Nix and NixOS

About me

• living in north-west Germany (Münsterland)
• Interests
  • operating systems (Linux, xBSD, MacOS, Plan 9, SerenityOS …)
  • retro computing (6502, 8086, m68k, Z80 …)
  • DNS/DNSSEC/DANE/DoT/DoH, IPv6, DHCP
  • lean Internet (Gopher, Gemini, FujiNet …)
  • Programming (Go, Forth, Lua, Python, Oberon, Lisp …)
  • Emacs
  • Pen & Paper RPG

Software installation on Linux Distributions

classic Linux distributions

• Debian, Ubuntu, Suse, Fedora, Red Hat, Arch-Linux, Void …
• Iterative software installation and configuration
  1. OS installation
  2. initial software installation via packet manager (yum, dnf, zypper, apt, pacman …)
  3. initial configuration
  4. more software installation
  5. more configuration
  6. loop to –> 4

Iterative approach

• the system grows over time
• hard to replicate
• generates unique machine configurations

The search for solutions

• configuration orchestration
  • TerraForm
  • Ansible
  • SaltStack
  • others …
• these solutions are external to the Linux distribution ecosystem
  • the Linux distribution package manager does not know about Ansible and friends

About Nix

Nix

• Nix is a packet manager
  • multi platform (Linux, MacOS, FreeBSD)
  • can be used in addition to the platform packaging infrastructure
  • MIT License
• Nix is a programming language
  • pure, lazy, functional
  • not a full-featured, general purpose language
  • its main job is to describe packages, compositions of packages, and the variability within packages

https://nixos.org/features.html

Nix is functional

• Nix is a purely functional package manager
• it treats packages like values in purely functional programming languages such as Haskell
  • they are built by functions that don’t have side-effects
  • they never change after they have been built
  • reproduceable packages

About NixOS

NixOS

• NixOS is a GNU/Linux distribution
  • build around the Nix package manager
  • declarative system configuration
  • reliable upgrades
  • atomic upgrades
  • rollbacks
  • reproducible system configurations
  • source-based, with binaries

https://nixos.org

NixOS - features

• X11/Wayland/Plasma/Gnome/i3/sway/…
• systemd
• all the popular software (emacs, vim, apache, nginx, postfix …)
• 40.000+ packages
• automatic hardware detection

About Home-Manager

Home-Manager: Nix for home directories

• a basic system for managing a user environment using the Nix package manager
• uses the Nix libraries found in Nixpkgs
• allows per user installation of packages without root permissions

https://nixos.wiki/wiki/Home_Manager

About Guix/GuixSD

Guix/GuixSD

• The GNU Guix package and system manager is a free software project by the GNU Project
  • its the GNU flavored fork of the Nix idea
• uses Scheme as the underlying configuration and declaration language
• GuixSD is the Guix System distribution - a GNU/Linux Linux distribution around Guix
  • GPLv3+ License

Starting with Nix

Installing Nix

• as a normal user with sudo privileges

$ sh <(curl -L https://nixos.org/nix/install)

• verify that the installation was successful

$ nix-shell -p nix-info --run "nix-info -m"

Installing from source

• Nix can be installed from source

$ git clone https://github.com/NixOS/nix
$ cd nix
$ ./bootstrap.sh
$ ./configure [options...]
$ make
$ sudo make install

Install Home-Manager (using Nix)

• my recommendation: install home-manager first and then manage all packages from there (declarative style)

nix-env -i home-manager

Exploring the Nix store

• all Nix related files are stored unter /nix
• Nix binaries and config files are symlinked into the user environment (search path)
• a Nix-System file system layout qcan look weird to old skool linux hackers

[root@nixos:~]# ls -l /usr
total 0
drwxr-xr-x 2 root root 17 Sep 11 20:54 bin

Nix/Home-Manager Workflow

Finding packages

• Search NixOS packages

nix search emacs

Install packages globally (NixOS)

• add package to /etc/nixos/configuration.nix

  environment.systemPackages = with pkgs; [                                                                                                                                   
    parted                                                                                                                                                                   
    emacs                                                                                                                                                                    
    gcc                                                                                                                                                                      
    gawk                                                                                                                                                                     
    [...]
    home-manager                                                                                                                                                             
  ];                                                                                                                                                                          
  

• next run nixos-rebuild switch

Install packages for a user (Home-Manager)

• add package to the users ~/.config/nixpkgs/home.nix

  { config, pkgs, ... }:
  {
    home.packages = with pkgs; [
        gtop
        unzip
        mc
        [...]
      ];
    };
  }
  

• then run home-manager switch as the user

Views on packages

• Nix/NixOS provides different views on the installed packages
  • all packages are located below the Nix store /nix/store/...
  • users have different packages linked into their environment

Declarative Configuration (OS)

• configuration for the Linux system and for applications can be done in declarative style
• Nix creates the configuration files

{
  boot.loader.grub.device = "/dev/sda";

  fileSystems."/".device = "/dev/sda1";

  services.sshd.enable = true;
}

Declarative Configuration (User Programs)

• declarative configuration works the same for user directories with the help of home-manager

services.gpg-agent = {
  enable = true;
  defaultCacheTtl = 1800;
  enableSshSupport = true;
};

Updating the system (NixOS)

• update the channel information

  # nix-channel --update
  

• rebuild the OS with updated packages

  nixos-rebuild switch --upgrade
  

Booting into different generations of the OS

• NixOS allows to select the generation of the local NixOS build at boot time
  • on regression, the user can boot an older version of the OS
• to make room, older versions can be grabage collected
  • manually with nix-collect-garbage
  • automatically on a trigger (storage free space threshold)

Nix Shell / Development environments

• the command nix-shell creates an ad-hoc environment
  • including the listed packages and derivations
  • the packages and environment is gone when the shell exits
  • great for development environments

$ fossil
-bash: fossil: command not found
$ nix-shell -p fossil
[nix-shell] $ fossil
Usage: fossil COMMAND ...
   or: fossil help           -- for a list of common commands
   or: fossil help COMMAND   -- for help with the named command

Commands and filenames may be passed on to fossil from a file
by using:

    fossil --args FILENAME ...

Learning Nix

• NixOS Manual
• NixOS Wiki
• Nix Pills
• NixOps - tool for deploying NixOS machines in a network or cloud
• Nix Developer Information

Next - NixCon

• Talks. Discussions. Hacking
• 16. - 17. October - ONLINE
• https://2020.nixcon.org

Questions? Discussion!

@cstrotm@mastodon.social

https://blog.defaultroutes.de (German)

Hands-On Nix

• Instructions: https://blog.defaultroutes.de/nixos/