cominfra
/
experimental-vms
9
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix automatic updates 

According to the operating-system-file fileld of
unattended-upgrade-configuration in the manual, automatic updates
don't work when "/run/current-system/configuration.scm [...] refers to
extra files (SSH public keys, extra configuration files, etc.) via
local-file and similar constructs.".

So we need these files in the store and to point to them to make the
automatic updates work.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
This commit is contained in:
Denis 'GNUtoo' Carikli 2023-10-02 20:57:29 +02:00
parent 61c1a2da98
commit 7b663f9813
Signed by: GNUtoo
GPG Key ID: 5F5DFCC14177E263
1 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
mumble-vm-system.scm.tmpl
View File

@ -30,6 +30,34 @@
(define enable-wireguard? (string=? "yes" "ENABLE_WIREGUARD")) (define enable-wireguard? (string=? "yes" "ENABLE_WIREGUARD"))
(define mumble-vm-config
(package
(name "mumble-vm-config")
(version "0.1")
;; TODO: Make that tarball reproducible
(source (local-file "mumble-vm.tar.xz"))
(build-system copy-build-system)
(arguments
(list
#:install-plan
#~(list
'("first-boot.sh" "share/mumble-vm/configs/")
'("guix-commit.txt" "share/mumble-vm/configs/")
'("index.html" "share/mumble-vm/configs/")
'("mumble-vm-machine.scm" "share/mumble-vm/configs/")
'("mumble-vm-system.scm" "share/mumble-vm/configs/")
'("id_ed25519.pub" "share/mumble-vm/configs/")
'("Makefile" "share/mumble-vm/configs/")
'("signing-key.pub" "share/mumble-vm/configs/")
'(#$source
"share/mumble-vm/configs/mumble-vm.tar.xz")
'("wireguard-post-up.sh" "share/mumble-vm/configs/"))))
(synopsis "Full machine configuration.")
(description
"This contains all the configuration files of this machine. This is
needed for unattended upgrades to work.")
(home-page "DOMAIN")
(license license:gpl3+)))
(define website (define website
(package (package
(name "website") (name "website")
@ -138,6 +166,7 @@ the services after that.")
htop htop
iftop iftop
`(,isc-bind "utils") `(,isc-bind "utils")
mumble-vm-config
net-tools net-tools
nmon nmon
openssh-sans-x openssh-sans-x
@ -238,7 +267,12 @@ https://DOMAIN/
`(("root" , (local-file "id_ed25519.pub")) `(("root" , (local-file "id_ed25519.pub"))
("gnutoo" ,(local-file "id_ed25519.pub")))))) ("gnutoo" ,(local-file "id_ed25519.pub"))))))
;; Unattended Upgrades ;; Unattended Upgrades
(service unattended-upgrade-service-type)) (service
unattended-upgrade-service-type
(unattended-upgrade-configuration
(operating-system-file (string-append "/run/current-system/profile"
"/share/mumble-vm/configs/"
"mumble-vm-system.scm")))))
(if enable-wireguard? (if enable-wireguard?
(list (list
(service wireguard-service-type (service wireguard-service-type