a journal of interesting technical ideas . . . a journal of interesting technical ideas . . .
I’m a distro hopper. I’ve described some of the tools that support my dubious lifestyle in previous articles such as Distro Hopping in Style and Linux Install Script. That said, Pop! OS has been a very comfortable home for a year and a half. Pop! OS has pushed the envelope on fresh updates, it has been very stable, and my workflow on a 4K display meshes very well with their version of intelligent auto-tiling.
Ah, but there are always new ideas in the world and I’ve become very interested in immutable operating systems. Immutability just means that something doesn’t change over time and in the case of an OS, it means that that the OS and installed applications are isolated from each other and don’t share libraries. Immutable systems are atomic - changes can be rolled back without collatoral damage. These systems should be more reliable, since they eliminate some of the major issues in maintaining a linux system.
I’ve played a little with Fedora Silverblue which uses OSTree, Flatpak, and Podman to create this seperation. In my limited time with Silverblue, it felt interesting but not ready (and I think Fedora would say the same thing at this point).
I really took the plunge with NixOS. NixOS is built around the Nix package management system, which installs applications into a directory structure called the Nix store. Nix is declarative, meaning that your configuration file can specify (most of) your system. A by product of the declarative and atomic nature of Nix, is that I can share my configuration with you and you can apply it against a machine you own and build an identical environment. This is a critical point to the value of Nix - the development environment can be guaranteed to be identical to the production environment.
Nix is a declarative language for system state. Nix is also a package manager that can be used on existing Linux or Mac machines. NixOS is an operating system built and maintained by the Nix package manager using the Nix language. NixOS (https://nixos.org/) can be downloaded and installed as either a Gnome or KDE version (but it’s easy to switch between desktop environments).
When installation is finished you can edit the default configuration (/etc/nixos/configuration.nix) to customize your environment. NixOS comes pretty bare, so you’ll really need to add to it quickly. Nix packages are installed into the Nix store (/nix/store) and then made available to users via symlinks. This means that two users can install different versions of the same package and each will be put into the Nix store seperately and made available to the appropriate user. Configuration.nix is an ini-type text file, and applications are specified under environment.systemPackages. The example below adds Firefox and flameshot. A quick note - the camel case below is deliberate and Nix will throw errors if you leave it out.
environment.systemPackages = with pkgs; [
firefox
flameshot
];
Once the config is changed, run nixos-rebuild switch to apply the configuration and switch to the new environment. Nix will compare the current state to the desired state, realize that the difference is the Firefox package and install it. Each change is called a generation, and you can also apply a previous generation to roll-back to a previous state.
Applications can also be installed using nix-env. This functions more like apt and immediately installs. Actions managed via nix-env aren’t tracked as a generation and won’t be reproduced if you apply your configuration.nix file to another computer. Both methods pull from a git environment. Below is the command to install Firefox.
nix-env -i firefox
Nix repositories are just git compilations of instructions about how to build an app. Sometimes there is a binary package available as well. When you install an app, it checks the local store, then the binaries, then uses the build instructions if it has to. Nix can also install flatpaks.
Add a line to configuration.nix:
services.flatpak.enable = true;
then rebuild and add a flatpack repo:
sudo nixos-rebuild switch
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
I used this to install Obsidian.
flatpak install flathub md.obsidian.Obsidian
KDE on NixOS is pretty much like every other KDE installation. Most applications you want are easy to install, but commercial applications and less common ones may be problems. I had issues with VMWare Workstation and the drivers for my Brother printer. I switched to virtmanager for VMs, but I haven’t found a way to load the printer drivers. I have a collection of fonts from over the years and I’d like those installed via configuration.nix, but I had to install manually. It looks like I could do this if I had a local repo. I’d like to define shares (I use NFS or SSHFS internally) and - while I’ve seen examples that purport to do this - I haven’t been able to get that to work.
In short, you can’t assume that things will “just work” in the way they do in Fedora or Ubuntu. It’s worth noting that it took us years to reach that level of maturity and NixOS is developing quickly. NixOS is about 95% there as a daily driver, but that last five percent can be a killer. I have a spare laptop that I typically use when I’m sitting in the living room, trying to read email but still be around the family. It travels with me as well. It’s typically used for browsing, email, and those daily activities. NixOS is great on that machine, but it can’t print. I tried to install Obsidian on it and that became an adventure. It also seems like the Nix repos aren’t kept up to date (or possibly I’m updating wrong) because I’m seven versions behind on Firefox and about that on Thunderbird.
My Configuration.nix file is in a repo on Github for reference. I never felt like Nix was close enough to move my primary machine (it still runs Pop! OS). I think I’m going to reimage my laptop back to Pop! or Kubuntu, just because I don’t have the time for the various adventures Nix sends me on. Still, Nix has a definite vision and I believe it bears watching. It will be easy enough to re-install later when I have time simply by reapplying my config from Git.
I think Nix is currently a great option for cases where you need a defined and reproducable build, use standard parts (like nginx, bind, or mysql), and can tolerate not being on the “bleeding edge”. Sounds like the perfect server, right? I’ll definitely think of Nix for my next server build.