I mean, it’s like a fucking drug. The learning curve is steep AF but past some point, when it starts making sense, it’s just incredible. I’m currently moving my whole setup to NixOS and I’m in love.
Even when using in a basic way, I think it has one very tangible advantage: the fact that you can “compartmentalize” different aspects of your configuration.
Let’s say I set up a specific web service that I want to put behind a reverse proxy, and it uses a specific folder that doesn’t exist yet, like Navidrome which is a web-based audio player. It requires a set of adjustments of different system parts. My nix file for it looks like this:
{ config, ... }: let domain = "music." + toString config.networking.domain; in { services.navidrome = { enable = true; settings = { Address = "127.0.0.1"; Port = 4533; MusicFolder = "/srv/music"; BaseUrl = "https://" + domain; EnableSharing = true; Prometheus.Enabled = true; LogLevel = "debug"; ReverseProxyWhitelist = "127.0.0.1/32"; }; }; services.nginx = { upstreams = { navidrome = { servers = { "127.0.0.1:${toString config.services.navidrome.settings.Port}" = {}; }; }; }; }; services.nginx.virtualHosts."${domain}" = { onlySSL = true; useACMEHost = config.networking.domain; extraConfig = '' include ${./authelia/server.conf}; ''; locations."/" = { proxyPass = "http://navidrome"; recommendedProxySettings = false; extraConfig = '' include ${./authelia/proxy.conf}; include ${./authelia/location.conf}; ''; }; }; systemd.tmpfiles.settings."navidrome-music-dir"."${toString config.services.navidrome.settings.MusicFolder}" = { d = { user = "laser"; mode = "0755"; }; }; systemd.services.navidrome.serviceConfig.BindReadOnlyPaths = ["/run/systemd/resolve/stub-resolv.conf"]; security.acme.certs."${config.networking.domain}".extraDomainNames = [ "${domain}" ]; }All settings related to the service are contained in a single file. Don’t want it anymore? Comment it out from my main configuration (or whereever it’s imported from) and most traces of it are gone, the exception being the folder that was created using
systemd.tmpfiles. No manually deleting the link from sites-available or editing the list of domains for my certificate. The next generation will look like the service never existed.And in my configuration, at least the port could be changed and everything would still work – I guess there is room for improvement, but this does what I want pretty well.
Hey this is a great web server example! Instead of commenting it out to enable or disable you can actually turn it into a full module. Check out this example of a nix module. Basically, you can take your code you pasted and put it under the config set. Then create an option to enable that set of code. Now you can always have this nix file imported, but enable the option only when you need it with another declaration. Really, that’s how all the declarations work you’re just getting the nix files from github and nixpkgs.
Love the example here!
I’m still learning about available references (ex
config.services.navidrome.settings.Port). What resources did you find to be the best for learning that kind of thing?I’ll accept RTFM if that’s applicable :)
Well, a lot of it is just trying stuff out, but let’s say you want to setup Navidrome because you read about it somewhere. My first step is always to go to https://search.nixos.org/options? and search for it, it’ll show you the options available. If you want to know how it’s implemented under the hood, press the “Declared in” link where it shows you the source code of the module, this can sometimes be helpful.
Other than that, read the wiki for examples, and remember that nix is a full language and not just a configuration, so you can keep it flexible.
Use nix repl! That stands for Read Eval Print Loop. You can evaluate a nix expression and see all the attributes inside. For example, on a non-flake system, use
:l <nixpkgs/nixos>inside the repl to load the current system. Then you can hit the tab key to show whats inside of the current attribute set, make sure you have a . at the end. Then you can press enter to evaluate and see the declaration. For example when you set networking.hostName in configuration.nix you can actually find it under options.networking.hostName.value evaluating that in the repl.
They’re not in a single file though, you got includes
I actually got NixOS after the latest time I tried it. But I also got that I don’t want it, Arch is much simpler in all the good ways.
And perhaps something like https://github.com/kiviktnm/decman can some day give us part of Nix’s power without going all-in with the functional declarative thingamadoodle.
Wow thanks I was wondering for a while if something like this existed! I’m very happy with regular Arch, but I am very curious to try both an immutable/atomic and a declarative distro. At least the second I guess I can kina replicate now with this. Another rabbit hole to go down I think. :D
I’d recommend trying out a Fedora Atomic distro. Similar idea but without the extremely niche DSL.
Which one specifically? Pure Fedora or something like universal blue?
So, I’m an arch-btwistan, what does nixos do for a gamer/youtuber/low-tier-wannabe-musician? Legit asking, because I really don’t know what makes nixos tick, and the (very little) I’ve read doesn’t really explain the benefits of it
Everything about your OS is defined in a config files and can be rebuilt. You break something you don’t need to do a complete reinstall if you can’t figure it out. Just rebuild the last working configuration. Sharing builds with your friends is easier.
For gaming getting your graphics card going is much simpler. I never had steam and proton games run as well as they do with they nixos defaults
It sounds like a Dockerfile for your system OS?
Docker, ansible, salt, yeah
Basically but it’s better, nix has a unique way of doing the underlying the logic which as is own benefits. Also since nix is not a container it doesn’t have any of the speed penalties that come along with that. Since nix is functional as well, it means all operations can be undone. So where you might te build a docker image from scratch or by using a A/B system like other immutable distros it allows nix to just modify the system while it’s running with minimal side effects.
nix has a unique way of doing the underlying the logic which as is own benefits.
Honestly, this is what I like least about it. I do not like unique, single-purpose Domain Specific Languages. To me, requiring use of a DSL that is not like common languages used for similar purposes is a major detractor.
Guix!!!
For gaming getting your graphics card going is much simpler. I never had steam and proton games run as well as they do with they nixos defaults
you clearly haven’t used EndeavorOS then, since there everything just works.
Imo the worst part of nix is how it turns into this chicken or the egg scenario. Let me explain, nix is very good at reproducing things. It ensures that all things are the same when installing a piece of software. Once someone writes a nix module, generally speaking, it “just works”. You can always take that nix file and get it to run the same way on another machine. But since most gamers/musicians don’t give two shits about reproducible software, it doesn’t get packaged. And with no packages they will never be interested to get into nix.
As I write this though I realize, many open source projects have struggled with getting contributions from the community. Personally, I just think nix solves the issue of “idk, it works on my machine” better than anything I’ve seen. Being able to reproduce software and stop dependency issues is a very valuble thing, just not for everyone.
nothing imo, it’s main benefit is making reproducible environments, imagine you need 10 machines to have the exact same things running on it, setting up each one would be a PITA and keeping them the same is near impossible, nixos solves that problem.
it’s not gonna do anything for you, most people just want a working OS system on your PC so that you can do the things you need to do, if you have that, there is no reason to be fucking around with nixos.
Very well built patches and ways to share them. This is a good thing for gaming as we can try bleeding edge like Arch. But without having to rely on AUR or scripts to copy locally. Thanks to Nix Flakes you simply reference the flake someone shared (after double checking what is in it) and rebuild a NixOS derivation and voila, patch installed. I installed a complete SteamOS in 1 minute with this, reboot and everything works. Even with your locally signed in Steam account 👌
I want to but COSMIC DE.
You can absolutely install Cosmic with Nix
How do you do that?
You can use this flake to add cosmic to your configuration
I love the nix package manager on fedora atomic
One thing that no-one tested is the overhead of all the sandbox, like, each module, lybrary of program run in a sandbox(some times they tweak the source code not need the sandbox) so I wanted to see the overhead of all of that
It build in a sandbox, but it’s not run in a sandbox.
I don’t understand, if you run a program inside the sandbox and the program ask for a library, the kernel need to map the library from inside the sandbox to the program, that overhead that I’m talking about
But it’s not run in a sandbox. I’m not sure where you get this from.
This is not how NixOS works. Programs directly link against libraries in the store. There is no sandbox by default when running the binaries.
I’m more interested in Mint 22
LMNE: Linux Mint Nix Edition
…hmm
Good idea, bad DSL and toxic community.
Am currently on NixOS
Looking to move to RedoxOS as soon as viable
I’ve looked into the same, sad it’s not viable yet…
Well it’d need declarative configuration IMO, so maybe something like tvix would need to be integrated first. That could also get us to being DSL agnostic.
Bur damn, RedoxOS (impl) is sexy.
Fuck yes, I would follow that fox wherever needed!
as a fox myself, i would not recommend it.
Hmmm, how can you type then?
Suspicious!
they using the tongue
👁️🫦👁️
i am sneaky fox, i break into your house, i steal your keyboard, and then i shitpost on lemmy, steal your pasta, and then leave unbeknownst to you.
Yep, running on 2010 laptop. works great.
Most definietly, I have my entire homelab setup in nix as well as laptop/desktop. Is a hell of a lot easier and more reliable than the Kubernetes setup it replaced…
Damn you broke my brain for a second there. I thought you meant that nixos replaced k8s, and was wondering what the hell are you talking about.
Haha yeah could have worded better. I was running a 3 node k8s cluster on Talos Linux as my homelab. Downsized/simplified to a single NAS (aka NixNAS) + NUC on nixos and split the services between them. Apps that heavily use the NAS live on it for direct file access, the rest hum along on the nuc. I sleep easier with this, rather than fighting nose breakage during upgrades or wondering when my next ceph failure will occur.
Meanwhile in Europe:
ZigBee go bzzzzz
As someone who has never tried Linux, this meme has done more to make me want to give it a try than anything else Linux users have thrown at me so far. The fox is very convincing. I might step into the back of an unmarked van if it asked me to.
NixOS is probably a bit more confusing than most Linux distros, but it has a huge amount of advantages too. It has very up to date software and probably never has dependency issues.
That’s par for the course for me. I’m the type that’ll start a video game on the hardest difficulty for a challenge and then my pride won’t let me lower the difficulty so I just quit under the guise of disliking it.
Then you probably shouldn’t use Nix. Maybe try another distro if you haven’t already.
It’s too late, his pride won’t let him go any other distro.
Foxes are like that though.
They look cute and cuddly… The trustworthy kind, then they bite your hand off and laugh at you.
I’m running openSUSE because I like lizards.
Is this a greek culinary specialty? “You have to try the Nixos, it melts in the mouth!”
Too gimmicky
