Nix hype has been high the last several months for some reason despite it being around for awhile. I think DevOps guys are just now discovering it or something.
Disclosure: I haven’t used it. I’ve just watched a few videos and have been following the hype. Someone correct me if I’m wrong.
My understanding is that it is similar to the idempotency that Terraform brings but on a OS, packages and code level.
Basically you define (in a file) everything you want on the OS from packages to settings to custom repos and it installs everything so even if something goes sideways and say your server gets hacked, you just start over not from scratch or hopefully a clean fallback image but with everything you need installed out of the gate on a fresh install.
Can also be super useful for ensuring your whole team is using the same setup. No more reading a manual for this one obscure firewall that some random guy setup. Your firewall (or whatever else) was installed and configured out of the box, plus it is the same org wide.
With flakes, you can also lock the project or your system to an exact commit of the nixpkgs repo, meaning you get the same versions until you update the lock file. It’s like a npm or cargo lock file, but for the whole system.
The nix packages define how to build and configure it, so the build part is like Gentoo. It has a powerful cache setup, so you rarely need to really build anything. Need a custom kernel though? Define your patches in your config and it works exactly the same until you update it.
Nix hype has been high the last several months for some reason despite it being around for awhile. I think DevOps guys are just now discovering it or something.
Disclosure: I haven’t used it. I’ve just watched a few videos and have been following the hype. Someone correct me if I’m wrong.
My understanding is that it is similar to the idempotency that Terraform brings but on a OS, packages and code level.
Basically you define (in a file) everything you want on the OS from packages to settings to custom repos and it installs everything so even if something goes sideways and say your server gets hacked, you just start over not from scratch or hopefully a clean fallback image but with everything you need installed out of the gate on a fresh install.
Can also be super useful for ensuring your whole team is using the same setup. No more reading a manual for this one obscure firewall that some random guy setup. Your firewall (or whatever else) was installed and configured out of the box, plus it is the same org wide.
With flakes, you can also lock the project or your system to an exact commit of the nixpkgs repo, meaning you get the same versions until you update the lock file. It’s like a npm or cargo lock file, but for the whole system.
The nix packages define how to build and configure it, so the build part is like Gentoo. It has a powerful cache setup, so you rarely need to really build anything. Need a custom kernel though? Define your patches in your config and it works exactly the same until you update it.