'';
auto-upgrade-script = pkgs.writeShellScript "auto-upgrade" ''
+ ${pkgs.coreutils}/bin/nice -n 17 \
+ ${pkgs.util-linux}/bin/ionice -c 3 \
${pkgs.util-linux}/bin/flock /run/auto-upgrade-with-pinch ${
pkgs.writeShellScript "auto-upgrade-with-lock-held" ''
set -eo pipefail
# Build
in_tmpdir hydrate ${config.system.build.nixos-rebuild}/bin/nixos-rebuild build
while read user;do
- hydrate /run/wrappers/bin/sudo -u "$user" \
+ hydrate /run/wrappers/bin/sudo -u "$user" -D / \
${pkgs.nix}/bin/nix-build --no-out-link '<nixpkgs>' -A "$(userenv_query "$user" .package)"
done < <( config_query '.userEnvironments | keys []' )
projects / auto-upgrade-with-pinch / blobdiff