configurations/linux: diff on activation

commit 606b6cd4764898c6416fad9572d51e71714a7ae9
parent 2fab1f6dbbf77a8aeb7b1dbf9e0a09c115a3a759
Author: Katja (ctucx) <git@ctu.cx>
Date: Fri, 21 Feb 2025 13:17:11 +0100

configurations/linux: diff on activation

1 file changed, 22 insertions(+), 2 deletions(-)

configurations/linux/default.nix

++++++++++++++++++++++--

diff --git a/configurations/linux/default.nix b/configurations/linux/default.nix
@@ -18,8 +18,28 @@
     targetPort    = lib.mkDefault (lib.head config.services.openssh.ports);
   };
 
-  system.nixos.revision      = lib.mkIf (inputs.nixpkgs.sourceInfo ? rev) inputs.nixpkgs.sourceInfo.rev;
-  system.nixos.versionSuffix = ".${lib.substring 0 8 (inputs.nixpkgs.sourceInfo.lastModifiedDate or inputs.nixpkgs.sourceInfo.lastModified or "19700101")}.${inputs.nixpkgs.sourceInfo.shortRev or "dirty"}";
+  system = {
+    nixos.revision      = lib.mkIf (inputs.nixpkgs.sourceInfo ? rev) inputs.nixpkgs.sourceInfo.rev;
+    nixos.versionSuffix = ".${lib.substring 0 8 (inputs.nixpkgs.sourceInfo.lastModifiedDate or inputs.nixpkgs.sourceInfo.lastModified or "19700101")}.${inputs.nixpkgs.sourceInfo.shortRev or "dirty"}";
+    # thanks piegames (https://git.darmstadt.ccc.de/piegames/home-config/-/blob/master/modules/generic.nix#L84)
+    activationScripts.diff = {
+      supportsDryActivation = true;
+      text = ''
+        ${pkgs.nvd}/bin/nvd --color=always --nix-bin-dir=${pkgs.nix}/bin diff "$(readlink /run/current-system)" "$systemConfig"
+        # Ignore "failures" because these tools have weird exit codes
+        ${pkgs.colordiff}/bin/colordiff --nobanner --fakeexitcode --color=always -ur -I '\/nix\/store' \
+          -- "$(readlink /run/current-system)/activate" "$systemConfig/activate" | ${pkgs.gnugrep}/bin/grep -v "^Binary files" || true
+        ${pkgs.colordiff}/bin/colordiff --nobanner --fakeexitcode --color=always -ur -I '\/nix\/store' \
+          -x "os-release" -x "issue" \
+          -- "$(readlink /run/current-system)/etc" "$systemConfig/etc" | ${pkgs.gnugrep}/bin/grep -v "^Binary files" || true
+        ${pkgs.colordiff}/bin/colordiff --nobanner --fakeexitcode --color=always -ur -I '\/nix\/store' \
+          -x "environment.d" \
+          -x "hwdb.d" \
+          -- "$(readlink /run/current-system)/systemd" "$systemConfig/systemd" | ${pkgs.gnugrep}/bin/grep -v "^Binary files" || true
+      '';
+    };
+  };
+
 
   networking.hostName = lib.mkDefault args.name;
   networking.domain   = lib.mkDefault "ctu.cx";