Nix is so good when it works, when I read such posts I feel strongly compelled to use it. I also use it and maintaining build and system with Nix, especially on macOS is sometimes huge pain, unfortunately
Could you tell me more about how you’ve used it with macOS? I was planning to explore using it to provision some macs that we use for building an iOS app (and ideally also the dev environment, which we currently use docker for mostly). I imagine Xcode doesn’t play nicely with nix though…
You may take a look yourself at the repo while I will try to describe it below.
I use nix-darwin on top of nix installation to manage most of system settings and build.
I am not quite sure now, but I think, I remember having to do
xcode-select --install
, can’t quite remember if that was part of workaround for issues or part of normal process. Oh, and there were some discoverability issues with bin directories, I had to work around them by addingextraInit
tozsh
that includes binaries intoPATH
. This might be based on my poor skills in configuring everything, though.Some of the packages needed are installed from nixpkgs, but some are installed by brew based on
configuration.nix
so these have to be upgraded in brew and don’t get upgraded upon rebuild (it looks like the intended way would be to wipe them on each rebuild, but that would take longer)I develop in Rust, so I also use rust-overlay instead of
rustup
to manage Rust and nixpkgs-cross-overlay for cross-platform builds. Build scripts also create docker containers descripted with nix in our case.There were regular issues with Nix installation upon macOS updates, requiring me to either add back Nix to
zshrc
or completely reinstall it (the latter was not necessary, likely), but those seem to be fixed, as of now.I think you will have less trouble managing reproducible machines with Nix, but I also think that it will require a bit more than just copying config and running Nix. There will also be issues of installing some software and packages locally, that will allow the developers to break builds across the machines when one have something locally that other doesn’t, but this can be mitigated by processes and getting them acquainted with Nix, at least it did it with me 🌚
Thanks a lot for the pointers! Hoping to explore this in the next few months
Good luck 🍀
I use a similar thing with
btrfs
. Encypted Btrfs Root with Opt-in State on NixOSI use the community impermanence flake instead of ZFS or btrfs. It’s still fairly nice; I actually like knowing that stuff like
~/.cache
doesn’t persist anywhere on disk, even in snapshots. It does require a lot of careful thought, like e.g. which parts of the persistent disk need to be backed up locally.