I’m new to flakes and have the flake files in a directory of my main user. I’m using nh as a helper and it works as expected. I’m on nixos unstable and recently there have been several times when nixos wouldn’t build because of errors in nixpkgs. In this case, i could revert the flake.lock file to its last working version (using git) and the system would build again (when telling nh to use the flake.lock file as-is and not to update the inputs).
My problem is this:
Whenever nixos-upgrade is run, it apparently updates the inputs persistently so that my system doesn’t build anymore although i’m still using the old flake.lock that is supposed to work. I don’t understand this, as i thought that only the flake.lock file is relevant when building and all inputs are defined in it reproducibly. So after nixos-upgrade has updated the inputs, i can’t revert them to their working versions anymore.
So i must be missing something. Can someone please explain to me, why nixos is behaving this way and if there is something i can do to have it behave the way i want?
Sorry, it’s the name of the systemd service that is created when you set system.autoUpgrade.enable = true;.
I guess that my problem has got to do with the systemd service running as root while nh is run as a user and root privileges are only needed when activating the derivation that nh built as a user.
But i don’t understand how the sytemd service can impact nh which is running as a user with an unchanged flake.lock file.
I thought that if i build the flake as a user then nixos-rebuild uses the inputs that are laid down in the flake.lock file so i don’t understand why the updated inputs from the system service are kept.
I just checked out an even older version of flake.lock via git but this still has no effect. I don’t understand what is happening.
I will certainly disable system.autoUpgrade as soon as the unstable channel updates and i can build again because it doesn’t go along with nh but i’m curious why that is the case.