-- Leo's gemini proxy
-- Connecting to bbs.geminispace.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini; charset=utf-8
I’ve read about NixOS and I like the idea of putting OS configuration in Git. But I’m not sold for the package management of NixOS, it seems like kind of wrapper for traditional Linux? I’m not fan of wrappers as they usually are lacking some functionality of wrapped environment or simplify things too much and lacks flexibility in result.
But is there anything preventing me from creating Git repository for whole /etc/? I’ve decided to test it on my Arch machine.
The main problem is that I’m tinkerer and sometimes I’m making real mess in configuration trying to figure how things works or testing few different packages. So, I really like lbu utility from Alpine Linux and I want something similar on rest of my computers.
Jan 09 · 4 months ago · 👍 zetamacs · 🤔 1
Looks can be very deceiving!
For starters, there is nothing preventing you from creating a whole repo for /etc, though one of the perks of NixOS is that you don't have to do this for the base system to be declaratively rebuilt. Your system configuration can be written in configuration.nix (check out home-manager for your user configuration as well).
However, let me say one thing more - Nix is not wrapping anything at all. It is a functional package manager that works in a fundamentally different way and produces some tantalizing benefits. Reproducible builds, atomic upgrades, and generation rollbacks are a big deal!
https://nixos.org/guides/how-nix-works
https://jorel.dev/NixOS4Noobs/print.html
@zetamacs I’m not understanding „not being wrapper” part. Let’s take nginx reading settings /etc/nginx/. It expects its configuration files residing here, or the NixOS team must severely patch nginx to read its configuration from NixOS’ scripts. In my understanding of the topic (I might be wrong) the nix package manager allow user to generate those files from a script. So NixOS is using a script to generate configuration files, which is in my understanding wrapping those configuration files. Or it does something else?
It does much more of course, but after some considerations I think that those features are a little bit overkill in my case (mere 3 machines).
If configuration management was all a person was after, GNU stow would be sufficient and you could forget about Nix. That's a tiny percentage of what people use it for. Reproducible build environments are where the action is.
Really though, check out those docs I linked and see what's possible, and why applying it to a whole system is pretty ingenious too.
@Aelspire it is a sort of wrapper. In reality many of the services simply have a config file field that acts as if you'd symlink it into /etc. Reasons to go beyond that and structure it, is that services can then reference each other's configuration, for example enabling nginx on some port can automatically check if nftables or iptables is in use and open ports in them if they are. Or you might want to have a server running that relies on other daemons, and a cron entry. One of the good powers here is that the system configuration becomes much more aware of what else is going on on the system, very simple to script and reproducible on multiple machines much more easily.
@michal_atlas Thanks for explanation. I’ve installed NixOS on VM (I don’t have spare real machine anymore) and experimenting with it. At this point I’m don’t even know what I don’t know, I’m reading articles posted by @zetamacs but haven’t yet managed to find enough time to digest it. But might spam some questions in NixOS’ subspace in future.
Experiment Results:
Don’t do that! Most of directories have 755 mode and owner root:root and most of files have 644 mode and the same ownership, but there are exceptions… and Git doesn’t store permissions except of executable bit. Guess how I found about it 😆
there are quite a few projects which basically act as git over /etc but do some extra magic exactly to solve these little issues.
for example
-- Response ended
-- Page fetched on Sun May 19 18:17:37 2024