output_file" || exit_code=$? + send_email=no email_subject="Upgrade succeeded" email_body="The system upgrade started at $start_time has succeeded." @@ -86,30 +81,15 @@ in email_subject="Upgrade failed (exit code $exit_code)" email_body="The system upgrade started at $start_time has failed with exit code $exit_code." fi - - possible_warnings="$(${grep} -e "^trace:" <<<"$upgrade_output" || true)" - if [ "$possible_warnings" != "" ] ; then - send_email=yes - email_subject="$email_subject with warnings" - email_body="$(cat <<-EOF - $email_body - - - These trace messages and warnings were encountered: - --------------------------------------------------- - $possible_warnings - EOF - )" - fi - + booted_version="$(${readlink} /run/booted-system/{initrd,kernel,kernel-modules})" built_version="$(${readlink} /nix/var/nix/profiles/system/{initrd,kernel,kernel-modules})" - + if [ "$booted_version" != "$built_version" ] ; then version_comparison="$(cat <<-EOF The booted kernel version $(indent "$booted_version") - does not match currently active + does not match the newly built $(indent "$built_version") . EOF @@ -119,19 +99,48 @@ in email_subject="$email_subject, reboot required" email_body="$(cat <<-EOF $email_body - - + + A reboot is required, because: ------------------------------ $version_comparison EOF )" + activate_configuration="no" if [ "$reboot_allowed" = "yes" ] && [ $exit_code -eq 0 ] ; then email_body="$(printf "%s\n%s" "$email_body" "The system will reboot now.")" do_reboot="yes" + activate_configuration="yes" + else + email_body="$(printf "%s\n%s" "$email_body" "The upgraded configuration will be activated on the next reboot.")" fi fi - + + ${optionalString (cfg.operation == "switch") '' + if [ "$activate_configuration" = "yes" ] ; then + echo "Activating new configuration." + ${nixos-rebuild} switch ${toString cfg.flags} 2>&1 | tee -a "$output_file" || exit_code=$? + fi + ''} + + upgrade_output="$(cat "$output_file")" + rm -f "$output_file" + + possible_warnings="$(${grep} -e "^trace:" <<<"$upgrade_output" || true)" + if [ "$possible_warnings" != "" ] ; then + send_email=yes + email_subject="$email_subject with warnings" + email_body="$(cat <<-EOF + $email_body + + + These trace messages and warnings were encountered: + --------------------------------------------------- + $possible_warnings + EOF + )" + fi + ${optionalString cfg.sendEmail '' if [ "$send_email" = "yes" ] ; then ${sendmail} -t -X - <<-EOF @@ -141,22 +150,22 @@ in Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 X-Priority: 3 - + $email_body - - + + Full upgrade output: -------------------- $upgrade_output EOF fi ''} - + if [ "$do_reboot" = "yes" ] ; then echo "Rebooting system." ${shutdown} -r +1 fi - + exit $exit_code '' );