I tried it, and while I was really excited about its proposition, it felt like at times any prior knowledge of Linux was a bit wasted. I also had some significant problems with needing to pin packages.
I don’t doubt that it’s a great option for many, if you’ve got the time to learn it. I’m finding myself in the position where I stick my flag to one distro and keep it there for as long as it doesn’t piss me off.
Yeah. I had a similar experience. My first successful install, following the docs, didn’t have a network stack. It turns out that the docs are not representative of what’s considered best practices at this point. I also don’t care for needing a new DSL for a single use case.
So, for me, it’s a non-starter. Fedora Atomic is meeting my needs nicely at this point. NixOS has brought some excellent ideas to the forefront and is a great match for some people. I’ll pass until I can use my JSON/YAML/TOML and the docs are useable.
I mean, it’s like a fucking drug. The learning curve is steep AF but past some point, when it starts making sense, it’s just incredible. I’m currently moving my whole setup to NixOS and I’m in love.
Even when using in a basic way, I think it has one very tangible advantage: the fact that you can “compartmentalize” different aspects of your configuration.
Let’s say I set up a specific web service that I want to put behind a reverse proxy, and it uses a specific folder that doesn’t exist yet, like Navidrome which is a web-based audio player. It requires a set of adjustments of different system parts. My nix file for it looks like this:
{ config, ... }: let domain = "music." + toString config.networking.domain; in { services.navidrome = { enable = true; settings = { Address = "127.0.0.1"; Port = 4533; MusicFolder = "/srv/music"; BaseUrl = "https://" + domain; EnableSharing = true; Prometheus.Enabled = true; LogLevel = "debug"; ReverseProxyWhitelist = "127.0.0.1/32"; }; }; services.nginx = { upstreams = { navidrome = { servers = { "127.0.0.1:${toString config.services.navidrome.settings.Port}" = {}; }; }; }; }; services.nginx.virtualHosts."${domain}" = { onlySSL = true; useACMEHost = config.networking.domain; extraConfig = '' include ${./authelia/server.conf}; ''; locations."/" = { proxyPass = "http://navidrome"; recommendedProxySettings = false; extraConfig = '' include ${./authelia/proxy.conf}; include ${./authelia/location.conf}; ''; }; }; systemd.tmpfiles.settings."navidrome-music-dir"."${toString config.services.navidrome.settings.MusicFolder}" = { d = { user = "laser"; mode = "0755"; }; }; systemd.services.navidrome.serviceConfig.BindReadOnlyPaths = ["/run/systemd/resolve/stub-resolv.conf"]; security.acme.certs."${config.networking.domain}".extraDomainNames = [ "${domain}" ]; }All settings related to the service are contained in a single file. Don’t want it anymore? Comment it out from my main configuration (or whereever it’s imported from) and most traces of it are gone, the exception being the folder that was created using
systemd.tmpfiles. No manually deleting the link from sites-available or editing the list of domains for my certificate. The next generation will look like the service never existed.And in my configuration, at least the port could be changed and everything would still work – I guess there is room for improvement, but this does what I want pretty well.
Love the example here!
I’m still learning about available references (ex
config.services.navidrome.settings.Port). What resources did you find to be the best for learning that kind of thing?I’ll accept RTFM if that’s applicable :)
Use nix repl! That stands for Read Eval Print Loop. You can evaluate a nix expression and see all the attributes inside. For example, on a non-flake system, use
:l <nixpkgs/nixos>inside the repl to load the current system. Then you can hit the tab key to show whats inside of the current attribute set, make sure you have a . at the end. Then you can press enter to evaluate and see the declaration. For example when you set networking.hostName in configuration.nix you can actually find it under options.networking.hostName.value evaluating that in the repl.Amazing! I’ve used that before but just to look for packages offline. I’ll definitely check that out.
Well, a lot of it is just trying stuff out, but let’s say you want to setup Navidrome because you read about it somewhere. My first step is always to go to https://search.nixos.org/options? and search for it, it’ll show you the options available. If you want to know how it’s implemented under the hood, press the “Declared in” link where it shows you the source code of the module, this can sometimes be helpful.
Other than that, read the wiki for examples, and remember that nix is a full language and not just a configuration, so you can keep it flexible.
They’re not in a single file though, you got includes
Technically correct, but the settings in there are not service specific. However, if there’s something worthy of reworking it’s probably the Authelia part
Hey this is a great web server example! Instead of commenting it out to enable or disable you can actually turn it into a full module. Check out this example of a nix module. Basically, you can take your code you pasted and put it under the config set. Then create an option to enable that set of code. Now you can always have this nix file imported, but enable the option only when you need it with another declaration. Really, that’s how all the declarations work you’re just getting the nix files from github and nixpkgs.
Thanks for the answer; I do have at least one module in my config, but usually, I don’t enable or disable services like that, it was more of an example of how the configuration is split up and what the advantage of that is. In the end, if the only option is to enable the module, you’re not gaining that much if you need to import and enable it instead of just importing the configuration straight is my opinion.
Last I heard they were having this huge governance drama. They fix that yet? Or…
Not really, other than banning those who disagreed publicly
As someone who has never tried Linux, this meme has done more to make me want to give it a try than anything else Linux users have thrown at me so far. The fox is very convincing. I might step into the back of an unmarked van if it asked me to.
Foxes are like that though.
They look cute and cuddly… The trustworthy kind, then they bite your hand off and laugh at you.
Some of them are on fire too!
(That’s why I browse with Emacs; much safer, and RMS-approved)
NixOS is probably a bit more confusing than most Linux distros, but it has a huge amount of advantages too. It has very up to date software and probably never has dependency issues.
That’s par for the course for me. I’m the type that’ll start a video game on the hardest difficulty for a challenge and then my pride won’t let me lower the difficulty so I just quit under the guise of disliking it.
Then you probably shouldn’t use Nix. Maybe try another distro if you haven’t already.
It’s too late, his pride won’t let him go any other distro.
Give him GUIX instead.
I’m running openSUSE because I like lizards.
deleted by creator
Guix doesn’t use systemd(it uses Shepherd)
Too gimmicky
i used it when i was a newbie
Alternative text: Firefox overcoming Chrome
On Kubuntu right now, but planning to switch to NixOS when I get a new laptop
NixOS is cool, the whole Linux configuration in one file is convenient but I already found my home and comfort place that’s Arch btw don’t think I switch to other distro anytime soon
Just to clarify, I wouldn’t recommend putting everything in a single file, but rather modularize the configuration.
I also came from Arch, but have since abandoned it, and I don’t think I want to use distributions for myself that use the the classic imperative concept. One you get a better understanding of it, it makes so much more sense.
Good idea, bad DSL and toxic community.
One thing that no-one tested is the overhead of all the sandbox, like, each module, lybrary of program run in a sandbox(some times they tweak the source code not need the sandbox) so I wanted to see the overhead of all of that
It build in a sandbox, but it’s not run in a sandbox.
I don’t understand, if you run a program inside the sandbox and the program ask for a library, the kernel need to map the library from inside the sandbox to the program, that overhead that I’m talking about
But it’s not run in a sandbox. I’m not sure where you get this from.
This is not how NixOS works. Programs directly link against libraries in the store. There is no sandbox by default when running the binaries.
No, because it miss an ui for the config changes.
I think NixOS is also doing some layering that could cost performance. I am unsure about the storage size, if it is much more like flatpak and snaps that I also dislike.
Have tried, had bad experience trying to get damn libs to work with clang, gave up and went back to Arch
Guix is amazing.
i nuked my nixos install twice to install guix and twice I went back to my nix setup. GuixSD is missing a certain polish to it. It feels like it’s on the way there but probably not yet…
the second time was just last week, after setup on sway, I installed flatpak apps and tried setting up nix-env for packages, some XDG_DATA_DIR fucked up and I couldn’t even see the installed packages or start them from a terminal
servers are also slow and rebuilding is a fucking pain
Most definietly, I have my entire homelab setup in nix as well as laptop/desktop. Is a hell of a lot easier and more reliable than the Kubernetes setup it replaced…
Damn you broke my brain for a second there. I thought you meant that nixos replaced k8s, and was wondering what the hell are you talking about.
Haha yeah could have worded better. I was running a 3 node k8s cluster on Talos Linux as my homelab. Downsized/simplified to a single NAS (aka NixNAS) + NUC on nixos and split the services between them. Apps that heavily use the NAS live on it for direct file access, the rest hum along on the nuc. I sleep easier with this, rather than fighting nose breakage during upgrades or wondering when my next ceph failure will occur.
Meanwhile in Europe:
ZigBee go bzzzzz
