Why Choose Nix for Package Management?

Time saved with Nix > time spent learning Nix: T or F?
- 8 min read
Why Choose Nix for Package Management?
Why Nix?

I'm a Nix newbie. You should learn Nix, they told me. It’s a really, really good option for package management under Linux and Mac. I’m not that easy to convince. Why should it be better than just using apt or dpkg? Or setting up a Docker environment? And as for using NixOS as an operating system, why would you want to do that?

But yes, I'm now convinced. Why?

In this article, I'll take you through some of the points that sold me on Nix and NixOS. Bear in mind that I'm not (yet) a Nix guru, so this won't be a highly technical article. You won’t learn much about the innards of Nix — this is, essentially, an outsider's point of view.

But first, for those who don't already know - what exactly is Nix? And what is NixOS?

Nix and NixOS

What is Nix? And NixOS?

Nix is a package manager for Linux and Mac, but it uses a different approach to conventional tools like apt  and dpkg.  More about that later. NixOS, on the other hand is a Linux distribution, with features especially attractive to Nix users. At this point, let's just say that if you're sold on Nix, you'll want to go the whole way and try NixOS.

Why is Nix Different?

In Linux, packages are installed in a common bin directory. If you have more than one version of a piece of software —  for example a live version and a test version — it becomes complicated. You have to be very careful when specifying dependencies and setting environment variables.

With Nix, each package is defined declaratively, complete with its dependencies, and is held in the Nix store ( /nix/store ). Each package definition, including a description of its dependencies, is described using the Nix configuration language. According to the official website, this makes all packages

  • Reproducible
  • Declarative
  • Reliable

Other characteristics of Nix include:

  • Packages are built and stored in isolation. Because of this, it’s possible to use different versions of any software, without the danger of one version overwriting another.
  • Nix retains information to allow you to easily roll back or roll forward between generations of a package. In NixOS, this also applies to the system as a whole.
  • NixOS configurations are modular.

Sounds great — but does this really add up to enough advantages to make it worthwhile learning Nix? Nix has a notoriously steep learning curve (although a revision of the documentation is currently underway, and this should help solve the problem!) So, since time is money, Nix had better be good if it's worth my while to spend time learning it. But is it?

To find out, I spoke to some of the Numtide team to ask why they use it, and why they would recommend it to others. Let's have a look at the features I’ve mentioned, and what experienced Nix users have to say about them.

From the Numtide Team

Nix =  reproducibility

To me, the main advantage is reproducibility. I describe the system I would like to have: these technologies and these programs. I can then easily recreate the identical system anywhere, any time. If I have a system crash and need to reinstall, it's all there. I don't have to remember what I had and reconstruct it. I can also share this environment with another team member, knowing it will work in exactly the same way” — Aldo

I think this is really, really cool. If you've spent as many hours as I have over the years trying to make a new machine work the same way as an old one, you'll love this!

“If I build a pipeline for CI/CD (Continuous Integration/Continuous Deployment) I know that if it works on my machine, it will also work on the remote. The final builds will be identical to the local build”  — Antony

So no more scratching my head when my software doesn’t work on the client's machine? No more trying to track down an elusive dependency? With Nix, if I get it right at the beginning, it will work anywhere? I like that! I like it a lot.

“Outside of Nix, the current state-of-the-art tools used to manage infrastructure have limitations. I've always been afraid of pressing the button to activate a new deployment. With Nix, if it worked before, it will work again. Reproducibility is guaranteed” — David

“It's very easy to replicate an exact set-up. Reverting or upgrading then becomes very low-cost” — Dragan

Yeah, this could save me a lot of time and stress.

“You can describe the particular tool or developer environment once and have it available everywhere. You can be confident that if you come back even years later, it will work in the same way.

This also applies to machine configurations. You can be sure everyone is working on the same thing.

And if you're having problems figuring out why your build fails, it's easy for someone else to reproduce the issue and investigate it” — Florian

“For me, the main advantage is immutability. If you follow the same process, you will always have the same state. If you get it correct once, you can reproduce it anywhere. If you have different architecture, different conditions, different operating system, it doesn't matter. It will just work”. — Jeff

“When you're working with someone else, you can easily reproduce the exact environment. This often happens in the research field, where you take someone's idea and develop it further.” — Jorg

“I first got involved with Nix when my team grew, and we had issues with everyone having a different environment. With Nix, everyone's working on an identical environment.

When it works on test, I know it will work in production.

Recreating a system is easy. It's like magic. It's exactly the same system for all intents and purposes as what you had running before.” —  Samuel

Nix is declarative

In Nix, everything is specified in the declarative Nix language.  You configure exactly what’s needed for each package. And with NixOS, this applies to the system as a whole. Why is this an advantage? Again, let’s go to the Nix community for answers.

“With NixOS, I'm able to have a record of the configuration I used to build my machine. I don't have to remember each step if I need to rebuild, and I won't end up with a different state. I can also re-use most of the configuration when I need to build something different.

I can easily automate the deployment of both software and infrastructure.

In NixOS, you know you have exactly what you specified, and nothing else. You can easily investigate it, prune it and tune it until you're happy.” — Antony

“As an example: I bought a new laptop. It was blank and needed to be set up. The normal scenario would be:

  • Manually install an operating system
  • Copy in a backup of the configuration files
  • Spend several hours tweaking.

With NixOS, I spent half an hour on my desktop tweaking existing Nix configurations, and pulling in standard configurations for the hardware. I applied this to the new machine, and within five minutes, the laptop looked and worked just like the desktop.

It shortcuts a lot of stuff. You express everything in a standard way, and there are modules for the vast majority of what you would want to install and how. If you're fluent in Nix, you can do this very quickly. More importantly, you can effortlessly reinstall things as they were before.

It's easy to adapt for a variety of different platforms, including virtual machines.” — Brian

“It's way more portable than any other deployment tool. An organisation seldom has a whole fleet of identical machines: they will all be different. With Nix, you can have a single repo that describes all the machines, and it all just works together.” — Jorg

“With Nix, you have an isolated environment. Instead of having to do lots of steps to set up an application, you can simply take a configuration file and use a single command.

With NixOS, you define the whole system in your configuration. You don't need to look at the machine itself to know what it's doing; it's all there in the configuration.” — Lassulus

“If you have everything in Nix, then all of your configuration is just one big data structure that describes everything.

This makes it a lot easier to understand.” — Vincent

All of that is pretty cool. You can pre-configure things, and easily tweak and reuse those configurations in different situations. And you always know exactly where to look if you’re investigating how something is set up. But here’s the really good part:

“Whether it's software or hardware configuration, Nix is declarative. Everything is defined in a configuration. This means that you can use version control software such as Github to store your configurations, and be able to track the history of any changes. If something no longer works, you can see exactly what was changed, when and by whom. It's then simple to revert to an earlier version while you debug the changes. This advantage scales up from a single laptop to an entire cluster of servers.” — Ramses

For me, this was the moment when I said, "Yes! Bring on Nix!" As a software developer and troubleshooter, I've spent far too many hours trying to find out who changed what when a system is broken. And because many organisations turn this situation into a blame game and witch hunt, nobody will admit to having changed anything.

With Nix, it's all there in the git history, and you can quietly revert to something that works while you fix the problem. To me, that definitely makes it worth spending the time to learn and implement Nix.

Nix is reliable

“Nix is a new way to compose software together. The industry is building more and more software on top of other software, like a tower, and that tower can get wobbly! Nix is like the scaffolding: it's a solid structure that connects all the software together. You can build more layers of software reliably, without the danger of your tower falling over. Each structure has its own location, instead of throwing everything together in a central bin directory.”— Jonas

How many times have you, or a colleague, complained that it all worked until you installed x, y or z? This won’t happen with Nix. You can install whatever you like, and what you had before will keep right on working.

Nix packages are built and stored in isolation

In Nix, each package is stored in a predefined isolated environment. What does this mean in practice?

“You can have different people doing different stuff, and they don't collide. You can have people working on different versions and different applications, and they don't stand on each other's feet.” — Jorg

“I do enjoy the simplicity of setting up a development environment with Nix.

It allows separation between your development environment and production environment. I don't want to dirty up my production system with development tools. I used to use virtual machines or Docker, but those are quite resource hungry.” — Matjaz

Nix roll back / roll forward facility

Both Nix and NixOS keep several generations of configurations, and allow you to roll back or roll forward at any time.

“In Unix/Linux, there is no efficient way of monitoring the configuration state before a change was made, and you can't revert to what was there before.” — Antony

“Rolling back is easy.” — Samuel

NixOS configurations are modular

“Because it's modular, you can overwrite and merge any kind of service that you want, and it will all work together.” - Jorg

Is Learning Nix Worthwhile?

Whenever you consider learning a new tool, you need to evaluate whether the time the tool will save you in the future is more than the time you'll take to gain the necessary skills.

In my opinion, this equation is definitely correct!

future_time_saved_with_nix > time_taken_to_learn_nix = true;
  • No more trying to figure out who changed what when a system breaks
  • No more hours wasted in setting up the software I need on a new machine
  • No more figuring out why the software works on these machines and not those.
  • No more making sure a new member of the team has exactly the same software versions as everyone else

So I'll wrap up this article, because I'm off to up my Nix skills. Thanks for reading!