Nix same; same not different
0 likes19 views
The document discusses the potential future of computing with Nix, emphasizing its capacity for atomicity and reproducibility in software development through versioned snapshots. It critiques the limitations of traditional systems like Debian, advocating for a more consistent development and CI environment akin to 3D printing. Key tools mentioned include direnv for managing environment variables and lorri for monitoring and facilitating development environments.
![1:1:
— DirEnv - unclutter your .pro le
DIRENVDIRENV
[direnv] augments existing shells with a[direnv] augments existing shells with a
new feature that can load and unloadnew feature that can load and unload
environment variables depending onenvironment variables depending on
the current directory.the current directory.](https://image.slidesharecdn.com/nixsamesamenotdifferent-201126051209/85/Nix-same-same-not-different-9-320.jpg)
![shell.nix
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
buildInputs = [
pkgs.hello
# keep this line if you use bash
pkgs.bashInteractive
];
}](https://image.slidesharecdn.com/nixsamesamenotdifferent-201126051209/85/Nix-same-same-not-different-13-320.jpg)
![shell.nix
Update to latest SHA of Git Branches viaUpdate to latest SHA of Git Branches via
{ pkgs ? import ./nix }:
with pkgs;
mkShell rec
{
name = "impureEnv";
buildInputs = [ hello ];
}
niv update](https://image.slidesharecdn.com/nixsamesamenotdifferent-201126051209/85/Nix-same-same-not-different-17-320.jpg)
Nix same; same not different
- 1. NIXNIX SAME; SAMESAME; SAME NOTNOT DIFFERENTDIFFERENT @Keidrych Anton@Keidrych Anton
- 2. REMINDER:REMINDER: DEPENDENCY HELLDEPENDENCY HELL “When people stop valuing simplicity over complexity“When people stop valuing simplicity over complexity ~ Barbara Liskov”~ Barbara Liskov”
- 3. SOLVEDSOLVED via Atomicity / Transactionalityvia Atomicity / Transactionality via System Rollback / Versioningvia System Rollback / Versioning Provided Atomicity / Transactionality existsProvided Atomicity / Transactionality exists State of system is justState of system is just versioned snapshotsversioned snapshots Package manager = transition functionPackage manager = transition function betweenbetween snapshotssnapshots
- 4. WHY SO MUCH PAIN?WHY SO MUCH PAIN? Filesystem Hierarchy Standard (FHS) - via Linux -Filesystem Hierarchy Standard (FHS) - via Linux - fundamentally incompatible with reproducibilityfundamentally incompatible with reproducibility Version?Version? Libraries used?Libraries used? Flags during build?Flags during build?
- 5. NIXNIX “NIX can be the future of computing… if we can nd a“NIX can be the future of computing… if we can nd a better way to explain it ~ Burke Libbey”better way to explain it ~ Burke Libbey”
- 6. EXPLAININGEXPLAINING Maintenance / Upgrading a carMaintenance / Upgrading a car Debian et al: Working on your car in yourDebian et al: Working on your car in your own garage… results can varyown garage… results can vary NIX: 3D Printing a new car every timeNIX: 3D Printing a new car every time something changessomething changes
- 7. SDLC NIRVANASDLC NIRVANA Same Dev Environment for all DevelopersSame Dev Environment for all Developers Same CI Environment for all jobsSame CI Environment for all jobs Not Di erent Code Paths in ProductionNot Di erent Code Paths in Production &&&& CompliantCompliant12 Factor12 Factor GitOpsGitOps
- 8. SDLC NIRVANASDLC NIRVANA IsolateIsolate directorydirectory from OS via Shellfrom OS via Shell Install DependenciesInstall Dependencies BuildBuild RunRun Debug ToolingDebug Tooling Enable Development ModeEnable Development Mode
- 9. 1:1: — DirEnv - unclutter your .pro le DIRENVDIRENV [direnv] augments existing shells with a[direnv] augments existing shells with a new feature that can load and unloadnew feature that can load and unload environment variables depending onenvironment variables depending on the current directory.the current directory.
- 10. ENABLEENABLE viavia nix env i nixpkgs.direnvnix env i nixpkgs.direnv ~/.bashrc .envrc RunRun direnv allowdirenv allow rst time entering directoryrst time entering directory # Add as last shell manipulation at end of file eval "$(direnv hook bash)" use nix watch_file shell.nix
- 11. 2:2: Development replacement forDevelopment replacement for nix shellnix shell Tracks Global Nix Channel updatesTracks Global Nix Channel updates Protects directory from premature GarbageProtects directory from premature Garbage CollectionCollection Editor Integration via DirEnvEditor Integration via DirEnv LORRILORRI
- 12. ENABLEENABLE viavia nix env i lorrinix env i lorri Foreground:Foreground: lorri watchlorri watch Daemon:Daemon: services.lorri.enable = trueservices.lorri.enable = true lorri initlorri init
- 13. shell.nix { pkgs ? import <nixpkgs> {} }: pkgs.mkShell { buildInputs = [ pkgs.hello # keep this line if you use bash pkgs.bashInteractive ]; }
- 15. 3: DEPENDENCIES3: DEPENDENCIES Option(s)Option(s) Channels:Channels: nix channelnix channel - Users subscribe- Users subscribe to your/to your/nixpkgsnixpkgs latest published updateslatest published updates fetchX:fetchX: |||| Nix:Nix: - New World -- New World - stabilizingstabilizing -- Hermetic & reproducible evaluationHermetic & reproducible evaluation nivniv nix-wranglenix-wrangle Nix FlakesNix Flakes
- 16. FETCHXFETCHX /nix/default.nix let sources = import ./sources.nix; callPackage = (import sources.nixpkgs {}).callPackage; in import sources.nixpkgs { overlays = [ ( final: prev: { dockerTools = (import sources.pinnedDockerTools {}).docke k6 = prev.k6.overrideAttrs ( old: { name = "patched-k6-${old.version}"; src = sources.k6; } ); s6-overlay = sources.s6-overlay;
- 17. shell.nix Update to latest SHA of Git Branches viaUpdate to latest SHA of Git Branches via { pkgs ? import ./nix }: with pkgs; mkShell rec { name = "impureEnv"; buildInputs = [ hello ]; } niv update
- 18. SAME (NOT) SAMESAME (NOT) SAME Build:Build: nix buildnix build Run:Run: nix shell (execute binary)nix shell (execute binary) Debug Tooling: bundled viaDebug Tooling: bundled via shell.nixshell.nix Dev Mode: viaDev Mode: via direnv / lorridirenv / lorri Hermetic:Hermetic: maybemaybe
- 19. FLAKESFLAKES — https://github.com/NixOS/rfcs/pull/49 Flakes allow hermetic, reproducibleFlakes allow hermetic, reproducible evaluation of multi-repository Nixevaluation of multi-repository Nix projects; impose a discoverable,projects; impose a discoverable, standard structure on Nix projects; andstandard structure on Nix projects; and replace previous mechanisms such asreplace previous mechanisms such as Nix channels and the Nix search pathNix channels and the Nix search path
- 20. Runnable applicationsRunnable applications nix (name)nix (name) Tests stdout = stdoutTests stdout = stdout NixOS ModulesNixOS Modules CI Linked build to publish versionsCI Linked build to publish versions to Nix 1.xto Nix 1.x Cachix integratedCachix integrated BackportedBackported Flake UtilsFlake Utils
- 21. ake.nix Update to latest SHA of Git Branches viaUpdate to latest SHA of Git Branches via { description = "impureEnv"; inputs.flake-utils.url = "github:numtide/flake-utils"; inputs.nixpkgs.url = "github:NixOS/nixpkgs-channels?rev=72b9660 inputs.pinnedDockerTools.url = "github:xxxxx"; inputs.pinnedDockerTools.flake = false; # s6-overlay & k6 same process as dockerTools outputs = { self, nixpkgs, flake-utils }: let overlay = final: prev: { dockerTools = (import pinnedDockerTools {}).dockerTools; k6 = prev.k6.overrideAttrs ( old: { name = "patched-k6-${old.version}"; nix flake update --recreate-lock-file
- 22. SAME (NOT) SAMESAME (NOT) SAME Build:Build: nix buildnix build Run:Run: nix developnix develop Debug Tooling: bundled viaDebug Tooling: bundled via shell.nixshell.nix Dev Mode: viaDev Mode: via direnv / lorridirenv / lorri Hermetic: alwaysHermetic: always