Nix System Maintenance Script for macOS

refresh-nix-mac-os.sh

#!/usr/bin/env bash

# -----------------------------------------------------------------------------
# Nix System Maintenance Script for macOS
# -----------------------------------------------------------------------------
# This script performs routine maintenance for a Nix-based system, ensuring
# that packages, flakes, and the Nix store remain up to date and optimized.
#
# Features:
#   - Checks if Nix is installed before running
#   - Ensures an active Internet connection before starting
#   - Updates both legacy (`nix-env`) and Flake-based (`nix profile`) packages
#   - Updates the global `nixpkgs` registry reference
#   - Cleans up old generations (optional: --clean)
#   - Optimizes the Nix store (optional: --optimize)
#   - Checks the system for potential configuration issues
#   - Suggests a restart if `nix` itself has been updated
#
# Usage:
#   ./maintenance-nix-macos.sh [--clean] [--optimize]
#
# Dependencies:
#   - Nix 2.4+ with `nix-command` and `flakes` enabled
#   - Available Internet access
#
# -----------------------------------------------------------------------------
# Copyright (c) 2024, 2025 Sébastien L.
# Licensed under the MIT License
# -----------------------------------------------------------------------------

set -euo pipefail

FLAKE_DIR="$HOME/.config/nix"
CLEAN=false
OPT_LONG=false

# --- FUNCTIONS ---

# --- Check if Nix is Installed ---
check_nix() {
    if ! command -v nix &>/dev/null; then
        printf "❌ Nix is not installed. Please install it first: https://nixos.org/download.html\n"
        exit 1
    fi
    printf "✅ Nix is installed.\n"
}

# --- Check Internet Connection ---
check_network() {
    if ! nc -z nixos.org 80 &>/dev/null; then
        printf "❌ An Internet connection is required! Please connect and try again.\n"
        exit 1
    fi
    printf "✅ Internet connection is reachable.\n"
}

# --- Parse Arguments ---
parse_arguments() {
    for arg in "$@"; do
        case "$arg" in
            --clean) CLEAN=true && \
                printf "🚀 Optional Clean-up was set to TRUE.\n" ;;
            --optimize) OPT_LONG=true \
                && printf "🚀 Optional Optimization was set to TRUE.\n" ;;
            *) printf "⚠️ Unknown argument: %s\n" "$arg" ;;
        esac
    done
}

# --- Update Legacy Nix Packages ---
update_legacy_packages() {
    if nix-env -q 2>/dev/null | grep -q .; then
        printf "📦 Updating legacy Nix packages ...\n"
        nix-env -u
    else
        printf "👍🏻 No legacy packages found, skipping update.\n"
    fi
}

# --- Update Flake-based Profiles ---
update_flake_profiles() {
    printf "📌 Updating Flake profiles ...\n"
    nix profile upgrade --all
}

# --- Update Flake Inputs ---
update_flake() {
    if [ -d "$FLAKE_DIR" ]; then
        printf "📌 Navigating to Flake directory: %s\n" "$FLAKE_DIR"
        cd "$FLAKE_DIR"

        if [ -f "flake.nix" ]; then
            printf "🔄 Updating Flake inputs ...\n"
            nix flake update
            printf "✅ Flake inputs updated.\n"
        else
            printf "❌ No flake.nix found in %s\n" "$FLAKE_DIR"
        fi
    else
        printf "❌ Flake directory not found: %s\n" "$FLAKE_DIR"
    fi
}

# --- Update nixpkgs Flake Globally ---
update_nixpkgs_flake() {
    printf "🌍 Updating nixpkgs Flake ...\n"
    nix registry pin nixpkgs github:NixOS/nixpkgs
}

# --- Clean Up Old Generations (if requested) ---
cleanup_old_generations() {
    if [ "$CLEAN" = true ]; then
        printf "🗑  Cleaning up old packages:\n"
        nix-collect-garbage -d
    else
        printf "⚠️ Skipping cleanup. Use '--clean' to remove old generations.\n"
    fi
}

# --- Optimize Nix Store (if requested) ---
optimize_nix_store() {
    if [ "$OPT_LONG" = true ]; then
        printf "🛠  Optimizing Nix store:\n"
        nix store optimise
    else
        printf "⚠️ Skipping optimization. Use '--optimize' to optimize Nix store.\n"
    fi
}

# --- Verify Nix Update and Suggest Restart ---
check_nix_update() {
    if [[ "$(nix --version)" != "$NIX_VERSION" ]]; then
        printf "🔄 Nix was updated. Consider restarting your shell now!\n"
    fi
}

# --- Verify Registry Update ---
verify_registry_update() {
    printf "🔍 Checking available packages in updated nixpkgs ...\n"
    nix search nixpkgs coreutils-full || printf "⚠️ Package search failed, but maintenance is complete.\n"
}

# --- Final Nix Configuration Check ---
final_nix_check() {
    printf "🛠  Running final Nix configuration check:\n"
    nix config check --extra-experimental-features nix-command || printf "⚠️ Config check found issues.\n"
}

# --- MAIN EXECUTION ---
check_nix
check_network
parse_arguments "$@"

export NIXPKGS_ALLOW_BROKEN=1
export NIXPKGS_ALLOW_UNFREE=1
export NIXPKGS_ALLOW_INSECURE=1

printf "🔄 Starting Nix system maintenance ...\n"

NIX_VERSION="$(nix --version)"
NIXPKGS_VERS_BEFORE="$(nix eval nixpkgs#lib.version --raw)"

printf "ℹ️ Current Nix version: %s\n" "$NIX_VERSION"
printf "ℹ️ Current nixpkgs version: %s\n" "$NIXPKGS_VERS_BEFORE"

update_legacy_packages
update_flake_profiles
update_flake
update_nixpkgs_flake

NIXPKGS_VERS_AFTER="$(nix eval nixpkgs#lib.version --raw)"
if [[ "$NIXPKGS_VERS_AFTER" != "$NIXPKGS_VERS_BEFORE" ]]; then
    printf "🆕 Updated nixpkgs version: %s\n" "$NIXPKGS_VERS_AFTER"
fi

cleanup_old_generations
optimize_nix_store
check_nix_update
verify_registry_update
final_nix_check

printf "✅ Nix maintenance completed successfully!\n"
exit 0