NixOS: much more than a Linux distribution...

[ThorBuildingLegos]

NixOS is a one of a kind. A proof of concept, a research project, a thesis in action. It is based around the nix package manager, which is a heavy-duty, multi-purpose installing, virtualization and building system. And what's more it reads something that's called nix expressions. These expressions are text files with variables and arrays that are incredibly easy to read and edit.

 

Nix is so insanely genius in concept alone that I just had to install NixOS. Not only does it use centralized, declarative and semantic configuration files, but it maintains a profile or path for the system and each user where the applications are kept based on a random has, package name and version. This means that several versions of the same package, different versions or with different options, can be installed independantly by each user. So if you want to setup a httpd and port 80 isn't taken: go nuts. No root privlidges needed and it will install as if it's installed on the system. To facilitate all this an applicatin called PatchELF had to be made, which patches the binaries to point towards their respective requirements, meaning that there won't be any confusion over which user has which version or build of a package.

 

Nixpkgs is something of a beaute, if you ask me. It's the collection of packages available (in a specific channel, visa vi stable, unstable and/or third party) in the form of abstract set of folders based on categorization or area of use, containing nix expression files that stipulate build/install process and requirements from other packages inside nixpkgs. When you update the channel you don't check every file (like RPM and DEB does it), the system merely downloads a single tarball and extracts it. The user can even traverse these folders and checkout the various packages and the options that come with them (though this can also easily be achieved using man configuration.nix).

 

Now here's the fun part:
The entirety of the system, the location of partitions, file system settings, encryption, networking, hardware (and kernel configuration), user creation, which packages are to be installed, what modules are to be loaded, what options are to be added to certain build and install proceses, clock settings, etc, etc, etc, and all through one file... in /etc/nixos called configuration.nix.

 

Yes, you read right. The entirety of the system can be configured by one single file. Did I also mention that the package manager is cross-platform? Visa vi it can be used to manage and maintain packages on for instance OS X and Windows.

 

As if that wasn't enough Hydra is a set of server applications that run on all widely available platforms (Linux, Windows, OS X and FreeBSD) to constantly check and failtest builds that have been submitted automatically. For someone who has struggled with software and productive environments this would be an INCREDIBLE timesaver when deploying new or upgraded software.

 

But hold on, there's more: using nixops you can deploy to Amazon cloud or VirtualBox cloud storage. Using Disnix you can setup a deployment network inside intranet.

 

And now you see why it isn't just an ordinary Linux distribution. It has enourmous potential to be a fantastic cross-platform management system, and on top of that: it's free...! And FOSS! So if you're a tech head, if you work within deployment and testing, I advice you to give this a try -- if for nothing else a curiosity case

 

Me? I've been trying actively to add to the project, by way of wiki. I also have grand plans and my grandest of tech fantasies which can now be fulfilled thanks to this grand set of tools.

 

Let me know what you think!

[xXxYOLOxSWAGxXx_420BlazeIt]

Puppet already does this and it is already widely used in some very large corporations.

[faftek]

Although this central configuration sounds good... I'm REALLY REALLY REALLY worried even a small bug could lead to someone getting access, changing a partition, and oops there goes your OS

[xXxYOLOxSWAGxXx_420BlazeIt]

Although this central configuration sounds good... I'm REALLY REALLY REALLY worried even a small bug could lead to someone getting access, changing a partition, and oops there goes your OS

Yes, this as well.

 

I really dont see the point in doing this since Puppet will do the same thing when used in a single node setup (and is actually useful), and is widely used in production by hundreds of companies.

 

Why change something that isnt broken?

[ThorBuildingLegos]

@faftek:

The configuration file needs to be built using nixos-rebuild, which requires root access. You then run "nixos-rebuild switch" to switch generations upwards (or make a new system path, so to speak). You can also do "nixos-rebuild test" to test a global configuration within a virtualized sandbox. So it's quite safe and secure, actually. Much more safe and secure than say Ubuntu or Windows, or OS X IMHO.

 

@xXxYOLOxSWAGxXx_420BlazeIt

No... no it isn't. First of all to get access to Windows platforms using Puppet you need the enterprise version, which I guess you can get via CentOS or some other enterprise level distro. However...

 

Puppet is so much less in concept than NixOS. Remember that NixOS is comprised by a series of tools (the central being nix) and proceedures to facilitate testing of production environments automatically, as well as providing computational methods of testing and comparing tests automatically on the Hydra servers, which makes bug hunting easier, as Hydra can also simulate hardware specific conditions.

 

On top of this NixOS is FOSS. Puppet is NOT FOSS. Also what's wrong with a little healthy competition? Or an alternative that's pretty amazing in it's scope.

 

I think you didn't take the time to read anything about Nix(OS) and I think you really should before making such a facetious statement. There are tons of documentation ready for your browsing, as well as many other articles depicting not only the subtle differences between NixOS and puppet, but also the incredibly huge ones. Technically I can't use either Puppet or NixOS in deployment environments because of the standards within my government that makes businesses rely on Cisco and Active Directory. But NixOS has the potential to challange Microsofts domain on deployment, like local intranet management of computers and facilitating upgrade testing before deployment via automatic server processes for each individual platform at hand, a task which puppet is clearly  underqualified for. You can use Puppet Enterprise to attain some leeway using Windows built in deployment services, as well as Windows Azure deployment services, but that is again just using local services.

 

Nix is built specifically to be cross-platform, to virtualize paths based on necessity and requirements, to test submissions in to a public package repository via a heavy-duty, pedantic failtesting service. Deployment is but icing on the cake.

 

I can upgrade my entire system by doing "nixos-rebuild switch --upgrade", but if I just want to see if it works I can do "nixos-rebuild test --upgrade". There are many, MANY other commands that help you manipulate paths, system environments, nix packages, nixos specific system functions, etc.

 

And again: NixOS is much more than Linux. I'm hoping that I can help facilitate a packaging and testing process that coincides with Norwegian law and protocol. This way I can install packages across a network, no matter what OS the client/server is running. And again: FOSS.

 

Don't be afraid of the FOSS :>

 

Also: did you know they built PatchELF, an executable patcher, just for nix? What it does is basically change the RPATH on the ELF interpreter so that the executable looks for dynamic libraries where specified. Meaning we no longer use /usr/share, /usr/lib, etc. Everything is stored in /nix/store/987weq987e9nqw8e-packageName -- which is also where all the individual profiles are kept, in form of paths (and no; you can't directly access them all, not even as root).