X-Git-Url: http://git.scottworley.com/auto-upgrade-with-pinch/blobdiff_plain/eff66a9c0a291e1760e04912a03b3548a7d2e40f..77278deedba83daa99f4ac0f5896570e728a63f3:/modules/auto-upgrade.nix diff --git a/modules/auto-upgrade.nix b/modules/auto-upgrade.nix index fbc8b93..a5c8b50 100644 --- a/modules/auto-upgrade.nix +++ b/modules/auto-upgrade.nix @@ -1,6 +1,7 @@ { config, lib, pkgs, ... }: with lib; let + local-pkgs = import ../. { inherit pkgs; }; cfg = config.system.autoUpgradeWithPinch; pull-repo-script = pkgs.writeShellScript "pull-repo" '' set -eo pipefail @@ -50,7 +51,7 @@ let if [[ "$(prop requireSignature)" == true ]]; then ${pkgs.polite-merge}/bin/polite-merge \ - -c gpg.program=${escapeShellArg (pkgs.keyedgpg cfg.signingKeys)} \ + -c gpg.program=${escapeShellArg (local-pkgs.keyed-gpg cfg.signingKeys)} \ merge --ff-only --verify-signatures else ${pkgs.polite-merge}/bin/polite-merge merge --ff-only @@ -58,7 +59,7 @@ let ''; auto-upgrade-script = pkgs.writeShellScript "auto-upgrade" '' - ${pkgs.utillinux}/bin/flock /run/auto-upgrade-with-pinch ${ + ${pkgs.util-linux}/bin/flock /run/auto-upgrade-with-pinch ${ pkgs.writeShellScript "auto-upgrade-with-lock-held" '' set -eo pipefail @@ -143,12 +144,12 @@ let + concatMapStringsSep "\n" (f: "verify_ownership ${escapeShellArg f}") cfg.upgradeConfig)} - config=$(${pkgs.nix}/bin/nix eval --json -f ${../upgrade-config.nix} \ + config=$(${pkgs.nix}/bin/nix-instantiate --eval --strict --json -A config \ --arg upgradeConfig ${ escapeShellArg ("[" + lib.concatMapStringsSep " " lib.strings.escapeNixString cfg.upgradeConfig + "]") - } config) + } ${../upgrade-config.nix}) config_query() { ${pkgs.jq}/bin/jq -r "$@" <<< "$config" @@ -269,7 +270,6 @@ in { ''; nixpkgs.overlays = [ - (import ../overlays/keyedgpg.nix) (import ../overlays/pinch.nix) (import ../overlays/polite-merge.nix) (self: super: {