Seamless nixos-rebuild switch with network restart

I’m updating my machines using nixos-rebuild --target-host ... --flake .#... switch from a single machines. All machines are accessed through VPN (Nebula). When Nebula’s configuration (or its dependencies) is updated, nixos-rebuild restarts systemd’s service for nebula and network is temporary unavailable. This causes nixos-rebuild to hang and eventually timeout.

Is there a way to handle this scenario more gracefully? Failing fast would be better than nothing (I can always run nixos-rebuild twice), however, making nixos-rebuild work directly (or using different tool) would be the best


If a downtime is allowed the easiest would be to do a nixos-rebuild boot and afterwards reboot the machine.

Adopting Deploy Targets: Policy/Behavior-free Deployment Hooks (auto-rollbacks, drain events, etc.) by grahamc · Pull Request #1245 · NixOS/nixops · GitHub semantics or similar in NixOS, but someone has to do the work :).

1 Like

I used to do this, however, running nixos-rebuild switch twice in a row is less disruptive in practice for my use cases