check out the cheat sheet
outline
- setup (5m)
- nix-env package management (10m)
- nix-shell isolated environments (10m)
- NixOS declarative operating system configuration
- introduction (5m)
- service (5m)
- network (5m)
- user (5m)
- conclusion (5m)
setup
- download and install VirtualBox
- download NixOS VirtualBox appliance, double click, launch VM
- log in with
demo
/demo
- open a terminal, eg. on the bottom left corner of the screen, click the Launcher button β Applications β System β Terminal
- try running the
commands
below
nix-env
package management
- each user has a nix profile, pointing to the current user environment, that is a set of installed packages, managed via
nix-env
- only trusted channels are used by default, so updating the package lists is the only operation requiring root.
update package list | sudo nix-channel --update |
|
search | nix search hello |
also try search.nixos.org/packages |
install | nix-env -iA nixos.hello |
run it with hello |
uninstall | nix-env -e hello |
running hello fails |
rollback | nix-env --rollback |
hello is back |
nix-shell
isolated environments
- start a shell in an environment with some packages available, and run some commands in it:
nix-shell -p toilet
toilet NixOS
Ctrl+D
to exit nix-shelltoilet NixOS
fails
- start a shell with packages and run a command in it:
nix-shell -p toilet --run 'toilet --gay hello'
- try a python example
nix-shell
on its own will loaddefault.nix
orshell.nix
from the current directory, where you can define an environment for a project.
NixOS declarative operating system configuration
- edit
/etc/nixos/configuration.nix
- eg. add
services.openssh.enable = true;
before the last}
- eg. add
nixos-rebuild switch
to the new configurationnixos-option services.openssh.enable
to see the option's current value and documentation- find the option on search.nixos.org/options, click the result, click the link after "Declared in:" and see The Source
nixos-rebuild switch --rollback
to previous configuration
let's try a few configuration options:
service
services.openssh.enable = true;
- run
ssh demo@localhost
on the vm and log in withdemo
/demo
- run
- nginx
- go to http://localhost/status on the vm
- monit
- go to http://localhost:2812 on the vm, log in with
admin
/monit
- go to http://localhost:2812 on the vm, log in with
system
system.autoUpgrade.enable = true;
- don't forget to check the documentation search.nixos.org/options?query=autoupgrade
environment.systemPackages = [ pkgs.vim pkgs.cmatrix ];
- all users can run
cmatrix
- all users can run
user
- user.nix normal user
- user-sudo.nix with sudo
- user-sshkey.nix with ssh public key authentication
network
networking.hostName = "darkstar";
networking.firewall.allowedTCPPorts = [ 22 80 8000 ];
conclusion
- declarative - say what you want, not how to get there
- safe (atomic, rollback, isolated, consistent, hash-checked)
- reliable (deterministic, reproducible)
- fast (lazy, hash-based store, binary cache)
- great for repeatable builds and declarative operating system configuration