top | item 40398965

(no title)

After running NixOS for 6+ months on my homelab and also re-using part of the configuration on my work machine, I feel the same way as Xe each time I'm interacting with a non-declarative OS. There's just no simple way to share configuration between machines or to automagically clean things up after making changes.

Ansible feels like a thin layer of ice upon a deep ocean of the OS state, hiding in a multitude of non-tracked configuration files. It is simply not enough to build a layer of YAML around an OS which is imperative by nature.

Unfortunately, I can see the downsides of NixOS as well, being radically different from what we usually expect in a Linux distribution, adopting it in a already established environment will no doubt be hard. Steep learning curve, idiosyncracies of the Nix language (although after reading parts of the Nix thesis[1], I find it much more understandable and deeply thought out), just explaining Nix to people who don't have much experience with the functional way of doing things, let alone taking the functional approach all the way to defining an entire operating system - all of this sounds like a tough barrier to cross.

And yet, the desire to keep things reproducible and declarative (not to mention going back in time) persists once you've had the taste of NixOS.

[1] https://edolstra.github.io/pubs/phd-thesis.pdf

discuss

jt2190|1 year ago

I’m picking this nit:

> When is a build reproducible?

> “A build is reproducible if given the same source code, build environment and build instructions, any party can recreate bit-by-bit identical copies of all specified artifacts.”

> Neither Nix or NixOS gives you these guarantees.

This really makes me question whether all of the quirkiness of Nix is worth it if it can’t actually “pay off” with true reproducibility.

[1] “NixOS is not reproducible (2022) https://linderud.dev/blog/nixos-is-not-reproducible/

[2] “non reproducible issues in NixOS” https://github.com/orgs/NixOS/projects/30

Cyph0n|1 year ago

Nonetheless, Nix/NixOS is more reproducible than the majority of other build systems and distros out of the box. But yes, if this is a hard requirement, you’ll be better off with a different choice.

Keep in mind that this is but one of the features NixOS provides. I would say the config-driven approach to OS management is extremely powerful.

As an example, I could bring up my homelab’s external reverse proxy on a generic VPS in a few minutes over SSH using a single command. This includes SSH keys, Telegraf, Nginx with LetsEncrypt certs, and automatic OS upgrades. No Ansible needed :)

See: https://github.com/nix-community/nixos-anywhere

Yotsugi|1 year ago

It isn't worth it, if you care about freedom and configurability, Gentoo exists.

>reproducibility

would like to see people reproduce software that embeds build timestamp into the binary.

walterbell|1 year ago

Does Guix offer guarantees of build reproducibility?