Use the newly-published channel for unattended upgrades

author: Timo Wilken 2023-05-25 22:51:25 +0200
committer: Timo Wilken 2023-05-25 23:31:13 +0200
commit: a2ca0bfe64119a03ebfc9c757e6de385f86b85af (patch)
tree: 00438c303fbb5085e5a898cd828365fb4b7d1e45 /tw/system
parent: 912862c022e3543a1a170195a731389b59072e7b (diff)
2 files changed, 16 insertions, 43 deletions
diff --git a/tw/system/lap.scm b/tw/system/lap.scm
index 1bc722d4..e9df3abf 100644
--- a/tw/system/lap.scm
+++ b/tw/system/lap.scm
@@ -17,6 +17,7 @@
   #:use-module (nongnu packages scanner)
   #:use-module (nongnu system linux-initrd)
   #:use-module (nonguix licenses)
+  #:use-module (tw channels)
   #:use-module (tw services wireguard)
   #:use-module (tw system))
 
@@ -74,32 +75,6 @@ EndSection
    (keyboard-layout %british-keyboard)
    (extra-config (list touchpad-xorg-config))))
 
-(define system-channels
-  #~(begin
-      (use-modules (guix channels))
-      (cons* (channel
-              (name 'nonguix)
-              (url "https://gitlab.com/nonguix/nonguix")
-              ;; Enable signature verification:
-              (introduction
-               (make-channel-introduction
-                "897c1a470da759236cc11798f4e0a5f7d4d59fbc"
-                (openpgp-fingerprint
-                 "2A39 3FFF 68F4 EF7A 3D29  12AF 6F51 20A0 22FB B2D5"))))
-             %default-channels)))
-
-;; Nonguix substitute server's signing key.
-;; From <https://substitutes.nonguix.org/signing-key.pub>.
-(define nonguix-signing-key
-  (plain-file "nonguix-signing-key.pub" "\
-(public-key
- (ecc
-  (curve Ed25519)
-  (q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#)
-  )
- )
-"))
-
 (define set-timezone-script
   ;; Every time we connect to a network, get our timezone from network geolocation.
   ;; https://wiki.archlinux.org/title/System_time
@@ -372,13 +347,11 @@ support extra features (acr, pmu, gr).")
 
       (service unattended-upgrade-service-type
         (unattended-upgrade-configuration
-         (schedule "0 21 * * *")   ; every night at 21:00, when the laptop is turned on
-         (maximum-duration (* 40 60))   ; 40 minutes
-         (channels system-channels)
+         (schedule "0 21 * * *")       ; every night at 21:00, when the laptop is turned on
+         (maximum-duration (* 40 60))  ; 40 minutes to allow for slow downloads
+         (channels %system-channels)
          (operating-system-expression
-          #~(begin
-              (set! %load-path (cons "/home/timo/src/guix-decls" %load-path))
-              (@ (tw system lap) %lap-system)))
+          #~(@ (tw system lap) %lap-system))
          (services-to-restart
           ;; Anything that won't cause disruption when restarting.
           '(syncthing-timo earlyoom thermald tlp wireguard-wg0 mcron))))
@@ -392,20 +365,10 @@ support extra features (acr, pmu, gr).")
                      (string-append #$(file-append util-linux "/sbin/fstrim")
                                     " --fstab --verbose"))))
 
-      ;; The nonguix channel is added to channels.scm as an `extra-special-file'.
-      ;; The gaming channel (https://gitlab.com/guix-gaming-channels) is per-user only.
-      (simple-service 'nonguix guix-service-type
-        (guix-extension
-         (authorized-keys (list nonguix-signing-key))
-         (substitute-urls '("https://substitutes.nonguix.org"))))
-
-      (extra-special-file "/etc/guix/channels.scm"
-                          (scheme-file "channels.scm" system-channels))
-
       (extra-special-file "/etc/NetworkManager/dispatcher.d/09-set-timezone"
                           (program-file "set-timezone" set-timezone-script))
 
-      (modify-services %desktop-services
+      (modify-services (append %system-channel-services %desktop-services)
         (gdm-service-type
          config =>
          (gdm-configuration
diff --git a/tw/system/vin.scm b/tw/system/vin.scm
index 8dfbd2df..5b190756 100644
--- a/tw/system/vin.scm
+++ b/tw/system/vin.scm
@@ -1,12 +1,14 @@
 (define-module (tw system vin)
   #:use-module (gnu)
   #:use-module (gnu bootloader grub)
+  #:use-module (gnu services admin)    ; unattended-upgrade-service-type
   #:use-module (gnu services docker)
   #:use-module (gnu services dbus)
   #:use-module (gnu services desktop)  ; elogind-service-type
   #:use-module (gnu system locale)
   #:use-module (gnu system nss)
   #:use-module (guix gexp)
+  #:use-module (tw channels)
   #:use-module (tw services grafana)
   #:use-module (tw services restic)
   #:use-module (tw system))
@@ -111,6 +113,14 @@
       (service dbus-root-service-type)  ; required by `docker-service-type'
       (service elogind-service-type)    ; required by `docker-service-type'
 
+      (service unattended-upgrade-service-type
+        (unattended-upgrade-configuration
+         (schedule "22 07 * * sat")    ; 07:22 every Saturday morning
+         (maximum-duration (* 40 60))  ; 40 minutes to allow for slow downloads
+         (channels %system-channels)
+         (operating-system-expression
+          #~(@ (tw system vin) %vin-system))))
+
       (server-base-services host-name)))
 
     ;; The list of user accounts ('root' is implicit).
author	Timo Wilken	2023-05-25 22:51:25 +0200
committer	Timo Wilken	2023-05-25 23:31:13 +0200
commit	a2ca0bfe64119a03ebfc9c757e6de385f86b85af (patch)
tree	00438c303fbb5085e5a898cd828365fb4b7d1e45 /tw/system
parent	912862c022e3543a1a170195a731389b59072e7b (diff)