Don't upgrade during business hours

[auto-upgrade-with-pinch] / modules / auto-upgrade.nix

diff --git a/modules/auto-upgrade.nix b/modules/auto-upgrade.nix
index 974ebb7a9d96a091e0157428aa6d817b9bfa0949..31e2b0b1519e49cc9af098a8aa5ad284a75885fc 100644 (file)
--- a/modules/auto-upgrade.nix
+++ b/modules/auto-upgrade.nix
@@ -42,14 +42,16 @@ in {
       (import ../overlays/pinch.nix)
       (self: super: {
         auto-upgrade = super.writeShellScriptBin "auto-upgrade" ''
-        set -e
-        (
-          cd /etc/nixos
-          ${self.keyedgit cfg.key}/bin/git pull --ff-only --verify-signatures
-          ${self.pinch}/bin/pinch update channels
-        )
+          flock /run/auto-upgrade-with-pinch ${super.writeShellScript "auto-upgrade-with-lock-held" ''
+            set -e
+            (
+              cd /etc/nixos
+              ${self.keyedgit cfg.key}/bin/git pull --ff-only --verify-signatures
+              ${self.pinch}/bin/pinch update channels
+            )
 
-        ${config.system.build.nixos-rebuild}/bin/nixos-rebuild switch --no-build-output
+            ${config.system.build.nixos-rebuild}/bin/nixos-rebuild switch --no-build-output
+          ''}
         '';
       })
     ];
@@ -84,6 +86,17 @@ in {
         # intervene either to fix the problem or disable automatic updates.
         sleep 2h
 
+        # Wait until outside business hours
+        now=$(date +%s)
+        day_of_week=$(date +%u)
+        business_start=$(date -d  8:00 +%s)
+        business_end=$(  date -d 17:00 +%s)
+        if (( day_of_week <= 5 && now > business_start && now < business_end ));then
+          delay=$((business_end - now))
+          echo "Waiting $delay seconds so we don't upgrade during business hours" >&2
+          sleep "$delay"
+        fi
+
         ${pkgs.auto-upgrade}/bin/auto-upgrade
       '';