From 982cc4aebc06b35b7a7cbb155635790709f54a28 Mon Sep 17 00:00:00 2001
From: Simon Gardling <titaniumtown@proton.me>
Date: Thu, 16 Apr 2026 15:02:08 -0400
Subject: [PATCH] pull-update: use `writeShellApplication` instead

---
 system/pull-update.nix | 79 ++++++++++++++++++++++--------------------
 1 file changed, 41 insertions(+), 38 deletions(-)

diff --git a/system/pull-update.nix b/system/pull-update.nix
index f7b108e..3c3e100 100644
--- a/system/pull-update.nix
+++ b/system/pull-update.nix
@@ -7,50 +7,53 @@
 let
   deploy-url = "https://nix-cache.sigkill.computer/deploy/${hostname}";
 
-  pull-update = pkgs.writeShellScript "pull-update" ''
-    set -uo pipefail
-    export PATH=${
-      pkgs.lib.makeBinPath [
-        pkgs.curl
-        pkgs.coreutils
-        pkgs.nix
-        pkgs.systemd
-        pkgs.util-linux
-      ]
-    }
+  pull-update = pkgs.writeShellApplication {
+    name = "pull-update";
 
-    # wait for actual connectivity, not just networkd "up"
-    for i in $(seq 1 30); do
-      if curl -sf --max-time 5 "${deploy-url}" >/dev/null; then
-        break
+    runtimeInputs = with pkgs; [
+      pkgs.curl
+      pkgs.coreutils
+      pkgs.nix
+      pkgs.systemd
+      pkgs.util-linux
+    ];
+
+    text = ''
+      set -uo pipefail
+
+      # wait for actual connectivity, not just networkd "up"
+      for i in $(seq 1 30); do
+        if curl -sf --max-time 5 "${deploy-url}" >/dev/null; then
+          break
+        fi
+        echo "Waiting for network... ($i/30)"
+        sleep 2
+      done
+
+      STORE_PATH=$(curl -sf --max-time 30 "${deploy-url}" || true)
+
+      if [ -z "$STORE_PATH" ]; then
+        echo "Server unreachable or no deployment available, skipping"
+        exit 0
       fi
-      echo "Waiting for network... ($i/30)"
-      sleep 2
-    done
 
-    STORE_PATH=$(curl -sf --max-time 30 "${deploy-url}" || true)
+      CURRENT=$(readlink -f /nix/var/nix/profiles/system)
+      if [ "$CURRENT" = "$STORE_PATH" ]; then
+        echo "Already on latest configuration"
+        exit 0
+      fi
 
-    if [ -z "$STORE_PATH" ]; then
-      echo "Server unreachable or no deployment available, skipping"
-      exit 0
-    fi
+      echo "Update available: $CURRENT -> $STORE_PATH"
 
-    CURRENT=$(readlink -f /nix/var/nix/profiles/system)
-    if [ "$CURRENT" = "$STORE_PATH" ]; then
-      echo "Already on latest configuration"
-      exit 0
-    fi
+      nix-store -r "$STORE_PATH" || { echo "Failed to fetch closure"; exit 1; }
+      nix-env -p /nix/var/nix/profiles/system --set "$STORE_PATH" || { echo "Failed to set profile"; exit 1; }
+      "$STORE_PATH/bin/switch-to-configuration" boot || { echo "Failed to install boot entry"; exit 1; }
 
-    echo "Update available: $CURRENT -> $STORE_PATH"
-
-    nix-store -r "$STORE_PATH" || { echo "Failed to fetch closure"; exit 1; }
-    nix-env -p /nix/var/nix/profiles/system --set "$STORE_PATH" || { echo "Failed to set profile"; exit 1; }
-    "$STORE_PATH/bin/switch-to-configuration" boot || { echo "Failed to install boot entry"; exit 1; }
-
-    wall "System update installed. Rebooting in 10 seconds..."
-    sleep 10
-    systemctl reboot
-  '';
+      wall "System update installed. Rebooting in 10 seconds..."
+      sleep 10
+      systemctl reboot
+    '';
+  };
 in
 {
   systemd.services.pull-update = {