1.6 KiB
+++ date = '2025-10-13T00:00:01+02:00' draft = false title = 'NixOs update workflow' +++
I update my NixOS systems once a week, on Sundays. Gone are the days of frantic updates on Arch Linux for a package that changes twice a day!
I start on my desktop machine by updating the repositories and freezing the versions in Git. It’s my anchor point — the one that validates a successful update.
nix flake update
git add flake.lock
git commit -m "FLAKE: update"
git push origin master
Then I update the desktop itself, with a bit of cleanup. I keep eight days of generations, which means I always have a complete, stable version from the previous week.
sudo nixos-rebuild switch --flake $HOME/nixos-config#pennsardin --show-trace --keep-going
nix-collect-garbage --delete-older-than 8d
sudo nix-collect-garbage --delete-older-than 8d
Next comes the server. I start by pulling the flake update, then rebuild:
ssh dunoz@terre-neuvas
cd nixos-config
git pull
sudo nixos-rebuild switch --flake $HOME/nixos-config#terre-neuvas --show-trace --keep-going
nix-collect-garbage --delete-older-than 8d
sudo nix-collect-garbage --delete-older-than 8d
And if it breaks?
If an update goes wrong, I simply revert to the previous flake version on the desktop.
git revert HEAD
git push origin master
sudo nixos-rebuild switch --flake $HOME/nixos-config#pennsardin
Then on then server:
git pull
sudo nixos-rebuild switch --flake $HOME/nixos-config#pennsardin
I could use rollback, but that would create a mismatch between the Git repository and the machines — something I don’t want. The Git repo is the sanctuary, the one that governs everything.