From d094493528a73ca76e071cf381490d9e7d27423a Mon Sep 17 00:00:00 2001
From: Scott Worley <scottworley@scottworley.com>
Date: Tue, 14 Apr 2020 21:26:01 -0700
Subject: [PATCH] Disallow concurrent auto-upgrade runs

---
 modules/auto-upgrade.nix | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/modules/auto-upgrade.nix b/modules/auto-upgrade.nix
index 974ebb7..2326ecc 100644
--- a/modules/auto-upgrade.nix
+++ b/modules/auto-upgrade.nix
@@ -42,14 +42,16 @@ in {
       (import ../overlays/pinch.nix)
       (self: super: {
         auto-upgrade = super.writeShellScriptBin "auto-upgrade" ''
-        set -e
-        (
-          cd /etc/nixos
-          ${self.keyedgit cfg.key}/bin/git pull --ff-only --verify-signatures
-          ${self.pinch}/bin/pinch update channels
-        )
+          flock /run/auto-upgrade-with-pinch ${super.writeShellScript "auto-upgrade-with-lock-held" ''
+            set -e
+            (
+              cd /etc/nixos
+              ${self.keyedgit cfg.key}/bin/git pull --ff-only --verify-signatures
+              ${self.pinch}/bin/pinch update channels
+            )
 
-        ${config.system.build.nixos-rebuild}/bin/nixos-rebuild switch --no-build-output
+            ${config.system.build.nixos-rebuild}/bin/nixos-rebuild switch --no-build-output
+          ''}
         '';
       })
     ];
-- 
2.44.1