Mastodawn

Tired of SSH-ing into every NixOS machine to run updates? New guide on how to automate it: CI updates flake.lock daily, shows you exactly what changed per host, and machines self-upgrade after you merge. No surprises, no manual SSH.

Works also for your desktop machines.

https://getnix.io/guides/nixos-auto-upgrades/

#Nix #NixOS #CI #IaC #GitOps

Automatic NixOS Upgrades with Forgejo Actions

Keep NixOS servers and desktops up-to-date automatically — CI updates flake.lock, hosts self-upgrade daily, and you review a diff before anything deploys.

Show thread

Alex Oberhauser

One potential optimization for the automatic NixOS upgrade via CI is to avoid creating a pull request if the flake update doesn’t impact any installed software.

In such cases, the update would only modify the flake.lock file, leaving the actual state of the machines unchanged.