Points for something I’ve never tried.
Edit: Think I’ll just blast Bazzite on it. The recent Gnome scales well and it has nice performance tweaks.
Cheers
Points for something I’ve never tried.
Edit: Think I’ll just blast Bazzite on it. The recent Gnome scales well and it has nice performance tweaks.
Cheers
I daily drive NixOS and use it in many other situations. However, I’m also a systems engineer and it’s the distro I use for managing all the environments.
I’m sure it was a joke(ish), but definitely not for the light-hearted or fairweather penguins.
Definitely not for the light-hearted, but if OP is willing to take a month or so to learn Nixlang it actually gets quite easy and you can do pretty much everything with it. No need for Timeshift either. You’d have to really work at breaking it and once its set up that’s it.
Not to mention if you upgrade your system/SSD you only need a few key nix files and some dotfiles to basically clone your whole setup, especially if you use home-manager
Please tell me more about your work and how you use Nix in it. I’m interested.
I can’t tell if you’re being serious or facetious 😅
I assure you it isn’t all that glorious, though, just a lot of configs. NixOS is just my favorite method of infrastructure-as-code, and in conjunction with
nixopsI can’t imagine going back to anything else unless the project required it for some reason. Disaster recovery is simple, and testing/pushing config changes to hundreds of machines is almost too easy.I have a clunky set of configs, for self-hosting at home and small side-clients, I slapped together you can look at, but again it’s not all that special and I wouldn’t necessarily follow this for real production stuffs. It also doesn’t utilize any of the fancy NixOS stuff, fairly basic and Docker heavy.
https://codeberg.org/madamegaymes/NixOS-Docker-Framework
I am serious. I am a cloud engineer (glorified system admin for cloud + Linux VMs) and I’m still stuck on Ansible + Terraform (stuck isn’t the right word, we are a RHEL and Alpine shop for our VMs and Containers and things work well enough). My friends in bigger companies are using Nix though, but I was always scared of the learning curve. I want to see clear benefits of using nix so I can push myself to actually learn it, which is why I asked. Thanks for the link.
Oh, sweet!
In that case, I highly recommend taking a look at some more real-world examples. My original link is just something that makes self-hosting and small jobs more or less thoughtless for me.
Imagine all those config management tools built into your OS, and that’s NixOS in a nutshell. There’s obviously WAY more it can do if you look into creating your own derivations, or getting into the new-ish concept of Flakes.
Again, though,
nixopsis the thing that makes me continue to use it, besides just already knowing how to throw together a config in nix’s syntax. The nixops tool basically allows you to federate all your systems, tag them, group them, and do anything under the sun with each machine (or several in batches). It’s hard to get across in a simple text blurb.In my case (SaaS), imagine having 10 devs that all want their own dev environment that mirrors production within our VPN, then you need a beta and production environment for each client that licenses the app. Each environment has a couple databases, a few different APIs, some background scraper-type applications, and front-ends for everything. Some of that stuff can live on one machine, some needs to be alone and redundant. You can see how very quickly there’s a lot of machines to keep track of.
Now I need to update a couple config pieces to match a new feature in the app itself. Well, all I gotta do is sort out the config, then run a couple nixops command to push to all the dev environments. When ready, do the same for beta, then do it for prod when the fat lady sings.
Being all within one ecosystem, focused on security hardening, is what I really like about it. Hopefully that wasn’t too stream-of-consciousness for ya, lmao.
ETA: links, also note that nixops is undergoing some serious changes in the past year. NixOS itself also undergoes changes fairly regularly in syntax as vulnerabilities are addressed and improvements made.
Thank you for the note. I’m been cursing myself for not being able to provide my devs with something similar (they don’t complain but I know it will make their lives easier). I will start nix from scratch if I learn it but nixops definitely seems like it can help because terraform isn’t that great at the example you provided. Thanks.
Could you elaborate?
Some NixOS native packages and options change the defaults to be more security conscious rather than “easy to spin up.” Doing a basic nginx config in NixOS will be more secure than if you had installed it through debian’s apt or from source. Similar for ssh, you just don’t have to think as much about doing those few obvious config changes you always have to do when spinning up a new machine. Of course, there are some things you have to customize for yourself (like custom ports, paths, etc.), but they make it a little simpler by assuming you’re using NixOS in a production environment.
A couple of other links that you’ll end up referencing all the time if you get into NixOS:
The first link is the native package repo, and the second link are all the NixOS config parameters for each of those packages and the system in general.
Perfect. So when you do provide them with an efficiency boost when they never asked about it, you can be a rockstar and get a raise. Or keep it in your back pocket until they do complain and implement it then for a similar effect 😜