feat: only keep the previous 5 generations bootable

2025-09-27 12:39:07 +05:00
parent ca47e15309
commit 63a06ca3ec
3 changed files with 42 additions and 34 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -55,11 +55,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1756733629,
+        "lastModified": 1757508292,
-        "narHash": "sha256-dwWGlDhcO5SMIvMSTB4mjQ5Pvo2vtxvpIknhVnSz2I8=",
+        "narHash": "sha256-7lVWL5bC6xBIMWWDal41LlGAG+9u2zUorqo3QCUL4p4=",
        "owner": "nix-community",
        "repo": "disko",
-        "rev": "a5c4f2ab72e3d1ab43e3e65aa421c6f2bd2e12a1",
+        "rev": "146f45bee02b8bd88812cfce6ffc0f933788875a",
        "type": "github"
      },
      "original": {
@@ -172,11 +172,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1756903364,
+        "lastModified": 1757809953,
-        "narHash": "sha256-vZh/YH2D7oDFek10r0TbGn3qJrqGv69sSP+oF8PFDqQ=",
+        "narHash": "sha256-29mlXbfAJhz9cWVrPP4STvVPDVZFCfCOmaIN5lFJa+Y=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "6159629d05a0e92bb7fb7211e74106ae1d552401",
+        "rev": "17a10049486f6698fca32097d8f52c0c895542b0",
        "type": "github"
      },
      "original": {
@@ -230,11 +230,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1755678602,
+        "lastModified": 1757542864,
-        "narHash": "sha256-uEC5O/NIUNs1zmc1aH1+G3GRACbODjk2iS0ET5hXtuk=",
+        "narHash": "sha256-8i9tsVoOmLQDHJkNgzJWnmxYFGkJNsSndimYpCoqmoA=",
        "owner": "hyprwm",
        "repo": "hyprgraphics",
-        "rev": "157cc52065a104fc3b8fa542ae648b992421d1c7",
+        "rev": "aa9d14963b94186934fd0715d9a7f0f2719e64bb",
        "type": "github"
      },
      "original": {
@@ -259,11 +259,11 @@
        "xdph": "xdph"
      },
      "locked": {
-        "lastModified": 1756811803,
+        "lastModified": 1757811161,
-        "narHash": "sha256-03zmDvAU+VLPWHv5uxfGVR6bs/SnCYeZ8hbedK/Eb/M=",
+        "narHash": "sha256-laCB71qgn9Eht7bH1nobIzEiR5r7WRHAB7XHHxLTiLQ=",
        "owner": "hyprwm",
        "repo": "Hyprland",
-        "rev": "127aab815908ecbd3db4d23f127d2e96b79855f9",
+        "rev": "559024c3314e4b1180b10b80fce4e9f20bad14c8",
        "type": "github"
      },
      "original": {
@@ -352,11 +352,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1753819801,
+        "lastModified": 1757508108,
-        "narHash": "sha256-tHe6XeNeVeKapkNM3tcjW4RuD+tB2iwwoogWJOtsqTI=",
+        "narHash": "sha256-bTYedtQFqqVBAh42scgX7+S3O6XKLnT6FTC6rpmyCCc=",
        "owner": "hyprwm",
        "repo": "hyprland-qtutils",
-        "rev": "b308a818b9dcaa7ab8ccab891c1b84ebde2152bc",
+        "rev": "119bcb9aa742658107b326c50dcd24ab59b309b7",
        "type": "github"
      },
      "original": {
@@ -381,11 +381,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1753622892,
+        "lastModified": 1756810301,
-        "narHash": "sha256-0K+A+gmOI8IklSg5It1nyRNv0kCNL51duwnhUO/B8JA=",
+        "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=",
        "owner": "hyprwm",
        "repo": "hyprlang",
-        "rev": "23f0debd2003f17bd65f851cd3f930cff8a8c809",
+        "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931",
        "type": "github"
      },
      "original": {
@@ -490,11 +490,11 @@
    },
    "nixos-hardware": {
      "locked": {
-        "lastModified": 1756750488,
+        "lastModified": 1757775351,
-        "narHash": "sha256-e4ZAu2sjOtGpvbdS5zo+Va5FUUkAnizl4wb0/JlIL2I=",
+        "narHash": "sha256-xWsxmNHwt9jV/yFJqzsNeilpH4BR8MPe44Yt0eaGAIM=",
        "owner": "NixOS",
        "repo": "nixos-hardware",
-        "rev": "47eb4856cfd01eaeaa7bb5944a0f27db8fb9b94a",
+        "rev": "f89c620d3d6e584d98280b48f0af7be4f8506ab5",
        "type": "github"
      },
      "original": {
@@ -505,11 +505,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1756266583,
+        "lastModified": 1757487488,
-        "narHash": "sha256-cr748nSmpfvnhqSXPiCfUPxRz2FJnvf/RjJGvFfaCsM=",
+        "narHash": "sha256-zwE/e7CuPJUWKdvvTCB7iunV4E/+G0lKfv4kk/5Izdg=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "8a6d5427d99ec71c64f0b93d45778c889005d9c2",
+        "rev": "ab0f3607a6c7486ea22229b92ed2d355f1482ee0",
        "type": "github"
      },
      "original": {
@@ -537,11 +537,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1756787288,
+        "lastModified": 1757745802,
-        "narHash": "sha256-rw/PHa1cqiePdBxhF66V7R+WAP8WekQ0mCDG4CFqT8Y=",
+        "narHash": "sha256-hLEO2TPj55KcUFUU1vgtHE9UEIOjRcH/4QbmfHNF820=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "d0fc30899600b9b3466ddb260fd83deb486c32f1",
+        "rev": "c23193b943c6c689d70ee98ce3128239ed9e32d1",
        "type": "github"
      },
      "original": {
@@ -561,11 +561,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1755960406,
+        "lastModified": 1757588530,
-        "narHash": "sha256-RF7j6C1TmSTK9tYWO6CdEMtg6XZaUKcvZwOCD2SICZs=",
+        "narHash": "sha256-tJ7A8mID3ct69n9WCvZ3PzIIl3rXTdptn/lZmqSS95U=",
        "owner": "cachix",
        "repo": "git-hooks.nix",
-        "rev": "e891a93b193fcaf2fc8012d890dc7f0befe86ec2",
+        "rev": "b084b2c2b6bc23e83bbfe583b03664eb0b18c411",
        "type": "github"
      },
      "original": {
@@ -641,11 +641,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1754988908,
+        "lastModified": 1757847158,
-        "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
+        "narHash": "sha256-TumOaykhZO8SOs/faz6GQhqkOcFLoQvESLSF1cJ4mZc=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
+        "rev": "ee6f91c1c11acf7957d94a130de77561ec24b8ab",
        "type": "github"
      },
      "original": {
--- a/hosts/nixos/rihla/default.nix
+++ b/hosts/nixos/rihla/default.nix
@@ -92,7 +92,10 @@
  boot = {
    loader = {
      # Set this to true on first install. This must be false for secure boot.
-      systemd-boot.enable = lib.mkForce (!config.hostSpec.secureBoot);
+      systemd-boot = {
        enable = lib.mkForce (!config.hostSpec.secureBoot);
        configurationLimit = config.hostSpec.bootHistoryLimit;
      };
      efi.canTouchEfiVariables = true;
    };
--- a/modules/common/host-spec.nix
+++ b/modules/common/host-spec.nix
@@ -40,6 +40,11 @@
      description = "Whether or not secure boot has been enabled";
      default = false;
    };
    bootHistoryLimit = lib.mkOption {
      type = lib.types.int;
      description = "How many generations to keep bootable in history";
      default = 3;
    };
    impermanance = lib.mkOption {
      type = lib.types.bool;
      description = "Whether or not to enable impermenance";