- cross-posted to:
- nixos@infosec.pub
- cross-posted to:
- nixos@infosec.pub
Am I out of touch?
No, it’s the forward-thinking generation of software engineers that want elegant, reliable, declarative systems that are wrong.
Am I out of touch?
No, it’s the forward-thinking generation of software engineers that want elegant, reliable, declarative systems that are wrong.
I agree but I prefer it to things like ansible for sure. I’m also happy to never have to run 400 apt install commands in a specific order lest I have to start again from scratch on a new system.
Another place I swear by it is in the declaration of drives. I used to have to use a bash script on boot that would update fstab every time I booted (I mount an NFS volume in my LAN as if it were native to my machine) then unmount it on shutdown. With nix, I haven’t had to invent solutions for that weird quirk (and any other quirks) since day one because I simply declared it like so:
{ config, lib, pkgs, inputs, ... }: { fileSystems."/boot" = { device = "/dev/disk/by-uuid/bort"; fsType = "vfat"; }; fileSystems."/" = { device = "/dev/disk/by-uuid/lisa"; fsType = "ext4"; }; swapDevices = [ {device = "/dev/disk/by-uuid/homer";} ]; fileSystems."/home/mrskinner/video" = { device = "192.168.8.130:/volume/video"; options = ["x-systemd.automount" "noauto"]; fsType = "nfs"; }; fileSystems."/home/mrskinner/Programming" = { device = "192.168.8.130:/volume/Programming"; options = ["x-systemd.automount" "noauto"]; fsType = "nfs"; }; fileSystems."/home/mrskinner/music" = { device = "192.168.8.130:/volume/music"; options = ["x-systemd.automount" "noauto"]; fsType = "nfs"; }; }
IMO, where they really shine is in the context of declarative dev environments where the dependencies can be locked in place FOREVER if needed. I even use Nix to build OCI/Docker containers with their definitions declared right inside of my dev flake for situations where I have to work with people who hate the Nix way.
No end of interesting shit you can do in Nix, at one point I had zfs and ipfs entries in one of my configs. I got away from it all before flakes started to get popular.
I tried it as a docker host; the declarative formatting drove me around the bend. I get a fair bit of disaster proofing on my docker host with git and webhooks, besides using Proxmox/ZFS to host it all and back it up.
I suspect that the whole Docker thing will improve exponentially now that Nix is on the Docker’s radar. I found the OCI implementation to be superior to the actual Docker implementation in Nix…at least for now. I think the way that Docker isolates things to layers is the biggest barrier to them working together seamlessly at the moment…but I think they’ll start to converge technolgically over the coming 10 years to the point where they might work together as a standard someday.