this post was submitted on 07 Jul 2023
515 points (98.3% liked)

Asklemmy

43857 readers
1872 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 year ago (1 children)

Quick question: how do you handle updates?

To me NixOS seems like basically a replacement for any distro + Salt (or any other config management platform) + snapshots. The one thing I’m unsure about is patch/update management. Can that be automated?

[–] [email protected] 2 points 1 year ago (1 children)

Happy to answer!

Here's an example commit where I last updated my system packages. I've been on summer holiday so it's already been a month haha.

It's basically going into my dotfile/configuration repo, running nix flake update nixpkgs which bumps the lock file as seen in the commit and then running nixos-rebuild and committing it. A bit like bumping npm dependencies.

If something doesn't work, I just git reset the change and rebuild again, which is almost instant as all the previous packages are still stored on my system until I explicitly garbage collect them.

And if there's a kernel/driver issue I only catch after a reboot, I can just directly boot into the previous build straight from GRUB as nixos automatically manages the grub entries and keeps a history of previous builds.

Of course there's also sometimes cases where some package breaks but I'd don't want to postpone updating the whole system just because of that particular package. For those cases I also have a separate input named "nixpkgs-2111" that tracks the current stable branch of nixos. I can then explicitly configure the specific package to be built from that revision of the repo.

Another nice thing is that once I've bumped the system on my personal computer, I'll just pull the commit on my work laptop and run nixos-rebuild on that machine. This way I can guarantee that both the machines have exactly same software versions.

NixOS seems like basically a replacement for any distro + Salt (or any other config management platform) + snapshots

NixOS does accomplish those things. However it has also other benefits, such as running multiple versions of the same software simultaneously, guaranteed complete dependencies and the fact that upgrades and rollbacks are atomic. Immutability also ensures no state drift happens.

[–] [email protected] 1 points 1 year ago

Thanks so much for the detailed response! I’m still learning the basics, but to me this seems fascinating and potentially very powerful. My goal is to create a “playbook” or strategy I can use in production for, say, web hosting.

This is very novel, and as you noted, has powerful implications on how one manages their environment. I can see potential use cases for developers, researchers, web/app hosting and even plain old daily driver desktop/laptop use.