¶ NixOS
"NixOS is a free and open source Linux distribution based on the Nix package manager. NixOS uses an immutable design and an atomic update model. Its use of a declarative configuration system allows reproducibility and portability." - Wikipedia
Essentially NixOS allows you to define your system configuration via Nix, installing packages, declaring config files, etc.
(get it /etc?)
e.g. Need an SSH service on your device started on boot?
services.openssh.enable = true; Easy!
Our Git repo for nix defines our infrastructure and other custom nixpkgs: https://github.com/UWCS/nix (If Joel lets me make it publicly visible...)
¶ Short silly tutorial:
More info: https://nix.dev/tutorials/nix-language
¶ Writing NixOS Configs
The default read for nix files are default.nix, shell.nix (nix-shell) and flake.nix (Flakes will be explained later 
)
Imagine Nix as JSON + functions
# Hi im a comment!
{ config, lib, pkgs, ... }: # This is a function input (lambda), when using nixos you may want to pass these when using them or exclude it entirely if not
# ... declares other arguments as ignored
{
# This defines openssh service as enabled,
services.openssh.enable = true;
# it also does extra things as defined here
# https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/networking/ssh/sshd.nix#L548
# - Create SSH User, start service, manage auth files, etc
# As Nix is defined as attribute sets:
services = {
openssh = {
enable = true;
};
};
# This is exactly the same as the previous statement
environment.systemPackages = with pkgs; [
# CLI
git
htop
tmux
];
}
¶ Nix Itself
NixOS is not the only place nix can be used!
Nix itself is a package manager and can be used to define packages outside of NixOS.
e.g. want to install neofetch in a shell environment?
let
nixpkgs = fetchTarball "https://github.com/NixOS/nixpkgs/tarball/nixos-23.11";
pkgs = import nixpkgs { config = {}; overlays = []; };
in
pkgs.mkShellNoCC {
packages = with pkgs; [
neofetch
];
}
¶ Flakes
Flakes are an experimental feature that creates a lock file defining the urls that are downloaded and their hash, this make Nix even more reproducible and 'pure'.
As a side effect, (hehe get it functional and pure and 👻 SIDE EFFECTS 👻) This opens up the ability for people to share nix configurations such as custom packages or features https://flakehub.com/
We use Flakes primarily for ensuring verison management in nix without channels and to use things such as agenix for encrypted secrets on git, and disko for disk partitioning.
Extra info: https://serokell.io/blog/practical-nix-flakes
¶ External Links
- Awesome Nix - List of resources in the Nix Community
- MyNixOS - A service used to help create configurations for NixOS and Dev Shells
- deploy-rs - Multi-profile Nix-Flake Deployment tool for sysadmins
- nix-learning - List of Links to learning resources