For my first few years of NixOS I didn't understand the point of the NixOS stable releases, since even on "nixos-unstable" I found that if my nix config evaluates, then it'll work. And in the very rare case things broke, I could easily rollback.
NixOS stable, for me, provides API stability. I can leave a machine auto-updating, and be confident that my nix config will continue to be compatible, and thus build.
Thanks to the release managers for the work that goes into this!
There's still the data migration issue. If you follow unstable all the time, an app may update its data files or databases at startup. Then, you can still roll back the binaries, but they'll just refuse to work (best case) or corrupt the unknown data format (worst case).
Following up on this, has anyone tried this and seen how well it works in practice?
“ Speedify, a proprietary VPN which allows combining multiple internet connections (Wi-Fi, 4G, 5G, Ethernet, Starlink, Satellite, and more) to improve the stability, speed, and security of online experiences. Available as services.speedify.”
I’m about 18mos into managing my macOS hardware with Nix. And I’m conflicted. It’s clearly a powerful system, and I’m still very noob at it. It’s not clear to me that it’s the right solution for macOS. I’ve not felt comfortable enough with it to roll it to Linux hosts yet. Or use its docker image maker.
Consistently through the 25.05 period nix-darwin and nixpkgs would fall out of sync. I learned not to `nix flake update` too often as a result. It’s amazing that rolling back is as easy as it is, and that’s huge, but if you squint and reason that mise and nix solve the same issue, why not use the less opinionated, easier to reason about mise?
As time has gone on, more and more of my system is managed via nix-homebrew … effectively producing a Brewfile for the vast majority of my package needs. Why not just use Brewfile directly?
I really want to advocate for nix, but it feels like I lose the “why not x?” conversations with myself, I can’t fathom winning them against a less invested peer.
This past month, I have spent a decent amount of hours (7+) trying to setup nix on my mac with nix-darwin, and failed.
Most tutorial out there encourage you to download someone else's configuration to get going. I don't want to do that. I want to understand at its core how this thing works.
I've read the official nix language documentation, watched YouTube tutorials, read 3rd party tutorials, and still couldn't get going with a simple configuration that would install a few packages.
The nix language is also really unpalatable to me. But I could deal with that if the examples out there showed a consistent way of doing things – that's not the case. It seems one same thing can be done many different ways – but I want to know and do it the right way. I would generally turn myself to the official best practices documentation, except nix' is very short and doesn't help much.
I really want to use nix. There's no question about its advantages. But nix just won't let me (or maybe I'm too old to learn new things).
That being said, I'll probably give it another try this month...
I'm not conflicted. Nothing compares to nix. I've been using it on macOS, for Linux hosts, for years now, and it's been incredibly rock solid. I stopped using homebrew years ago and I couldn't be happier about that.
> Consistently through the 25.05 period nix-darwin and nixpkgs would fall out of sync. I learned not to `nix flake update` too often as a result.
I find using a singular nixpkgs version is almost always a recipe for things breaking if you are on unstable. I usually end up juggling multiple nixpkg versions, for example you might want to pin the input to nix-darwin separately.
This is squarely a nixpkgs problem. It's the largest most active package repository known to man. I am pretty sure GitHub has special-cased infrastructure just for it to even function. Things are much more stable in release branches. If that causes you pain because you want the latest and greatest, it's worth considering that you'd experience the same problem with other package repositories (e.g. Debian), and then asking yourself what it is you are actually trying to accomplish. There's a reason they call it unstable.
> but if you squint and reason that mise and nix solve the same issue, why not use the less opinionated, easier to reason about mise?
If mise works for you then great, use it. When I squint and reason, they do not solve the same issue. I don't know how you come to the same conclusion either. Why are you using nix-darwin at all? What is the overlap between nix-darwin and mise? I don't see it.
If all you want is dev environments, I recommend flox.
At the end of the day I'll continue using nix, and especially nix-darwin, _solely_ because it let me set up a new machine in under 5 minutes and hit the ground running. Nothing else compares.
I similarly found `nix flake update` frustrating for a while, especially when using unstable Nixpkgs. I wrote a tool called `npc` that basically solved the problem for me by letting me bisect whatever Nixpkgs channel(s) I have in my flake inputs: https://github.com/samestep/npc
I've only barely used Nix on OSX to manage packages and I thought it felt awkward at the time. But I had also barely used NixOS at that time. Today I'm happily running NixOS on my NAS and my "gaming" desktop. My son is running it for his desktop as well. What feels awkward and fragile on OSX is far more stable on NixOS. But you do have to learn some of the Nix syntax and ways of doing things which it sounds like you're already getting some of on OSX. The reason I'm going to use it on OSX again is mostly to get consistent HOME configuration and tooling across all of my devices. I'll manage my OSX home dir and tools with the exact same file across multiple computers.
I have both Nixos and Macs so I appreciate I can control everything through a single repo. I have a single flake with nixosConfigurations, darwinConfigurations and home manager pointing to different nixpkgs and other weird stuff such as jovian for my gaming pc and a special repo for my rpi5.
I've been using Nix and NixOS for about 5 or 6 years now, extremely thankful for the project. It was my gateway to open source and Linux, and has been pivotal to my career (I work on internal developer experience and environments + CI infrastructure).
It's certainly not for everyone, but for anyone who's full time job involves managing runtime environments it is second to none.
Does anyone have a good resource for a quickstart/high-level overview of just the terminology required to understand Nix? Flakes/overlays/nixpkgs/etc. I start wading in to try and understand it, and instead run into arguments and disagreements.
Unfortunately, without a base level understanding of the entire ecosystem, I stay lost.
yeah, the "entry-level" documentation is definitely one of the weak points of the Nix ecosystem. I'd compare it to trying to learn how to do oil changes on your car and only finding "car guy" web forums full of posts about transmission rebuilds and 3D printing your own carburetors.
my recommendation (as I said elsewhere in this thread, I'm a 10+ year NixOS user) would be to install NixOS on a VM or spare laptop and tinker with configuring it. you can follow the breadcrumbs, for example enabling sshd [0] has a "declared in" link to [1] where you can read the Nix source code of what that NixOS option actually does on your system.
flakes, modules, and overlays are all relatively "advanced" parts of the ecosystem, you don't need to know them as a new user. in particular, you will find many blog posts telling you to use flakes right from the beginning. that's an option, but not at all required.
I started playing with nix few months ago. Youtube videos from Vimjoyer helped a lot.
On top of that Claude Code is very good at understanding/explaining/updating config.
Regarding features: so far for my home setup (few vms on proxmox) I only needed flakes. They age good at organizing multihost config.
But besides it it works smoothly. And I constantly have thought “wait, why we didn’t always do it this way?”
This article and video might be good for you, but they are more about a conceptual overview of what the fundamental parts of Nix are and how they interact.
Flakes are a dependency-pinning and hermetic evaluation feature baked into the Nix tool itself.
Overlays are an idiom that uses lazy evaluation to build up larger attribute sets in a modular and composable way (e.g., package collections for a particular programming language).
For certain people i think "entry level" for nix means trying to re-read tutorials every couple of years and it never ever feeling comfortable or memorable... but somehow it still itches in the back of your mind that this is how things are suppose to be done. But why is it so... different?
You don't need flakes or some fundamental understanding for a quick start. I simply add programs that I use to configuration.nix. This covers 95% of my use cases. For everything else I use containers. This may be not the nix way, but works super reliably and without much trouble.
No, but I can empathize. I never understood the Nix language. It's impenetrable to me. I hate it so much.
I keep checking back every year or so secretly hoping they'll have upgraded the language. It's fascinating how successful Nix is given how utterly opaque the language is.
Instability is one of the biggest but perhaps also the least understood downsides of NixOS, IMHO.
Contrary to the name, even the stable branch of NixOS can have problems while installing routine updates with `nixos-rebuild switch --upgrade`. In fairness, at least with NixOS you can normally roll back to a previous working configuration where you can try to fix or work around the problem if that does happen. It’s still painful if you have to do that, though.
Even if your routine updates all go smoothly, as you mentioned, each stable release is only supported for a very limited time window after the next one is out. NixOS doesn’t have any long-term support branch in the sense that some distros do. Again, you can overcome this to a degree by customising your configuration if you need specific versions of certain packages, but in doing so you’re moving back towards manually setting things up and resolving your own compatibility issues rather than having a distro with compatible packages you can install in whatever combination you want, which reduces the value of using a distro with a package repository in the first place.
To be clear, I’m a big fan of NixOS. I run it as my daily driver on a workstation where I do a lot of work on different projects for different clients. Its ability to have a clean, declarative description of what’s currently installed globally or for any given user or even when working in any given project directory for any given user is extremely valuable to me.
But it’s also fair to say that NixOS is not for everyone. It has been by far the least stable Linux distro I have ever used, in the sense of “If I turn my computer on and install the latest updates from the stable branch, will my computer still work afterwards?”. If you’re looking for a distro you can deploy and then maintain with little more than semi-automatic routine updates for a period of years then, at least for now, it is not the distro for you.
NixOS is mostly a rolling-release distro, like Arch, but it rolls a bit more slowly. You can opt into full rolling release with the "unstable" branch, which is very common. There's not a lot of benefit to "stable" IMO.
I am excited for having a new version of NixOS. Few days ago I realized that November is almost gone and went looking for when I can expect the new release. And right on schedule it popped out (was checking throughout the day). Big props to the release managers (and of course the maintainers)
I use nix via flakes on my own machines (via NixOS), in my projects (with direnv), on my infrastructure/servers (NixOS deploying with colmena) and at work (nix-darwin and projects). So far the upgrade have gone painlessly, the only change I needed to make is how git is configured in home manager. I continue to be amazed how well NixOS works.
Edit: The only place I still struggle in adopting nix is on my phone. Last time I tried nix-on-droid it didn't even run, but I plan to try that again. Still new to Android (and GrapheneOS)
The only linux distro where I've never experienced disruption whatsoever when a new version comes in. A testament to the validity of the approach they are using (immutability). They also have a simple way to package things, and this produced the largest repository of packages of any linux distro. If something works, it stays working, breakage after updating is unheard of. The unofficial motto is "nixos fixes that."
Forgot to mention Nvidia CUDA is now a first-class citizen. Nix becomes a support target for Nvidia. How times have changed, thanks to Google scaring the bejezus of Nvidia by running Gemini on their TPUs. Nvidia may finally get their act together on linux
This will be another upgrade for my dev machine running NixOS since 17.something times. Thanks to all maintaines and release managers over the years for such solid work!
> Added nixos-init, a Rust-based bashless initialization system for systemd initrd
Rust is such a heavy dependency though, is it not? Is it worth it? Additionally, what does it add as a new project / software (disregard Rust here)? What was wrong with the previous one and/or what does this fix or add that justifies adding a heavy dependency? Seems like most of these projects are written in Rust though.
Previous version was in bash. With this change you can build a nixos image not containing bash or any shell whatsoever.
Not having interpreted languages on the system at all is an effective hardening technique combined with verity store containing all your executables as it makes it impossible for attackers to add new executable files to the system which stops almost all attack vectors.
foxheadman|3 months ago
For my first few years of NixOS I didn't understand the point of the NixOS stable releases, since even on "nixos-unstable" I found that if my nix config evaluates, then it'll work. And in the very rare case things broke, I could easily rollback.
NixOS stable, for me, provides API stability. I can leave a machine auto-updating, and be confident that my nix config will continue to be compatible, and thus build.
Thanks to the release managers for the work that goes into this!
viraptor|3 months ago
rkomorn|3 months ago
As soon as lanzaboote works with stable, I'll go back to stable (but I think that is not the case yet, sadly).
Lowkey plug for lanzaboote though. Getting secure boot working went pretty well for me thanks to it.
telotortium|3 months ago
“ Speedify, a proprietary VPN which allows combining multiple internet connections (Wi-Fi, 4G, 5G, Ethernet, Starlink, Satellite, and more) to improve the stability, speed, and security of online experiences. Available as services.speedify.”
dayjah|3 months ago
Consistently through the 25.05 period nix-darwin and nixpkgs would fall out of sync. I learned not to `nix flake update` too often as a result. It’s amazing that rolling back is as easy as it is, and that’s huge, but if you squint and reason that mise and nix solve the same issue, why not use the less opinionated, easier to reason about mise?
As time has gone on, more and more of my system is managed via nix-homebrew … effectively producing a Brewfile for the vast majority of my package needs. Why not just use Brewfile directly?
I really want to advocate for nix, but it feels like I lose the “why not x?” conversations with myself, I can’t fathom winning them against a less invested peer.
gouggoug|3 months ago
Most tutorial out there encourage you to download someone else's configuration to get going. I don't want to do that. I want to understand at its core how this thing works.
I've read the official nix language documentation, watched YouTube tutorials, read 3rd party tutorials, and still couldn't get going with a simple configuration that would install a few packages.
The nix language is also really unpalatable to me. But I could deal with that if the examples out there showed a consistent way of doing things – that's not the case. It seems one same thing can be done many different ways – but I want to know and do it the right way. I would generally turn myself to the official best practices documentation, except nix' is very short and doesn't help much.
I really want to use nix. There's no question about its advantages. But nix just won't let me (or maybe I'm too old to learn new things).
That being said, I'll probably give it another try this month...
xyzzy_plugh|3 months ago
> Consistently through the 25.05 period nix-darwin and nixpkgs would fall out of sync. I learned not to `nix flake update` too often as a result.
I find using a singular nixpkgs version is almost always a recipe for things breaking if you are on unstable. I usually end up juggling multiple nixpkg versions, for example you might want to pin the input to nix-darwin separately.
This is squarely a nixpkgs problem. It's the largest most active package repository known to man. I am pretty sure GitHub has special-cased infrastructure just for it to even function. Things are much more stable in release branches. If that causes you pain because you want the latest and greatest, it's worth considering that you'd experience the same problem with other package repositories (e.g. Debian), and then asking yourself what it is you are actually trying to accomplish. There's a reason they call it unstable.
> but if you squint and reason that mise and nix solve the same issue, why not use the less opinionated, easier to reason about mise?
If mise works for you then great, use it. When I squint and reason, they do not solve the same issue. I don't know how you come to the same conclusion either. Why are you using nix-darwin at all? What is the overlap between nix-darwin and mise? I don't see it.
If all you want is dev environments, I recommend flox.
At the end of the day I'll continue using nix, and especially nix-darwin, _solely_ because it let me set up a new machine in under 5 minutes and hit the ground running. Nothing else compares.
sestep|3 months ago
I similarly found `nix flake update` frustrating for a while, especially when using unstable Nixpkgs. I wrote a tool called `npc` that basically solved the problem for me by letting me bisect whatever Nixpkgs channel(s) I have in my flake inputs: https://github.com/samestep/npc
tstrimple|3 months ago
unknown|3 months ago
[deleted]
bomewish|3 months ago
Making a change with home manager became a whole thing.
Now I’m back on the happy path and it’s great. The LLMs can also move things over very fast.
My remaining uses of nix are just devbox which is a very palatable wrapper and nicer to use than flakes.
irusensei|3 months ago
hamandcheese|3 months ago
I do very much recommend home-manager, which will manage your dot-files and cli packages, and is portable between macOS and Linux.
viraptor|3 months ago
What do you mean? Those should be fairly independent in practice.
hamandcheese|3 months ago
It's certainly not for everyone, but for anyone who's full time job involves managing runtime environments it is second to none.
digdugdirk|3 months ago
Unfortunately, without a base level understanding of the entire ecosystem, I stay lost.
evil-olive|3 months ago
my recommendation (as I said elsewhere in this thread, I'm a 10+ year NixOS user) would be to install NixOS on a VM or spare laptop and tinker with configuring it. you can follow the breadcrumbs, for example enabling sshd [0] has a "declared in" link to [1] where you can read the Nix source code of what that NixOS option actually does on your system.
flakes, modules, and overlays are all relatively "advanced" parts of the ecosystem, you don't need to know them as a new user. in particular, you will find many blog posts telling you to use flakes right from the beginning. that's an option, but not at all required.
0: https://search.nixos.org/options?channel=25.11&show=services...
1: https://github.com/NixOS/nixpkgs/blob/nixos-25.11/nixos/modu...
para_parolu|3 months ago
Regarding features: so far for my home setup (few vms on proxmox) I only needed flakes. They age good at organizing multihost config.
But besides it it works smoothly. And I constantly have thought “wait, why we didn’t always do it this way?”
endgame|3 months ago
https://shopify.engineering/shipit-presents-how-shopify-uses...
https://www.youtube.com/watch?v=6iVXaqUfHi4
Flakes are a dependency-pinning and hermetic evaluation feature baked into the Nix tool itself.
Overlays are an idiom that uses lazy evaluation to build up larger attribute sets in a modular and composable way (e.g., package collections for a particular programming language).
richardgill88|3 months ago
This was the Nix config that helped it 'click' for me: https://github.com/eh8/chenglab that mentions this guide.
I based my own config off of it https://github.com/richardgill/nix
beefnugs|3 months ago
dandanua|3 months ago
wocram|3 months ago
The arguments probably come from the fact that flakes are 'experimental', but de facto widely used.
notfed|3 months ago
I keep checking back every year or so secretly hoping they'll have upgraded the language. It's fascinating how successful Nix is given how utterly opaque the language is.
kurtis_reed|3 months ago
yearolinuxdsktp|3 months ago
What, one month to upgrade to keep receiving security updates? How can you force 1-month upgrade windows every 6 months and who would go for that?
Chris_Newton|3 months ago
Contrary to the name, even the stable branch of NixOS can have problems while installing routine updates with `nixos-rebuild switch --upgrade`. In fairness, at least with NixOS you can normally roll back to a previous working configuration where you can try to fix or work around the problem if that does happen. It’s still painful if you have to do that, though.
Even if your routine updates all go smoothly, as you mentioned, each stable release is only supported for a very limited time window after the next one is out. NixOS doesn’t have any long-term support branch in the sense that some distros do. Again, you can overcome this to a degree by customising your configuration if you need specific versions of certain packages, but in doing so you’re moving back towards manually setting things up and resolving your own compatibility issues rather than having a distro with compatible packages you can install in whatever combination you want, which reduces the value of using a distro with a package repository in the first place.
To be clear, I’m a big fan of NixOS. I run it as my daily driver on a workstation where I do a lot of work on different projects for different clients. Its ability to have a clean, declarative description of what’s currently installed globally or for any given user or even when working in any given project directory for any given user is extremely valuable to me.
But it’s also fair to say that NixOS is not for everyone. It has been by far the least stable Linux distro I have ever used, in the sense of “If I turn my computer on and install the latest updates from the stable branch, will my computer still work afterwards?”. If you’re looking for a distro you can deploy and then maintain with little more than semi-automatic routine updates for a period of years then, at least for now, it is not the distro for you.
SAI_Peregrinus|3 months ago
Ingon|3 months ago
I use nix via flakes on my own machines (via NixOS), in my projects (with direnv), on my infrastructure/servers (NixOS deploying with colmena) and at work (nix-darwin and projects). So far the upgrade have gone painlessly, the only change I needed to make is how git is configured in home manager. I continue to be amazed how well NixOS works.
Edit: The only place I still struggle in adopting nix is on my phone. Last time I tried nix-on-droid it didn't even run, but I plan to try that again. Still new to Android (and GrapheneOS)
LennyHenrysNuts|3 months ago
urlwolf|3 months ago
urlwolf|3 months ago
kubafu|3 months ago
YouAreWRONGtoo|3 months ago
[deleted]
johnisgood|3 months ago
Rust is such a heavy dependency though, is it not? Is it worth it? Additionally, what does it add as a new project / software (disregard Rust here)? What was wrong with the previous one and/or what does this fix or add that justifies adding a heavy dependency? Seems like most of these projects are written in Rust though.
arianvanp|3 months ago
You can read about the project here: https://github.com/NixOS/nixpkgs/issues/428908