Updating unreliable appliances

We’re looking for a way to push updates to appliances that are shipped to customers and not always online. Are there any existing tools for this?

If there aren’t, this is what I had in mind:

  1. Our Hydra instance builds NixOS system closures and pushes them to S3.
  2. The system closures have a post build hook that writes the store path to a “latest version” file online.
  3. The appliances have a system service that periodically checks the latest system closure. If it is not yet in use, the service will download the closure, update the system profile, run switch-to-configuration, and schedule a garbage collection.

Does this process make sense?

I think you’re looking for a pull-based deployment tool, maybe something like bento.

There might be others at this point, not sure how maintained bento specifically is (or needs to be).


Thanks. As far as I can tell though, Bento uses SFTP, which is not very cost-effective at a scale.

It also seems to be source-based, meaning that the Nix files are downloaded and then evaluated on the clients themselves. This is not great for devices with small amounts of RAM, and isn’t great from a security perspective, either - ideally, we’d keep as much code as we can private.

See also Cachix Deploy — documentation, it’s free :slight_smile:

1 Like