From 63a06ca3ec4a788fa1b645a907f67243a887c992 Mon Sep 17 00:00:00 2001 From: Shahab Dogar Date: Sat, 27 Sep 2025 12:39:07 +0500 Subject: [PATCH] feat: only keep the previous 5 generations bootable --- flake.lock | 66 +++++++++++++++++------------------ hosts/nixos/rihla/default.nix | 5 ++- modules/common/host-spec.nix | 5 +++ 3 files changed, 42 insertions(+), 34 deletions(-) diff --git a/flake.lock b/flake.lock index 4560256..6b6fba3 100644 --- a/flake.lock +++ b/flake.lock @@ -55,11 +55,11 @@ ] }, "locked": { - "lastModified": 1756733629, - "narHash": "sha256-dwWGlDhcO5SMIvMSTB4mjQ5Pvo2vtxvpIknhVnSz2I8=", + "lastModified": 1757508292, + "narHash": "sha256-7lVWL5bC6xBIMWWDal41LlGAG+9u2zUorqo3QCUL4p4=", "owner": "nix-community", "repo": "disko", - "rev": "a5c4f2ab72e3d1ab43e3e65aa421c6f2bd2e12a1", + "rev": "146f45bee02b8bd88812cfce6ffc0f933788875a", "type": "github" }, "original": { @@ -172,11 +172,11 @@ ] }, "locked": { - "lastModified": 1756903364, - "narHash": "sha256-vZh/YH2D7oDFek10r0TbGn3qJrqGv69sSP+oF8PFDqQ=", + "lastModified": 1757809953, + "narHash": "sha256-29mlXbfAJhz9cWVrPP4STvVPDVZFCfCOmaIN5lFJa+Y=", "owner": "nix-community", "repo": "home-manager", - "rev": "6159629d05a0e92bb7fb7211e74106ae1d552401", + "rev": "17a10049486f6698fca32097d8f52c0c895542b0", "type": "github" }, "original": { @@ -230,11 +230,11 @@ ] }, "locked": { - "lastModified": 1755678602, - "narHash": "sha256-uEC5O/NIUNs1zmc1aH1+G3GRACbODjk2iS0ET5hXtuk=", + "lastModified": 1757542864, + "narHash": "sha256-8i9tsVoOmLQDHJkNgzJWnmxYFGkJNsSndimYpCoqmoA=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "157cc52065a104fc3b8fa542ae648b992421d1c7", + "rev": "aa9d14963b94186934fd0715d9a7f0f2719e64bb", "type": "github" }, "original": { @@ -259,11 +259,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1756811803, - "narHash": "sha256-03zmDvAU+VLPWHv5uxfGVR6bs/SnCYeZ8hbedK/Eb/M=", + "lastModified": 1757811161, + "narHash": "sha256-laCB71qgn9Eht7bH1nobIzEiR5r7WRHAB7XHHxLTiLQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "127aab815908ecbd3db4d23f127d2e96b79855f9", + "rev": "559024c3314e4b1180b10b80fce4e9f20bad14c8", "type": "github" }, "original": { @@ -352,11 +352,11 @@ ] }, "locked": { - "lastModified": 1753819801, - "narHash": "sha256-tHe6XeNeVeKapkNM3tcjW4RuD+tB2iwwoogWJOtsqTI=", + "lastModified": 1757508108, + "narHash": "sha256-bTYedtQFqqVBAh42scgX7+S3O6XKLnT6FTC6rpmyCCc=", "owner": "hyprwm", "repo": "hyprland-qtutils", - "rev": "b308a818b9dcaa7ab8ccab891c1b84ebde2152bc", + "rev": "119bcb9aa742658107b326c50dcd24ab59b309b7", "type": "github" }, "original": { @@ -381,11 +381,11 @@ ] }, "locked": { - "lastModified": 1753622892, - "narHash": "sha256-0K+A+gmOI8IklSg5It1nyRNv0kCNL51duwnhUO/B8JA=", + "lastModified": 1756810301, + "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "23f0debd2003f17bd65f851cd3f930cff8a8c809", + "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", "type": "github" }, "original": { @@ -490,11 +490,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1756750488, - "narHash": "sha256-e4ZAu2sjOtGpvbdS5zo+Va5FUUkAnizl4wb0/JlIL2I=", + "lastModified": 1757775351, + "narHash": "sha256-xWsxmNHwt9jV/yFJqzsNeilpH4BR8MPe44Yt0eaGAIM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "47eb4856cfd01eaeaa7bb5944a0f27db8fb9b94a", + "rev": "f89c620d3d6e584d98280b48f0af7be4f8506ab5", "type": "github" }, "original": { @@ -505,11 +505,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1756266583, - "narHash": "sha256-cr748nSmpfvnhqSXPiCfUPxRz2FJnvf/RjJGvFfaCsM=", + "lastModified": 1757487488, + "narHash": "sha256-zwE/e7CuPJUWKdvvTCB7iunV4E/+G0lKfv4kk/5Izdg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8a6d5427d99ec71c64f0b93d45778c889005d9c2", + "rev": "ab0f3607a6c7486ea22229b92ed2d355f1482ee0", "type": "github" }, "original": { @@ -537,11 +537,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1756787288, - "narHash": "sha256-rw/PHa1cqiePdBxhF66V7R+WAP8WekQ0mCDG4CFqT8Y=", + "lastModified": 1757745802, + "narHash": "sha256-hLEO2TPj55KcUFUU1vgtHE9UEIOjRcH/4QbmfHNF820=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d0fc30899600b9b3466ddb260fd83deb486c32f1", + "rev": "c23193b943c6c689d70ee98ce3128239ed9e32d1", "type": "github" }, "original": { @@ -561,11 +561,11 @@ ] }, "locked": { - "lastModified": 1755960406, - "narHash": "sha256-RF7j6C1TmSTK9tYWO6CdEMtg6XZaUKcvZwOCD2SICZs=", + "lastModified": 1757588530, + "narHash": "sha256-tJ7A8mID3ct69n9WCvZ3PzIIl3rXTdptn/lZmqSS95U=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "e891a93b193fcaf2fc8012d890dc7f0befe86ec2", + "rev": "b084b2c2b6bc23e83bbfe583b03664eb0b18c411", "type": "github" }, "original": { @@ -641,11 +641,11 @@ ] }, "locked": { - "lastModified": 1754988908, - "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=", + "lastModified": 1757847158, + "narHash": "sha256-TumOaykhZO8SOs/faz6GQhqkOcFLoQvESLSF1cJ4mZc=", "owner": "Mic92", "repo": "sops-nix", - "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48", + "rev": "ee6f91c1c11acf7957d94a130de77561ec24b8ab", "type": "github" }, "original": { diff --git a/hosts/nixos/rihla/default.nix b/hosts/nixos/rihla/default.nix index 337719a..c476b21 100644 --- a/hosts/nixos/rihla/default.nix +++ b/hosts/nixos/rihla/default.nix @@ -92,7 +92,10 @@ boot = { loader = { # Set this to true on first install. This must be false for secure boot. - systemd-boot.enable = lib.mkForce (!config.hostSpec.secureBoot); + systemd-boot = { + enable = lib.mkForce (!config.hostSpec.secureBoot); + configurationLimit = config.hostSpec.bootHistoryLimit; + }; efi.canTouchEfiVariables = true; }; diff --git a/modules/common/host-spec.nix b/modules/common/host-spec.nix index 7c58858..71fec22 100644 --- a/modules/common/host-spec.nix +++ b/modules/common/host-spec.nix @@ -40,6 +40,11 @@ description = "Whether or not secure boot has been enabled"; default = false; }; + bootHistoryLimit = lib.mkOption { + type = lib.types.int; + description = "How many generations to keep bootable in history"; + default = 3; + }; impermanance = lib.mkOption { type = lib.types.bool; description = "Whether or not to enable impermenance";