I mean, it’s like a fucking drug. The learning curve is steep AF but past some point, when it starts making sense, it’s just incredible. I’m currently moving my whole setup to NixOS and I’m in love.
Even when using in a basic way, I think it has one very tangible advantage: the fact that you can “compartmentalize” different aspects of your configuration.
Let’s say I set up a specific web service that I want to put behind a reverse proxy, and it uses a specific folder that doesn’t exist yet, like Navidrome which is a web-based audio player. It requires a set of adjustments of different system parts. My nix file for it looks like this:
All settings related to the service are contained in a single file. Don’t want it anymore? Comment it out from my main configuration (or whereever it’s imported from) and most traces of it are gone, the exception being the folder that was created using systemd.tmpfiles. No manually deleting the link from sites-available or editing the list of domains for my certificate. The next generation will look like the service never existed.
And in my configuration, at least the port could be changed and everything would still work – I guess there is room for improvement, but this does what I want pretty well.
I’m still learning about available references (ex config.services.navidrome.settings.Port). What resources did you find to be the best for learning that kind of thing?
Well, a lot of it is just trying stuff out, but let’s say you want to setup Navidrome because you read about it somewhere. My first step is always to go to https://search.nixos.org/options? and search for it, it’ll show you the options available. If you want to know how it’s implemented under the hood, press the “Declared in” link where it shows you the source code of the module, this can sometimes be helpful.
Other than that, read the wiki for examples, and remember that nix is a full language and not just a configuration, so you can keep it flexible.
I mean, it’s like a fucking drug. The learning curve is steep AF but past some point, when it starts making sense, it’s just incredible. I’m currently moving my whole setup to NixOS and I’m in love.
Even when using in a basic way, I think it has one very tangible advantage: the fact that you can “compartmentalize” different aspects of your configuration.
Let’s say I set up a specific web service that I want to put behind a reverse proxy, and it uses a specific folder that doesn’t exist yet, like Navidrome which is a web-based audio player. It requires a set of adjustments of different system parts. My nix file for it looks like this:
{ config, ... }: let domain = "music." + toString config.networking.domain; in { services.navidrome = { enable = true; settings = { Address = "127.0.0.1"; Port = 4533; MusicFolder = "/srv/music"; BaseUrl = "https://" + domain; EnableSharing = true; Prometheus.Enabled = true; LogLevel = "debug"; ReverseProxyWhitelist = "127.0.0.1/32"; }; }; services.nginx = { upstreams = { navidrome = { servers = { "127.0.0.1:${toString config.services.navidrome.settings.Port}" = {}; }; }; }; }; services.nginx.virtualHosts."${domain}" = { onlySSL = true; useACMEHost = config.networking.domain; extraConfig = '' include ${./authelia/server.conf}; ''; locations."/" = { proxyPass = "http://navidrome"; recommendedProxySettings = false; extraConfig = '' include ${./authelia/proxy.conf}; include ${./authelia/location.conf}; ''; }; }; systemd.tmpfiles.settings."navidrome-music-dir"."${toString config.services.navidrome.settings.MusicFolder}" = { d = { user = "laser"; mode = "0755"; }; }; systemd.services.navidrome.serviceConfig.BindReadOnlyPaths = ["/run/systemd/resolve/stub-resolv.conf"]; security.acme.certs."${config.networking.domain}".extraDomainNames = [ "${domain}" ]; }All settings related to the service are contained in a single file. Don’t want it anymore? Comment it out from my main configuration (or whereever it’s imported from) and most traces of it are gone, the exception being the folder that was created using
systemd.tmpfiles. No manually deleting the link from sites-available or editing the list of domains for my certificate. The next generation will look like the service never existed.And in my configuration, at least the port could be changed and everything would still work – I guess there is room for improvement, but this does what I want pretty well.
Love the example here!
I’m still learning about available references (ex
config.services.navidrome.settings.Port). What resources did you find to be the best for learning that kind of thing?I’ll accept RTFM if that’s applicable :)
Well, a lot of it is just trying stuff out, but let’s say you want to setup Navidrome because you read about it somewhere. My first step is always to go to https://search.nixos.org/options? and search for it, it’ll show you the options available. If you want to know how it’s implemented under the hood, press the “Declared in” link where it shows you the source code of the module, this can sometimes be helpful.
Other than that, read the wiki for examples, and remember that nix is a full language and not just a configuration, so you can keep it flexible.