Logo

dev-resources.site

for different kinds of informations.

Nixpkgs: A community-maintained package lock file for all of Unix

Published at
8/16/2023
Categories
nixos
nix
nixpkgs
Author
avaq
Categories
3 categories in total
nixos
open
nix
open
nixpkgs
open
Author
4 person written this
avaq
open
Nixpkgs: A community-maintained package lock file for all of Unix

Disclaimer
I wrote this article a few years ago but never published it. A few things may be a little outdated (especially the lack of info on Nix Flakes), but it's still a nice little intro to Nixpkgs.

Meet Nix

Nix is the name of the programming language that the NixPkgs project is written in. NixPkgs can be thought of in a lot of ways; One of those ways is as a lazily evaluated, community-maintained, programmable package lock file for all of Unix. Let me explain:

A package lock file for all of Unix

Many programming languages come with their own package managers. For example, Node has npm, Python has pip, etc. When you write code that depends on some packages, you want to make sure that if someone else runs that code, they have the same packages at the same versions. This is where package lock files come in. They specify exactly which versions of which packages are needed to run some piece of code. For Node, that takes the form of package-lock.json, and for Python it's requirements.txt.

The NixPkgs repository is kind of like one of these package lock files, but huge: It specifies exactly which versions of which packages you need, for everything. Seriously; It's an effort to put pretty much everything in a single package lock file - kind of like the everything module for Node. But not just for Node, but for any software you'll find for any Unix system.

Alt Text

"But why would I ever install from this lock file?", you might ask, because you don't ever need "all the things". Well, as opposed to most lockfile formats, Nix lockfiles let you evaluate only part of it, making it so you only install one, or a few, of the packages it locks. It achieves this through lazy evaluation.

Lazily-evaluated

Some programming languages are evaluated eagerly (for example JavaScript), and some lazily (for example Haskell). Nix is of the latter sort. When I think about this difference, I usually think of it as the "order" in which the evaluator goes through the language. Take this JavaScript code, for example:

const one = 1;
const two = 2;

const added = one + two;
const multiplied = one * two;

const answer = multiplied + one;
Enter fullscreen mode Exit fullscreen mode

Here, the evaluation of the statements goes from top to bottom. First, the values of one and two are evaluated, then added and multiplied, and finally answer. If I end up only using the value of answer, then added will still have been evaluated even though it was not used to compute answer*.

A lazily evaluated programming language kind of evaluates in backwards order. For example, here's some similar code in Nix:

rec {
  one = 1;
  two = 2;

  added = one + two;
  multiplied = one * two;

  answer = multiplied + one;
}
Enter fullscreen mode Exit fullscreen mode

Here, if I ask for the value of answer, then the language will see that multiplied and one are needed, and when evaluating multiplied, it will see that one and two are needed, finally evaluating one and two, and completely skipping over added. The downside is that one may have been evaluated twice, because it was used in two distinct places*.

If we bring that back to our massive package lock file, we can see how this lazy evaluation strategy is helpful: Let's say we're just interested in the evaluation of a cowsay property, because we want a cow to tell us who we are:

$ cowsay $USER
 ______ 
< avaq >
 ------ 
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||
Enter fullscreen mode Exit fullscreen mode

Because of lazy evaluation, the thousands upon thousands of other properties in the giant lockfile don't need to be evaluated. Nix will start with the cowsay property, and traverse its dependency tree as needed.

* Let's pretend that neither programming language has any kind of optimizer in place, for the sake of illustration.

Programmable

Once you start maintaining a lockfile of this magnitude it becomes a little unwieldy. Luckily, Nix is a programming language, not just a data format. So it allows us to define functions, and create abstractions. These can then be used for things like customization of the lockfile, deriving development environments, deriving new lockfiles from existing ones, deriving entire operating systems from the lockfile, and much more.

Community Maintained

Instead of letting this package lock file be the result of a process that generates it from a smaller specification, the NixPkgs "lockfile" is manually created, maintained, and peer reviewed by a community of enthusiasts who each use their own slice of this lockfile to manage their package installations. Every change to it comes in the form of a pull-request, and every pull request is reviewed and exposed to a test suite.

As a result, you have more certainty (compared to a traditional lockfile which is updated automatically) that any given version of the lockfile will result in a valid installation of the software you want.

Using Nix

The NixPkgs project already defines some 80,000 Linux packages that can be installed through it. Nix can be easily installed using the Determinate Nix Installer on Linux and Mac. To learn more about Nix, check out the Learning Resources on nixos.com.

nixos Article's
30 articles in total
Favicon
How to Set Up Kanata on NixOS: A Step-by-Step Guide
Favicon
NixOS - A Unique Linux Distribution
Favicon
NixOS Full Disk Encryption with USB/SD-Card/Password Unlock
Favicon
Choosing my distro: Ubuntu, NixOS, Elementary OS or Pop!_OS
Favicon
Nix first steps
Favicon
OpenResty on NixOS for an API Gateway
Favicon
Why Consider NixOS for Your Environment?
Favicon
Managing NixOS on DigitalOcean with Colmena
Favicon
I Changed My Mind - NixOS is NOT the Best Linux
Favicon
Backup GitHub Repositories with gidek
Favicon
Packing Custom Fonts for NixOS
Favicon
Managing NixOS Secrets via SOPS, sops-nix and opsops
Favicon
Running NixOS Guests on QEMU
Favicon
Archiving PostgreSQL Backups on NixOS
Favicon
The Ultimate NixOS Homelab Guide - Flakes, Modules and Fail2Ban w/ Cloudflare
Favicon
The radical concept of NixOS and why I love it!
Favicon
The Ultimate NixOS Homelab Guide - The Install
Favicon
The One Man Stack
Favicon
I use NixOS for my home-server, and you should too!
Favicon
This distro finally fixes Linux
Favicon
Running a Terraria Dedicated Server on NixOS
Favicon
NixOS on Raspberry Pi 4 with Encrypted Filesystem
Favicon
Day 7: Uninstalling NixOS from my Macbook Pro
Favicon
Nixpkgs: A community-maintained package lock file for all of Unix
Favicon
Writing a (Nix-Friendly) Hello World Web App in Haskell with Scotty
Favicon
Kick the Mix-ups to the Curb: Nix the Tricks and Juggle Go Projects like a Pro
Favicon
Day 6: Making rEFInd Look Good
Favicon
Day 5: NixOS & Git - version control for config.nix
Favicon
Day 4: (Re)Installing NixOS on my Macbook Pro
Favicon
Day 3: Fighting with network interfaces

Featured ones: