(define-module (px services enterprise) #:use-module (gnu packages bash) #:use-module (gnu packages databases) #:use-module (gnu services) #:use-module (gnu services shepherd) #:use-module (guix gexp) #:use-module (guix records) #:use-module (ice-9 match) #:export (px-channel-migration-configuration px-channel-migration-service-type)) ;;; ;;; Channel Migration Service ;;; (define-record-type* px-channel-migration-configuration make-px-channel-migration-configuration px-channel-migration-configuration? (profile px-channel-migration-configuration-profile ;; path to profile we want to migrate (root) (default "/root/.config/guix/current")) (config px-channel-migration-configuration-config ;; path to system configuration file (default "/etc/system.scm")) (channels px-channel-migration-configuration-channels ;; path to channels file (default "/etc/guix/channels.scm")) (branch px-channel-migration-configuration-branch) ;; target branch that we want to migrate to (timeout px-channel-migration-configuration-timeout ;; timeout before start the migration (default 60))) (define (px-channel-migration->script config) (match config (($ profile config channels branch timeout) (computed-file "px-channel-migration.sh" #~(begin (call-with-output-file #$output (lambda (port) (format port "# AUTO GENERATED BY: px-channel-migration-service GUIX_PROFILE=~a SYSTEM_CONFIG=~a SYSTEM_CHANNELS=~a TARGET_BRANCH=~a START_TIMEOUT=~a RETRY_TIMEOUT=15 echo \"--------------------------------------------\" echo \">>> service started\" echo \">>> Sleep for $START_TIMEOUT\" sleep $START_TIMEOUT UPGRADE_FILE=/etc/last_unattended_upgrade.txt if [ -f $UPGRADE_FILE ]; then BOOT_TIME=$(cat /proc/stat | grep btime | awk '{print $2}') LAST_UPGRADE=$(cat $UPGRADE_FILE) if [ $BOOT_TIME -lt $LAST_UPGRADE ]; then echo 'Migration ran once since last reboot. Exiting...' exit 0 fi fi echo \">>> Profile Path: $GUIX_PROFILE\" . \"$GUIX_PROFILE/etc/profile\" echo \">>> System status:\" guix describe current_branch=$(guix describe --format=recutils | ~a -e \"name='guix'\" -P 'branch') # if [ \"$current_branch\" == \"$TARGET_BRANCH\" ]; then # echo \"Machine already migrated\" # exit 0 # fi echo \">>> Pull latest changes\" guix pull --allow-downgrades --disable-authentication if [ $? -ne 0 ]; then echo 'ERROR: Pull Failed' exit 1 fi echo \">>> Start system reconfigure\" function perform_reconfigure { guix time-machine --disable-authentication --channels=$SYSTEM_CHANNELS \ -- system reconfigure --allow-downgrades $SYSTEM_CONFIG } perform_reconfigure while [ $? -ne 0 ]; do echo \"ERROR: reconfigure failed. retry in $RETRY_TIMEOUT seconds.\" sleep $RETRY_TIMEOUT perform_reconfigure done guix describe echo $(date +'%s') > $UPGRADE_FILE echo \">>> Device channels migrated successfully.\" " #$profile #$config #$channels #$branch #$timeout #$(file-append recutils "/bin/recsel"))))))))) (define (px-channel-migration-shepherd-service config) (match config (($ ...) (let ((script (px-channel-migration->script config))) (list (shepherd-service (provision '(px-channel-migration)) (documentation "Migrate device channels to new references") (requirement '(networking user-processes)) (one-shot? #t) (start #~(make-forkexec-constructor (list (string-append #$bash "/bin/bash") #$script) #:environment-variables (cons* "HOME=/root" "XDG_DATA_HOME=/root/.local/share" "XDG_CONFIG_HOME=/root/.config" "SSL_CERT_DIR=/run/current-system/profile/etc/ssl/certs" "SSL_CERT_FILE=/run/current-system/profile/etc/ssl/certs/ca-certificates.crt" (default-environment-variables)) #:log-file "/var/log/px-channel-migration.log")) (stop #~(make-kill-destructor)))))))) (define px-channel-migration-service-type (service-type (name 'px-channel-migration) (description "Migrate device channels to new references") (extensions (list (service-extension shepherd-root-service-type px-channel-migration-shepherd-service)))))