;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org>
-;;; Copyright © 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2016, 2017, 2018, 2019, 2020, 2021 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2020 Brice Waegeneire <brice@waegenei.re>
;;;
;;; This file is part of GNU Guix.
unattended-upgrade-service-type
unattended-upgrade-configuration
unattended-upgrade-configuration?
+ unattended-upgrade-configuration-operating-system-file
unattended-upgrade-configuration-channels
unattended-upgrade-configuration-schedule
unattended-upgrade-configuration-services-to-restart
(define %rotated-files
;; Syslog files subject to rotation.
'("/var/log/messages" "/var/log/secure" "/var/log/debug"
- "/var/log/maillog"))
+ "/var/log/maillog" "/var/log/mcron.log"))
(define %default-rotations
(list (log-rotation ;syslog files
(define-record-type* <unattended-upgrade-configuration>
unattended-upgrade-configuration make-unattended-upgrade-configuration
unattended-upgrade-configuration?
+ (operating-system-file unattended-upgrade-operating-system-file
+ (default "/run/current-system/configuration.scm"))
(schedule unattended-upgrade-configuration-schedule
(default "30 01 * * 0"))
(channels unattended-upgrade-configuration-channels
(define expiration
(unattended-upgrade-system-expiration config))
+ (define config-file
+ (unattended-upgrade-operating-system-file config))
+
(define code
(with-imported-modules (source-module-closure '((guix build utils)
(gnu services herd)))
(timestamp))
(exit 1))
- (define-syntax-rule (with-logging exp ...)
- (with-output-to-port log
- (lambda ()
- (with-error-to-port log
- (lambda ()
- exp ...)))))
-
;; 'guix time-machine' needs X.509 certificates to authenticate the
;; Git host.
(setenv "SSL_CERT_DIR"
(sigaction SIGALRM alarm-handler)
(alarm #$(unattended-upgrade-maximum-duration config))
- (with-logging
- (format #t "~a starting upgrade...~%" (timestamp))
- (guard (c ((invoke-error? c)
- (report-invoke-error c)))
- (invoke #$(file-append guix "/bin/guix")
- "time-machine" "-C" #$channels
- "--" "system" "reconfigure"
- "/run/current-system/configuration.scm")
-
- ;; 'guix system delete-generations' fails when there's no
- ;; matching generation. Thus, catch 'invoke-error?'.
- (guard (c ((invoke-error? c)
- (report-invoke-error c)))
- (invoke #$(file-append guix "/bin/guix")
- "system" "delete-generations"
- #$(string-append (number->string expiration)
- "s")))
-
- (format #t "~a restarting services...~%" (timestamp))
- (for-each restart-service '#$services)
-
- ;; XXX: If 'mcron' has been restarted, perhaps this isn't
- ;; reached.
- (format #t "~a upgrade complete~%" (timestamp)))))))
+ ;; Redirect stdout/stderr to LOG to save the output of 'guix' below.
+ (redirect-port log (current-output-port))
+ (redirect-port log (current-error-port))
+
+ (format #t "~a starting upgrade...~%" (timestamp))
+ (guard (c ((invoke-error? c)
+ (report-invoke-error c)))
+ (invoke #$(file-append guix "/bin/guix")
+ "time-machine" "-C" #$channels
+ "--" "system" "reconfigure" #$config-file)
+
+ ;; 'guix system delete-generations' fails when there's no
+ ;; matching generation. Thus, catch 'invoke-error?'.
+ (guard (c ((invoke-error? c)
+ (report-invoke-error c)))
+ (invoke #$(file-append guix "/bin/guix")
+ "system" "delete-generations"
+ #$(string-append (number->string expiration)
+ "s")))
+
+ (format #t "~a restarting services...~%" (timestamp))
+ (for-each restart-service '#$services)
+
+ ;; XXX: If 'mcron' has been restarted, perhaps this isn't
+ ;; reached.
+ (format #t "~a upgrade complete~%" (timestamp))))))
(define upgrade
(program-file "unattended-upgrade" code))