From be45d3ed52812a84b67c9174c153bf1bd1800c7c Mon Sep 17 00:00:00 2001
From: Alexander Tomokhov <alexoundos@selfprivacy.org>
Date: Thu, 28 Dec 2023 10:42:58 +0400
Subject: [PATCH] systemd.services.nixos-upgrade.serviceConfig.ExecStartPre

---
 configuration.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/configuration.nix b/configuration.nix
index e91b7f6..5cce9b3 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -86,7 +86,18 @@
   system.autoUpgrade = {
     enable = config.selfprivacy.autoUpgrade.enable;
     allowReboot = config.selfprivacy.autoUpgrade.allowReboot;
+    # TODO get attribute name from selfprivacy options
+    flake = "/etc/nixos#default";
   };
+  # TODO parameterize URL somehow; run nix flake update as non-root user
+  systemd.services.nixos-upgrade.serviceConfig.ExecStartPre =
+    lib.trivial.throwIf
+      (lib.strings.versionAtLeast config.nix.package.version "2.19")
+      "nix flake update usage is not updated to breaking 2.19"
+      ''
+        ${config.nix.package.out}/bin/nix flake update /etc/nixos \
+        --override-input selfprivacy-nixos-config git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git?ref=flakes
+      '';
   nix = {
     channel.enable = false;