58 lines
1.6 KiB
Markdown
58 lines
1.6 KiB
Markdown
+++
|
||
date = '2025-10-13T00:00:01+02:00'
|
||
draft = false
|
||
title = 'NixOs update workflow'
|
||
+++
|
||
|
||
I update my NixOS systems once a week, on Sundays.
|
||
Gone are the days of frantic updates on Arch Linux for a package that changes twice a day!
|
||
|
||
I start on my desktop machine by updating the repositories and freezing the versions in Git.
|
||
It’s my anchor point — the one that validates a successful update.
|
||
|
||
```
|
||
nix flake update
|
||
git add flake.lock
|
||
git commit -m "FLAKE: update"
|
||
git push origin master
|
||
```
|
||
|
||
Then I update the desktop itself, with a bit of cleanup.
|
||
I keep eight days of generations, which means I always have a complete, stable version from the previous week.
|
||
|
||
```
|
||
sudo nixos-rebuild switch --flake $HOME/nixos-config#pennsardin --show-trace --keep-going
|
||
nix-collect-garbage --delete-older-than 8d
|
||
sudo nix-collect-garbage --delete-older-than 8d
|
||
```
|
||
Next comes the server.
|
||
I start by pulling the flake update, then rebuild:
|
||
|
||
```
|
||
ssh dunoz@terre-neuvas
|
||
cd nixos-config
|
||
git pull
|
||
sudo nixos-rebuild switch --flake $HOME/nixos-config#terre-neuvas --show-trace --keep-going
|
||
nix-collect-garbage --delete-older-than 8d
|
||
sudo nix-collect-garbage --delete-older-than 8d
|
||
```
|
||
|
||
## And if it breaks?
|
||
|
||
If an update goes wrong, I simply revert to the previous flake version on the desktop.
|
||
|
||
```
|
||
git revert HEAD
|
||
git push origin master
|
||
sudo nixos-rebuild switch --flake $HOME/nixos-config#pennsardin
|
||
```
|
||
|
||
Then on then server:
|
||
|
||
```
|
||
git pull
|
||
sudo nixos-rebuild switch --flake $HOME/nixos-config#pennsardin
|
||
```
|
||
|
||
I could use rollback, but that would create a mismatch between the Git repository and the machines — something I don’t want.
|
||
The Git repo is the sanctuary, the one that governs everything.
|