Changed distro, again

When I was new to Linux, I settled on Debian unstable after trying some of the popular distros. Ironically it was so stable that I got bored and switched to Gentoo.

And for about a year, (since our infrastructure is largely consist of Debian on my workplace) I was using Debian again. And here I am, craving for another toy to play with.

I like to learn new stuff by getting my hands dirty, so I looked up for something new. I’ve dug Qubes, Bedrock, Solus and some other cool ones, but they were (respectively) too impractical, experimental or end-user oriented for my taste.

Enter NixOS

When I hear the term “functional”, I feel a somewhat disturbing tingling sensation, because that coding style is so alien to me (do you even haskell?). Yet I’ve started to test NixOS in a virtual environment to see what all this hype was about. Documentation is good and covers the basics for new users.

(Puppet, is that you?)

This is part of the configuration I managed to write to be able to use my Yubikey easily. I assume it’s clear enough to understand, even though it hurts the eye in the first sight a bit. There are thousands of options like these to help you to define the desired configuration.

Package not found, please install

Package management is also quite radical, at least for people like me who mostly used conventional package managers.

innixos ~ ~> which ssh
/run/current-system/sw/bin/ssh
innixos ~ ~> ls -la /run/current-system/sw/bin/ssh
lrwxrwxrwx 7 root root 65 Jan  1  1970 /run/current-system/sw/bin/ssh -> /nix/store/ai57h2yv51fs36pnjf7f1lzfjndpaj8s-openssh-7.7p1/bin/ssh*

Every package has a directory and all of them are staying in /nix/store, which is mounted as read-only filesystem. If anything changes in the spec file (a.k.a. derivation) of openssh package (e.g. I need to build it with package X enabled as build dependency), result is no longer the same package and it will be on another folder named `${unique_hash}-openssh-${version}`. This is where the *purity* comes from.

They have quite a few packages, but not everything. So I wanted to package something myself. Main collection and manual helps a lot, also the community was very friendly and helpful so far. Sometimes it’s enough to just open a new package request in the repository and someone will send you the derivation file. But I must say, even though (i think) I learned a lot, Nix is still a weird language for me.

Wait, is this an ecosystem?

So you have built-in configuration management, stable enough channels, reproducible builds, a continuous integration tool and such.. How can I use this on my servers?

I have tested and successfully deployed exactly same configuration of my local testing setup to VirtualBox and EC2 via NixOps. It’s relatively easy as long as you don’t mix the scopes of NixOS and NixOps.

While it has a learning curve which looks like an EKG result, the overall experience convinced me to use NixOS as my main operating system. I’m using it for few months now and hoping to learn enough to give back to the community a little by time.