NixOS `apply` script (#344407)

for subsequent boots:

```ShellSession

# /run/current-system/bin/switch-to-configuration boot

# /run/current-system/bin/apply boot

```

Second, you can switch to the previous configuration in a running

This is equivalent to running:

```ShellSession

# /nix/var/nix/profiles/system-N-link/bin/switch-to-configuration switch

# /nix/var/nix/profiles/system-N-link/bin/apply switch

```

where `N` is the number of the NixOS system configuration. To get a

list of the available configurations, do:

where `N` is the number of the NixOS system configuration to roll back to.

To get a list of the available configurations, run:

```ShellSession

$ ls -l /nix/var/nix/profiles/system-*-link

The most notable deviation of this profile from a standard NixOS configuration

is that after building it, you cannot switch *to* the configuration anymore.

The profile sets `config.system.switch.enable = false;`, which excludes

`switch-to-configuration`, the central script called by `nixos-rebuild`, from

`apply` and `switch-to-configuration`, the central scripts called by `nixos-rebuild`, from

your system. Removing this script makes the image lighter and slightly more

secure.

for new module developers to configure their units correctly and to make it

easier to understand what is happening and why for curious administrators.

`nixos-rebuild`, like many deployment solutions, calls `switch-to-configuration`

which resides in a NixOS system at `$out/bin/switch-to-configuration`. The

`nixos-rebuild`, like many deployment solutions, calls `apply` (or for NixOS older than 24.11, `switch-to-configuration`)

which resides in a NixOS system at `$out/bin/apply`. The

script is called with the action that is to be performed like `switch`, `test`,

`boot`. There is also the `dry-activate` action which does not really perform

the actions but rather prints what it would do if you called it with `test`.

    ```ShellSession

    $ sudo mv -v /boot /boot.bak &&

    sudo /nix/var/nix/profiles/system/bin/switch-to-configuration boot

    sudo /nix/var/nix/profiles/system/bin/apply boot

    ```

    Cross your fingers, reboot, hopefully you should get a NixOS prompt!

  If you experience any issues, please report them.

  The original Perl script is deprecated and is planned for removal in the 25.05 release. It will remain accessible until then by setting `system.switch.enableNg` to `false`.

- Built NixOS configurations now have a `$toplevel/bin/apply` script.

  Unlike `switch-to-configuration`, it is capable of performing a complete `switch` operation.

  If you call `switch-to-configuration` directly, you are recommended to use `apply` instead, and remove your call to `nix-env --profile /nix/var/nix/profiles/system --set $toplevel` or similar.

  It will run the switch operation as a systemd unit if available, as `nixos-rebuild switch` would.

  Benefits include:

  - The `apply` script reduces the roundtrips required when performing a remote deployment with `nixos-rebuild switch --target-host HOST`.

  - Developers and power users can now update NixOS in a single call.

  - Alternative NixOS deployment methods have feature parity with `nixos-rebuild`, and NixOS can evolve all of its switching logic in one place.

- Support for mounting filesystems from block devices protected with [dm-verity](https://docs.kernel.org/admin-guide/device-mapper/verity.html)

  was added through the `boot.initrd.systemd.dmVerity` option.